Section 16.146 Security Infrastructure: Ports and Protocols

Question 1

Security Infrastructure

Answer 1

Encompasses hardware, software, networks, data, and policies working cohesively to protect information

Question 2

Ports and Protocols

Port

Answer 2

Logical communication endpoints on a computer or server

Example: Running a secure web server thats used for running e-commerce on your system you will have port 443 open listening for any inbound requests from your potential visitors

Question 3

Port Classification

Inbound

Answer 3

Logical communication opening on a server that is listening for a connection from a client

○ Listening for connections

Open port waiting for someone to connect to it

Question 4

Port Classification

Outbound

Answer 4

Logical communication opening created on a clinet in order to call out to a server for a connection

○ Used to connect to a server

If my computert is looking to make a connection to your web server over port 443 then my computer is going to open up a random high port numberr like 52363 and make an outbound request to web server port 443

Question 5

Port Classification

Well-Known Ports (0-1023)

Answer 5

0-1023

Assigned by Internet Assigned Numbers Authroity (IANA), commonly-used protocols

Web browsing: HTTPS 443
Telnet: Port 23

Question 6

Port Classification

Registered Ports (1024-49151)

Answer 6

1024-49151

Vendor-specific, registered with IANA

Microsift SQL server Port 1433

Microsoft Remote Desktop Protocol (RDP) 3389

Question 7

Dynamic and Private Ports (49152-65535)

Answer 7

49152-65535

Temporary outbound connections

Ports that can be used by any application without being registered with IANA

Commonly used in gaming and instant messaging connections

Question 8

Protocols

Answer 8

Rules governing device communication and data exchange between devices and systems

● HTTPS (port 443) uses the HTTPS protocol for secure web communication

Question 9

Memorisation Tips

Answer 9

Memorise for each port the…

● Port number
● Default protocol
● Support for TCP or UDP connection
● Basic description of the port or protocol

Question 10

PORT 21

Answer 10

■ File Transfer Protocol (FTP)
■ TCP
■ Used to transfer files from host to host

Question 11

Port 22

Answer 11

■ Secure Shell Protocol (SSH), SCP, SFT.
■ TCP
■ Provides secure remote terminal access and file trasnfer capabilities. Provides Secure Copy Functions.
Provides Secure File Tranfers (SFTP)

Question 12

Port 23

Answer 12

■ TELNET
■ TCP
■ Provides insecure remote control of another machine using a text based environment

its unencrypted and insecure so you should NOT be using it these days - exam questions may ask you about remote connections over port 23 and how to better secure it. ANSWER would be to close telnet and open an SSH port

Question 13

Port 25

Answer 13

■ Simple Mail Transfer Protocol (SMTP)
■ TCP
■ Provides the ability to send emails over the network

Question 14

PORT 53

Answer 14

■ Domain Name System (DNS)
■ TCP and UDP
■ Translates domain names in to IP addresses

Question 15

Port 69

Answer 15

■ Trivial File Trasnfer Protocol (TFTP)
■ UDP
■ Used as a lightweight file transfer method for sending configuration files or network booting of an operational system

Question 16

Port 80

Answer 16

■ Hypertext Transfer Protocol (HTTP)
■ TCP
■ Used for insecure web browsing

Question 17

Port 88

Answer 17

■ Kerberos
■ UDP
■ Network authentication protocol

Question 18

Port 110

Answer 18

■ Post Office Version Three Protocol (POP3)
■ TCP
■ Responsible for retrieving emails from a server

Question 19

Port 119

Answer 19

■ Network News Transfer Protocol (NNTP)
■ TCP
■ Used for accessing newsgroups

Question 20

Port 137
Port 138
Port 139

Answer 20

■ NetBIOS
■ TCP and DCP
■ Networking protocol suite

Used within a local windows environment used for things like printing

Question 20

Port 135

Answer 20

■ Remote Procedure Call (RPC)
■ TCP and UDP
■ Facilitates communication between different system proceses

Often used with the windows file sharing system

Question 21

Port 143

Answer 21

■ Instant Messaging Access Protocol (IMAP)
■ TCP
■ Allows access to email messages on a server

Question 22

Port 161

Answer 22

■ Simple Network Management Protocol (SNMP)
■ UDP
■ Manages network devices

Question 23

Port 162

Answer 23

■ SNMPTrap
■ UDP
■ Responsible for sending SNMP trap messages

Question 24

Port 389

Answer 24

■ Lightweight Directory Access Protocol (LDAP)
■ TCP
■ Facilitates directory services

Question 25

Port 443

Answer 25

■ HTTP Secure (HTTPS)
■ TCP
■ Provides secure web communication

Question 26

Port 445

Answer 26

■ Server Message Block (SMB)
■ TCP
■ Used for file and pritner sharing over a network

Question 27

Port 465
Port 587

Answer 27

■ SMTP Secure (SMTPS)
■ TCP
■ Provides secure SMTP communication

Question 28

Port 514

Answer 28

■ SYSLOG
■ UDP
■ Used for sending log messages

Question 29

Port 636

Answer 29

■ LDAP Secure (LDAPS)
■ TCP
■ LDAP communication over SSL/TLS

Question 30

Port 993

Answer 30

■ IMAPS (IMAP over SSL/TLS)
■ TCP
■ Used for secure email retireval

Question 31

Pro 995

Answer 31

■ Post Office Protocol Versoin 3 over SSL/TLS (POP3S)
■ TCP
■ Used for secure email retreival

Question 32

Port 1433

Answer 32

■ Microsoft SQL
■ TCP
■ Used to facilitate communication with Microsoft SQL server

Question 33

PORT 1645
PORT 1646

Answer 33

■ Radius TCP
■ TCP
■ Used for remote authentication, authorisation and accounting

Question 34

Port 1812
Port 1813

Answer 34

■ Radius UDP
■ UDP
■ Used for authentication and accounting as defiend by the Interent Engineering Task Force (IETF)

Question 35

Port 3389

Answer 35

■ Remote Desktop Protocol (RDP)
■ TCP
■ Enables remote desktop access

Question 36

Port 6514

Answer 36

■ Syslog TLS
■ TCP
■ Used in secure syslog that uses SSL/TLS to encrypt the IP packets using a certificate before sending them across the IP network to the syslog collector