CompTIA Cloud+ Practice Test

Why might an administrator no longer be receiving alerting messages from a newly failed over web server?

• A. Port 21 is only allowed inbound at the primary datacenter.
• B. Port 22 to the log server is blocked outbound.
• C. Port 162 in DMZ is blocked inbound.
• D. Port 162 in DMZ is blocked outbound.

The correct answer is: Port 22 to the log server is blocked outbound.

The correct answer focuses on the scenario involving port 22 to the log server being blocked outbound. If an administrator is not receiving alerting messages from a newly failed over web server, it's crucial to consider the pathways through which alert messages are sent. Port 22 is commonly used for Secure Shell (SSH) connections, which might be the protocol used by the web server to transmit log data or alerts securely back to the log server. If outbound traffic to the log server on this port is blocked, the web server will be unable to send its logs or alert messages to the administrator's monitoring tool. Consequently, this disruption in communication would result in missed alerts regarding the server's status. In contrast, other options reference different ports and scenarios. For instance, port 21 pertains to FTP and blocking it would not directly affect the alerting mechanism commonly set up on web servers. Port 162, typically used for SNMP traps, could be relevant but only if the server is configured to use SNMP for sending alerts. If that were the case, the implications would be dependent on whether the messaging was blocked inbound or outbound. The critical aspect here is understanding how the failing over server communicates its state and the role of network port accessibility in that communication.