Ace the CompTIA CySA+ Challenge 2025 – Unleash Your Cyber Skills Today!

The ideal ACL entry to prevent access on a specific port involves actively blocking the unauthorized service detected on that port. By using a "DENY" statement specifically for TCP traffic on port 3389, which is commonly associated with Remote Desktop Protocol (RDP), the entry prevents any TCP traffic from reaching the host at the specified IP address.

This configuration is crucial because it ensures that no legitimate or unauthorized users can establish a TCP connection to the service running on that port. TCP is a connection-oriented protocol, and by specifying the usage of TCP with a "DENY" action, the rule effectively stops any attempts to communicate over that port with the defined source.

While the other entries provide a range of options, they either apply to different protocols (like UDP), lack specificity (e.g., using "BLOCK IP" without differentiating between protocols), or are simply allowing traffic instead of denying it. The denial of TCP traffic on port 3389 ensures maximum security by closing off that entry point on the network, making it the most effective choice in this context.