common ports and protocols

Question 1

What protocol is considered the de facto standard when it comes to secure
access to remote systems for management purposes?
a. Telnet
b. SSH
c. IPSec
d. IMAP

Answer 1

Answer: b. The Secure Shell (SSH) protocol allows you to make secure
remote connections to network systems. This protocol is specialized for terminal connections. For graphical user interface connections, you can use technologies such as Remote Desktop Protocol (RDP) and VNC Viewer.

Question 2

You are interested in dynamically assigning the IP address information in your
IPv4-based network infrastructure. What protocol can you use to accomplish
this?
a. DNS
b. TFTP
c. FTP
d. DHCP

Answer 2

Answer: d. Dynamic Host Configuration Protocol is used to dynamically
assign IP address information to network systems (typically end-user devices).

Question 3

What global hierarchical system is used to resolve names to IP addresses?
a. TFTP
b. DHCP
c. NTP
d. DNS

Answer 3

Answer: d. Domain Name System (DNS) is a global hierarchy system that
resolves names to IP addresses.

Question 4

What port and protocol are used by HTTPS? (Choose two.)
a. TCP
b. UDP
c. 443
d. 123
e. 8080
f. 80

Answer 4

Answer: a, c. HTTPS uses TCP port 443 in its operation.

Question 5

What is the port and protocol used by Syslog? (Choose two.)
a. TCP
b. UDP
c. 148
d. 514
e. 240

Answer 5

Answer: b, d. Syslog produces machine data that you can use to monitor and
understand the state of services on a device. Syslog runs on UDP port 514.

Question 6

What protocol do ping and traceroute use in their operation?
a. IPsec
b. DNS
c. ICMP
d. DHCP

Answer 6

Answer: c. ICMP is used by many troubleshooting and monitoring tools. ping
and traceroute are two such ICMP-based utilities.

Question 7

Which incoming email protocols are encrypted and secure because they use
SSL/TLS sessions? (Choose two.)
a. POP3 over SSL
b. IMAPS
c. SMTP
d. POP

Answer 7

Answer: a, b. Using POP3 over SSL (port 995) or IMAPS (port 993) allows
the incoming data from the client to be encrypted because these protocols use
SSL/TLS sessions. Answer c is incorrect because Simple Mail Transfer Protocol (SMTP) (port 25) is for outgoing email. Answer d is incorrect because one
of the biggest security issues with plain POP (and IMAP as well) is that login
credentials are transmitted in plaintext over unencrypted connections.

Question 8

You need to establish an authenticated and encrypted connection between a
client and a host system. What should you use?
a. Telnet
b. SSH
c. LDAP
d. LDAPS

Answer 8

Answer: b. Secure Shell (SSH) establishes a session between the client and
host computers using an authenticated and encrypted connection over port 22.
SSH requires encryption of all data, including the login portion. Answer a is
incorrect because SSH is the secure replacement for Telnet. Using Telnet is ill
advised because a Telnet session is not encrypted. Answers c and d are incorrect. Lightweight Directory Access Protocol (LDAP) is a directory services
protocol for use on IP networks. By default, LDAP traffic is unsecured. LDAP
over SSL (LDAPS) is a method to secure LDAP by enabling communication
over SSL/TLS.