A security analyst is reviewing firewall logs while investigating a compromised web server. The following
ports appear in the log:
22, 25, 445, 1433, 3128, 3389, 6667
Which of the following protocols was used to access the server remotely?

A.
LDAP

B.
HTTP

C.
RDP

D.
HTTPS

Explanation:
RDP uses TCP port 3389.
Incorrect Answers:
A: LDAP operates over TCP ports 636 and 389.
B: HTTP uses TCP port 80 or TCP port 8080.
D: HTTPS uses TCP port 443 (or TCP port 80 in some configurations of TLS).

Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 23, 55, 56