Port 22 is commonly used for which protocol, and why is it important in pentests?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the eLearnSecurity Junior Penetration Tester exam with our comprehensive quiz platform. Improve your skills with multiple-choice questions, detailed explanations, and exam tips. Get exam ready with ease!

Multiple Choice

Port 22 is commonly used for which protocol, and why is it important in pentests?

Explanation:
Port 22 is the standard port for SSH, the protocol used for secure remote login to systems. In a pentest, SSH is a prime target because it’s often exposed to the internet and frequently misconfigured. Attackers commonly perform credential guessing against SSH since a successful login grants remote access to the machine. Misconfigurations are also common, such as allowing password-based authentication when key-based login should be used, permitting root logins, weak or outdated cipher suites, or running an older OpenSSH version with known flaws. These realities make port 22 a key focus for assessing potential entry points, hence its significance in pentests. Other statements don’t fit because SSH isn’t always correctly configured by default, password authentication is still used on many systems, and port 22 is often accessible from the internet rather than rarely exposed.

Port 22 is the standard port for SSH, the protocol used for secure remote login to systems. In a pentest, SSH is a prime target because it’s often exposed to the internet and frequently misconfigured. Attackers commonly perform credential guessing against SSH since a successful login grants remote access to the machine. Misconfigurations are also common, such as allowing password-based authentication when key-based login should be used, permitting root logins, weak or outdated cipher suites, or running an older OpenSSH version with known flaws. These realities make port 22 a key focus for assessing potential entry points, hence its significance in pentests. Other statements don’t fit because SSH isn’t always correctly configured by default, password authentication is still used on many systems, and port 22 is often accessible from the internet rather than rarely exposed.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy