Free CrowdStrike CCCS-203b Actual Exam Questions - Question 4 Discussion
high-risk practice that should be flagged for remediation?
Maybe D is a good security step, but it’s not a misconfiguration or a risk on its own—it’s actually protective. A and C are positive controls that reduce risk, so they’re unlikely to be flagged. B stands out because leaving port 22 wide open basically invites brute force attacks and unauthorized access. Even if you have monitoring, the open port itself is a clear misconfiguration. So yeah, B is definitely the risky setup that needs fixing here.
It’s B, open port 22 is a straight-up invite for attackers.
B, because open SSH access without restrictions is a massive security risk.
B/D? B is obviously risky with open SSH access, but D is also crucial since without MFA, admin accounts are vulnerable to compromise. Both seem like high-risk if not handled properly.
Totally agree, option B is risky because port 22 is a prime target for attacks if left open to everyone. The others are actually good controls, so B stands out clearly here. B
Option B sticks out because open access to port 22 is basically leaving the door wide open for attackers to try brute force or other exploits. The other choices are solid security measures—controlling traffic (A), using RBAC (C), and enforcing MFA (D) all help reduce risk rather than increase it. Definitely seems like B is the clear risky misconfiguration here.
I'm leaning towards B here. Allowing unrestricted inbound traffic on port 22 (SSH) is a classic high-risk setup that can lead to unauthorized access. The other options seem like good security practices. Does anyone else agree?