2.1 TCP and UDP ports Flashcards
Compare and contrast TCP and UDP ports, protocols , and their purposes
What network protocol is obsolete and should be disabled on most networks as it poses a significant security risk?
-TCP/UDP
-FTP
-SMB
-NetBios
NetBIOS
*NetBIOS is obsolete and only required if the network must support file sharing for Windows versions earlier than Windows 2000.
~Server Message Block (SMB) is the application protocol underpinning file and printer sharing on modern Windows networks running directly over the TCP/445 port.
~Modern networks use IP, TCP/UDP, DHCP, and DNS to establish the basic addressing and forwarding functions for network connectivity, transport functions, user-level services, web browsing, or file sharing.
~The File Transfer Protocol (FTP) allows a client to upload/download files from an active network server, upload files to websites, and transfer data in “active” mode or a server-assigned port in “passive” mode.
A server administrator is joining a new startup business that will perform outsourced IT management for client firms. The administrator is to configure a web server to run on Linux, accept remote terminal connections from clients without using passwords, and encrypt terminal emulations. What can the administrator use to achieve this? (Select all that apply.)
-Secure File Transfer Protocol (SFTP)
-File Transfer Protocol (FTP)
-Secure Shell (SSH)
-OpenSSH
Secure Shell (SSH) & OpenSSH
*A Secure Shell (SSH) connection is the principal means of obtaining secure remote access to UNIX and Linux servers and to most types of network appliances (switches, routers, and firewalls).
*The most widely used SSH is OpenSSH. Therefore, a common secure shell connection is considered OpenSSH.
~Including encrypted terminal emulations, SFTP can use SSH to achieve many other network configurations. However, it is not the principal means of obtaining a secure connection to another system.
~An SSH server listens on port TCP/22 by default, which is the next port after FTP ports 20 & 21, used by the unsecure File Transfer Protocol (FTP). However, it is not the principal means of obtaining a secure connection.
The network administrator is configuring a network attached storage (NAS) appliance. What file sharing protocol should the administrator use to allow access to Windows, Linux, and Apple macOS clients?
-Server Message Block (SMB)
-Lightweight Directory Access Protocol (LDAP)
-Simple Network Management Protocol (SNMP)
-File Transfer Protocol (FTP)
Server Message Block (SMB)
*The Server Message Block (SMB) protocol that implements Windows File/Printer Sharing is specifically for use on local networks only. Therefore, allowing access from the internet would be a security risk.
~The network administrator could implement a file server or file share protocol using TCP/IP protocols, like File Transfer Protocol (FTP), but it only allows a client to upload and download files from a network server and websites.
~The Simple Network Management Protocol (SNMP) provides a means for devices to report operational statistics to a management server, not for file sharing.
~The Lightweight Directory Access Protocol (LDAP) is a TCP/IP protocol used only to query and update an X.500 directory.
When advising a company on configuring systems, the administrator wants to provide better information about network device status and how to monitor them in a client manual. Which of the following is the correct protocol that maintains a database containing statistics related to the activity of devices for review?
-SNMP
-IMAP
-POP3
-DHCP
SNMP
*The Simple Network Management Protocol (SNMP) is a framework for the management and monitoring of network devices. SNMP requires a Syslog agent that maintains a management information base (MIB) database. MIB holds statistics relating to the activity of the device.
~The Internet Message Access Protocol (IMAP) is an unsecure mail retrieval protocol using Transport Layer Security (TLS) and is unnecessary for network monitoring.
~The Post Office Protocol (POP) is an early example of a mailbox access protocol and is not involved in network management or monitoring.
~While a Dynamic Host Configuration Protocol (DHCP) server connects other compatible devices, it is only running to allocate a valid IP address to the computer from the device and does not function as a network monitoring device.
As an alternative to static configuration, wired and wireless hosts can receive their IP address, subnet mask, default gateway, and DNS server addresses from which protocol? (Select all that apply.)
-DSL
-DHCP
-PXE
-APIPA
DHCP & APIPA
*Host servers have a failover mechanism when an IP configuration specifies the use of a Dynamic Host Configuration Protocol (DHCP) server, but the host cannot contact one.
*Windows machines will default to automatic private IP addressing (APIPA) if the DHCP service fails or if there is some connectivity error.
~A digital subscriber line (DSL) provides fast downlinks but slow uplinks. A DSL modem might be provisioned as a separate device or be embedded as a function of a small office home office (SOHO) router but is not a protocol.
~A Preboot eXecution Environment (PXE) is firmware and a network adapter supporting boot options. The client uses a DHCP server to locate a suitably configured server to start the setup process.
A client connects to an IMAP server over port TCP/143, but this port is unsecure. Instead, the client wants a secure connection established using Transport Layer Security (TLS). What is the default port for the secure POP3/IMAP?
-TCP port 80 or 443
-TCP 25 or 587
-TCP 143 or 110
-TCP port 993 or 995
TCP port 993 or 995
*The default ports for a secure connection are either transport control protocol (TCP) port 993 (IMAPS) or 995 (POP3S), depending on the mail access protocol in use (IMAP or POP).
~By default, the unsecure ports are TCP port 143 for IMAPS and TCP port 110 for POP3.
~Port 25 is for Simple Mail Transfer Protocol (STMP) to send mail between servers and is not secure. Clients often use Port 587 to submit messages for delivery by an SMTP server.
~The HTTP application uses the unencrypted TCP port 80. The secure version, HTTPS, encrypts traffic between the client and the server, sent over port TCP/443 by default.
A client wishes to upload and download a few files from the network server. The client wants to upload some of the files to a website. Which ports would establish an active connection? (Select all that apply.)
-TCP/20
-TCP/443
-TCP/21
-TCP/80
TCP/20 & TCP/21
*File transfer protocol (FTP) is associated with Transfer Control Protocol/20 (TCP/20) to transfer data in active mode or a server-assigned port in passive mode.
*FTP is associated with the use of Transfer Control Protocol/21 (TCP/21) to establish a connection.
~When using a secure transport layer (TLS), the client connects to an HTTP server using port TCP/80 (by default). It is possible, in theory, to apply Secure Sockets Layer/Transport Layer Security (SSL/TLS) to port TCP/80, but most browsers would not support this configuration.
~When using transport layer security (TLS) with the HTTP application, it is known as HTTPS. HTTPS uses port TCP/443 by default.
Authentication, authorization, and accounting (AAA) allows switches and access points to hold directory information to authenticate clients as they connect to the network. Which protocol would the AAA server use if it wanted to communicate with the directory service?
-DHCP
-SMB/CIFS
-SNMP
-LDAP
LDAP
*The AAA server uses Lightweight Directory Access Protocol (LDAP) to communicate with the directory service (Active Directory) from an access point with no configured user account credentials, and it cannot decrypt any authentication traffic.
~The Simple Network Management Protocol (SNMP) provides a means for devices to report operational statistics to a management server, but it does not communicate with the directory service.
~Server Message Block (SMB) or Common Internet File System (CIFS) is the application protocol underpinning file and printer sharing on Windows networks and does not communicate with the directory service.
~The Dynamic Host Configuration Protocol (DHCP) uses broadcast addressing, which means that it must use User Datagram Protocol (UDP) at the transport layer and does not communicate with the directory service.
A top-level domain (i.e., .com) falsely represents the top of the Domain Name System (DNS) hierarchy. Why is this considered false?
-The DNS uses root servers at the hierarchy top, represented by a trailing dot at the end of a fully qualified domain name (FQDN), ensuring a unique host name.
-The name server hosting the domain is a static configuration as the primary DNS server entry in the IP configuration of local clients.
-The name server hosting the domain resource records on the internet is configured as the only DNS server entry and recognized by a specific IP address, not the domain name.
-The top-level domain cannot be a duplicate, but also it does not have to be a fully qualified domain name (FQDN).
The DNS uses root servers at the hierarchy top, represented by a trailing dot at the end of a fully qualified domain name (FQDN), ensuring a unique host name.
*Domain Name System (DNS) is a global hierarchy of distributed name server databases that contain information about each domain and the hosts within those domains.
~DNS servers provide resolution of host and domain names to their IP addresses and are essential for locating resources on the internet.
~The name server hosting domain resource records on the internet is for support and is usually configured as the primary DNS server entry in the IP configuration of all clients, not just locally.
~To avoid the possibility of duplicate host names, the top-level domains (TLDs) require assigning and managing a fully qualified domain name (FQDN) using DNS.
During a company meeting, a technician scribbled some notes about a firewall configuration on a whiteboard. The technician has listed only the port numbers 25 and 587. What is the purpose of these protocols that use these ports?
-They are POP3, an early example of a mailbox access protocol.
-Use TLS with the HTTP application to send these ports over rather than via an open and unencrypted port.
-They are the Lightweight Directory Access Protocol (LDAP), a TCP/IP protocol used to query and update an X.500 directory.
-The ports are for message relay between SMTP servers to submit secure and unsecure messages for delivery.
The ports are for message relay between SMTP servers to submit secure and unsecure messages for delivery.
*Port TCP/25 is for unsecure message relays (MTAs) between Simple Mail Transfer Protocol (SMTP) servers. Port TCP/587 submits encrypted, authenticated, and secured messages for delivery by an SMTP server.
~Depending on the mail access protocol in use, Post Office Protocol 3 (POP3) or Internet Message Access Protocol (IMAP), TCP ports 993 or 995 are default ports for secure connections. Unsecure ports are TCP/143 and TCP/110.
~The HTTP protocol delivers web pages and other resources using TCP/80 by default and secures TCP application protocols, such as FTP, POP3/IMAP, SMTP, and LDAP.
~Lightweight Directory Access Protocol (LDAP) TCP/IP protocol, used to query and update an X.500 directory, is not usually used for mail protocols. LDAP uses TCP and UDP port 389 by default.
An HTTPS application is secured using the SSL/TLS protocol but should use a different port for unencrypted HTTP. Which port should unencrypted HTTP use?
-TCP/143
-TCP/993
-TCP/80
-TCP/587
TCP/80
*By default, HTTPS uses TCP port 443. Unsecure default HTTP port is TCP port 80.
~In theory, it is possible to apply a secure socket layer of transport layer security (SSL/TLS) to TCP port 80, but most browsers would not support this configuration for HTTP.
~TCP port 993 or TCP port 995 are the default ports for secure connections for Internet Mail Access Protocol (IMAP) and Post Office Protocol 3 (POP3), respectively.
~Clients often use Port 587 to submit messages for delivery by a Simple Mail Transfer Protocol (SMTP) server.
A client wishes to upload and download a few files from the network server. The client wants to upload some of the files to a website. Which ports would establish an active connection? (Select all that apply.)
-TCP/21
-TCP/80
-TCP/443
-TCP/20
TCP/20 & TCP/21 FILE TRANSFER PROTOCOL
*File transfer protocol (FTP) is associated with Transfer Control Protocol/20 (TCP/20) to transfer data in active mode or a server-assigned port in passive mode.
*FTP is associated with the use of Transfer Control Protocol/21 (TCP/21) to establish a connection.
~When using a secure transport layer (TLS), the client connects to an HTTP server using port TCP/80 (by default). It is possible, in theory, to apply Secure Sockets Layer/Transport Layer Security (SSL/TLS) to port TCP/80, but most browsers would not support this configuration.
~When using transport layer security (TLS) with the HTTP application, it is known as HTTPS. HTTPS uses port TCP/443 by default.
A top-level domain (i.e., .com) falsely represents the top of the Domain Name System (DNS) hierarchy. Why is this considered false?
-The name server hosting the domain is a static configuration as the primary DNS server entry in the IP configuration of local clients.
-The name server hosting the domain resource records on the internet is configured as the only DNS server entry and recognized by a specific IP address, not the domain name.
-The top-level domain cannot be a duplicate, but also it does not have to be a fully qualified domain name (FQDN).
-The DNS uses root servers at the hierarchy top, represented by a trailing dot at the end of a fully qualified domain name (FQDN), ensuring a unique host name.
The DNS uses root servers at the hierarchy top, represented by a trailing dot at the end of a fully qualified domain name (FQDN), ensuring a unique host name.
*Domain Name System (DNS) is a global hierarchy of distributed name server databases that contain information about each domain and the hosts within those domains.
~DNS servers provide resolution of host and domain names to their IP addresses and are essential for locating resources on the internet.
~The name server hosting domain resource records on the internet is for support and is usually configured as the primary DNS server entry in the IP configuration of all clients, not just locally.
~To avoid the possibility of duplicate host names, the top-level domains (TLDs) require assigning and managing a fully qualified domain name (FQDN) using DNS.
The network administrator is configuring a network attached storage (NAS) appliance. What file sharing protocol should the administrator use to allow access to Windows, Linux, and Apple macOS clients?
-FTP (file transfer protocol)
-SMB (Server Message Block)
-LDAP (Lightweight Directory Access Protocol)
-SNMP (Small Network Management Protocol)
Server Message Block (SMB)
*The Server Message Block (SMB) protocol that implements Windows File/Printer Sharing is specifically for use on local networks only. Therefore, allowing access from the internet would be a security risk.
~The network administrator could implement a file server or fileshare protocol using TCP/IP protocols, like File Transfer Protocol (FTP), but it only allows a client to upload and download files from a network server and websites.
~The Simple Network Management Protocol (SNMP) provides a means for devices to report operational statistics to a management server, not for file sharing.
~The Lightweight Directory Access Protocol (LDAP) is a TCP/IP protocol used only to query and update an X.500 directory.
As an alternative to static configuration, wired and wireless hosts can receive their IP address, subnet mask, default gateway, and DNS server addresses from which protocol? (Select all that apply.)
-APIPA
-DSL
-DHCP
-PXE
APIPA & DHCP
*Host servers have a failover mechanism when an IP configuration specifies the use of a Dynamic Host Configuration Protocol (DHCP) server, but the host cannot contact one.
*Windows machines will default to automatic private IP addressing (APIPA) if the DHCP service fails or if there is some connectivity error.
~A digital subscriber line (DSL) provides fast downlinks but slow uplinks. A DSL modem might be provisioned as a separate device or be embedded as a function of a small office home office (SOHO) router but is not a protocol.
~A Preboot eXecution Environment (PXE) is firmware and a network adapter supporting boot options. The client uses a DHCP server to locate a suitably configured server to start the setup process.
In addition to Remote Desktop, which of the following protocols can an administrator use for remote access administration? (Select all that apply.)
-DHCP
-Telnet
-SNMP
-SSH
Telnet & SSH
*Telnet opens a plain-text, unsecured, remote console connection. Telnet uses TCP port 23.
*Secure Shell (SSH) provides the same capabilities as Telnet but encrypts the data while transferring to the port. SSH uses TCP port 22.
~The Simple Network Management Protocol (SNMP) allows devices to report operational statistics to a management server and send a trap if a threshold exceeds some critical value, and the Remote Desktop Protocol (RDP) does not need it.
~The Dynamic Host Configuration Protocol (DHCP) uses broadcast addressing and is not supported by the connection-oriented TCP. Consequently, DHCP uses the connectionless User Datagram Protocol (UDP) and is unnecessary for RDP.
What network protocol is obsolete and should be disabled on most networks as it poses a significant security risk?
-NetBIOS
-TCP/UDP
-FTP
-SMB
NetBIOS
*NetBIOS is obsolete and only required if the network must support file sharing for Windows versions earlier than Windows 2000.
~Server Message Block (SMB) is the application protocol underpinning file and printer sharing on modern Windows networks running directly over the TCP/445 port.
~Modern networks use IP, TCP/UDP, DHCP, and DNS to establish the basic addressing and forwarding functions for network connectivity, transport functions, user-level services, web browsing, or file sharing.
~The File Transfer Protocol (FTP) allows a client to upload/download files from an active network server, upload files to websites, and transfer data in “active” mode or a server-assigned port in “passive” mode.
The IT department is setting up for outsourced management of their client firms. The IT department has asked a server administrator to configure a Linux server and accept remote terminal connections from clients without using passwords, along with encrypted terminal emulations. How does the administrator set up this access? (Select all that apply.)
-Use and Open Secure Shell (OpenSSH) connection
-Use a Secure Shell (SSH) connection
-Establish a Secure File Transfer Protocol
-Start a File Transfer Protocol (FTP)
Use SSH & Open SSH
*A Secure Shell (SSH) connection is the principal means of obtaining secure remote access to UNIX and Linux servers and to most types of network appliances (switches, routers, and firewalls).
*The most widely used SSH is OpenSSH. Therefore, a common Secure Shell connection is considered OpenSSH.
~Including encrypted terminal emulations, SFTP can use SSH to achieve many other network configurations. However, it is not the principal means of obtaining a secure connection to another system.
~An SSH server listens on port TCP/22 by default, which is the next port after FTP ports 20 & 21, used by the unsecure File Transfer Protocol (FTP). However, it is not the principal means of obtaining a secure
A client connects to an IMAP server over port TCP/143, but this port is unsecure. Instead, the client wants a secure connection established using Transport Layer Security (TLS). What is the default port for the secure POP3/IMAP?
-TCP port 25 or 587
-TCP port 993 and 995
-TCP port 143 and 110
-TCP 90 and 443
TCP port 993 and 995
*The default ports for a secure connection are either transport control protocol (TCP) port 993 (IMAPS) or 995 (POP3S), depending on the mail access protocol in use (IMAP or POP).
~By default, the unsecure ports are TCP port 143 for IMAPS and TCP port 110 for POP3.
~Port 25 is for Simple Mail Transfer Protocol (STMP) to send mail between servers and is not secure. Clients often use Port 587 to submit messages for delivery by an SMTP server.
~The HTTP application uses the unencrypted TCP port 80. The secure version, HTTPS, encrypts traffic between the client and the server, sent over port TCP/443 by default.
During a company meeting, a technician scribbled some notes about a firewall configuration on a whiteboard. The technician has listed only the port numbers 25 and 587. What is the purpose of these protocols that use these ports?
-They are the Lightweight Directory Access Protocol (LDAP), a TCP/IP protocol used to query and update an X.500 directory.
-Use TLS with the HTTP application to send these ports over rather than via an open and unencrypted port.
-They are POP3, an early example of a mailbox access protocol.
-The ports are for message relay between SMTP servers to submit secure and unsecure messages for delivery.
The ports are for message relay between SMTP servers to submit secure and unsecure messages for delivery.
*Port TCP/25 is for unsecure message relays (MTAs) between Simple Mail Transfer Protocol (SMTP) servers. Port TCP/587 submits encrypted, authenticated, and secured messages for delivery by an SMTP server.
~Depending on the mail access protocol in use, Post Office Protocol 3 (POP3) or Internet Message Access Protocol (IMAP), TCP ports 993 or 995 are default ports for secure connections. Unsecure ports are TCP/143 and TCP/110.
~The HTTP protocol delivers web pages and other resources using TCP/80 by default and secures TCP application protocols, such as FTP, POP3/IMAP, SMTP, and LDAP.
~Lightweight Directory Access Protocol (LDAP) TCP/IP protocol, used to query and update an X.500 directory, is not usually used for mail protocols. LDAP uses TCP and UDP port 389 by default.
Authentication, authorization, and accounting (AAA) allows switches and access points to hold directory information to authenticate clients as they connect to the network. Which protocol would the AAA server use if it wanted to communicate with the directory service?
-DHCP
-SNMP
-SMB/CIFS
-LDAP
LDAP (Lightweight Directory Access Protocol)
*The AAA server uses Lightweight Directory Access Protocol (LDAP) to communicate with the directory service (Active Directory) from an access point with no configured user account credentials, and it cannot decrypt any authentication traffic.
~The Simple Network Management Protocol (SNMP) provides a means for devices to report operational statistics to a management server, but it does not communicate with the directory service.
~Server Message Block (SMB) or Common Internet File System (CIFS) is the application protocol underpinning file and printer sharing on Windows networks and does not communicate with the directory service.
~The Dynamic Host Configuration Protocol (DHCP) uses broadcast addressing, which means that it must use User Datagram Protocol (UDP) at the transport layer and does not communicate with the directory service.
When advising a company on configuring systems, the administrator wants to provide better information about network device status and how to monitor them in a client manual. Which of the following is the correct protocol that maintains a database containing statistics related to the activity of devices for review?
-POP3
-SHCP
-SNMP
-IMAP
SNMP (Simple Network Management Protocol)
*The Simple Network Management Protocol (SNMP) is a framework for the management and monitoring of network devices. SNMP requires a Syslog agent that maintains a management information base (MIB) database. MIB holds statistics relating to the activity of the device.
~The Internet Message Access Protocol (IMAP) is an unsecure mail retrieval protocol using Transport Layer Security (TLS) and is unnecessary for network monitoring.
~The Post Office Protocol (POP) is an early example of a mailbox access protocol and is not involved in network management or monitoring.
~While a Dynamic Host Configuration Protocol (DHCP) server connects other compatible devices, it is only running to allocate a valid IP address to the computer from the device and does not function as a network monitoring device.
An HTTPS application is secured using the SSL/TLS protocol but should use a different port for unencrypted HTTP. Which port should unencrypted HTTP use?
-TCP/587
-TCP/143
-TCP/80
-TCP/993
TCP/80 HTTP
*By default, HTTPS uses TCP port 443. Unsecure default HTTP port is TCP port 80.
~In theory, it is possible to apply a secure socket layer of transport layer security (SSL/TLS) to TCP port 80, but most browsers would not support this configuration for HTTP.
~TCP port 993 or TCP port 995 are the default ports for secure connections for Internet Mail Access Protocol (IMAP) and Post Office Protocol 3 (POP3), respectively.
~Clients often use Port 587 to submit messages for delivery by a Simple Mail Transfer Protocol (SMTP) server.
