PrepAway - Latest Free Exam Questions & Answers

Which of the following should the analyst implement to …

A security analyst is hardening a server with the directory services role installed. The analyst must ensure LDAP traffic cannot be monitored or sniffed and maintains compatibility with LDAP clients.
Which of the following should the analyst implement to meet these requirements? (Select two.)

PrepAway - Latest Free Exam Questions & Answers

A.
Generate an X.509-compliant certificate that is signed by a trusted CA.

B.
Install and configure an SSH tunnel on the LDAP server.

C.
Ensure port 389 is open between the clients and the servers using the communication.

D.
Ensure port 636 is open between the clients and the servers using the communication.

E.
Remote the LDAP directory service role from the server.

PrepAway - Latest Free Exam Questions & Answers

5 Comments on “Which of the following should the analyst implement to …

  1. meac says:

    – LDAP uses port 389
    – LDAPS uses port 636

    So I still must use LDAP, yet this protocol must be “hardened”.
    This means that I must use LDAP over TLS/SSL, which as seen is LDAPS.

    An SSL-encrypted LDAP integration (LDAPS) communicates over TCP on port 636 by default, This communication channel requires a certificate.
    The certificate required is in fact the X.509 certificate.
    So the answer is A & D




    7



    0

Leave a Reply