A Linux server is running a log collector that needs to be hardened. A network administrator executes netstat to find open ports on the server. Which of the following ports should be disabled?
Correct Answer: B
Comprehensive and Detailed Explanation (aligned to N10-009):
For a log collector server, the primary needed service is Syslog, which typically uses UDP port 514. Other ports may be open for management (e.g., 22 for SSH) or SNMP traps (162) if integrated. However, port 80 (HTTP) should not be open unless required, as it increases attack surface and does not directly serve the log collection purpose. Disabling it hardens the server.
A). 22 (SSH) is needed for secure management.
C). 162 (SNMP trap) may be required for monitoring/log correlation.
D). 514 (Syslog) is essential for log collection.
References (CompTIA Network+ N10-009):
Domain: Network Security - Hardening servers, disabling unnecessary services and ports.