Common Ports

Question 1

FTP

Answer 1

File Transfer Protocol
- tcp port 20 (active mode data)
- tcp port 21 (control)
Authenticates with a username and password

Question 1

SSH

Answer 1

Secure Shell
- Port (TCP) 22
- text-based console communication

Question 2

SFTP

Answer 2

Secure File Transfer Protocol
-Encrypted network communicaiton
- TCP port 22
- File management in secure mode compared to regular FTP

Question 3

Telnet

Answer 3

TCP port 23
- not secure
- telecommunication network
- not really used anymore

Question 4

SMTP

Answer 4

Simple Mail transfer protocol
- server to server email transfer
- tcp 25 SMTP using plaintext
- tcp 587 SMTP using TLS encryption

Question 5

DNS

Answer 5

Port 53
- large transfers may use port 53

Question 6

DHCP

Answer 6

Dynamic host Configuration protocol
- port 67/68
- Automated configuration of IP address/subnet/etc…
- needs a DHCP server to use

Question 7

TFTP

Answer 7

Trivial File Transfer Protocol
- Port 69
- transfer a small amount of information very quickly
- very simple file transfers like a phone

Question 8

HTTP

Answer 8

Port 80
Hypertext transfer protocol
web server communication

Question 9

HTTPS

Answer 9

HTTP over TLS or SSL
port 443
secure web server communication

Question 10

SSL

Answer 10

Secure socket Layer

Question 11

TLS

Answer 11

Transport Layer Security (newer compared to SSL)

Question 12

NTP

Answer 12

Network Time protocol
- UDP 123
- Synchronize clocks between devices

Question 13

SNMP

Answer 13

Simple Network Management Protocol
- UDP 161
Gather statstics from network devices
Version 1- no encryption/in the clear
Version 2 - in the clear /bulk transfer
Version 3- authenticaiton/encryption/ message integrity

Question 14

SNMP Trap

Answer 14

UDP 162
- Alerts/notifcations from the network device

Question 15

LDAP

Answer 15

Lightweight directory access protocol
TCP 389
Stores and retrieve infomration in a network directory

Question 16

LDAPS

Answer 16

Lightweight directory access protocol secure
A non-standard implemetnation of LDAP over SSL
TCP 636

Question 17

SMB

Answer 17

Server message block
- Protocol used by microsft windows
- integrated into Windows itself
- File share publishing/file lock
- TCP 445

Question 18

Syslog

Answer 18

Standard message logging
UDP 514
- transfer log data

Question 19

SIEM

Answer 19

Security information and event manager
- central log collector

Question 20

SQL

Answer 20

Structured Query Lanugage
- Standard language across data base servers

Question 21

Microsoft SQL

Answer 21

port 1433

Question 22

RDP

Answer 22

Remote desktop protocol
- share a desktop from a remote location over TCP 3389

Question 23

SIP

Answer 23

Session Initiation protocol
- Voice over IP signaling
TCP 5060 and 5061
// setups and manages Voice over IP (VoIP

Question 24

ICMP

Answer 24

Internet Control Message Protocol - ICMP is its own protocol (not used for data transfer) - used for text messaging - ping command is used by ICMP

Question 25

GRE

Answer 25

Generic Routing encapsulation - the tunnel between two endpoints - Two endpoints appear to be directly connected to each other - no built in encryption - need additional VPn protocols to traverse a public network

Question 26

VPNs protocols

Answer 26

Encrypted Data tranvsering a public network

Question 27

IPSec

Answer 27

Internet Protocol Security - Security for OSI layer 3 - Authentication and Encryption for every packet - AH - authentication header - ESP - encapsulation security payload

Question 28

IKE

Answer 28

Internet key Exchange (IKE) - Both sides agree on encryption and decryption keys

Question 29

SA

Answer 29

Security Association - Keys aggreement

Question 30

Diffie-Hellman

Answer 30

Used to create a shared secret key - port 500

Question 31

ISAKMP

Answer 31

Internet Security Association and Key Management Protocol

Question 32

Phase 1 and phase 2 of internet key exchange

Answer 32

Phase 1 builds the key Phase 2 include the ESP encrypted tunnel

Question 33

Transport mode

Answer 33

IP header -> IPsec Header -> data -> IPsec Trailers - Data is enclosed and encrypted by header/trailer - IP header is not encrypted

Question 34

Tunnel Mode

Answer 34

New IP Header -> IPsecHeader -> IP Header -> Data -> IPSec - IP header and data encrypted

Question 35

AH

Answer 35

Authentication Header - An AH header you can add the to modes to hash a packet New IP Header -> AH header -> IP header -> Data

Question 36

ESP

Answer 36

Encapsulation Security Payload - Ecnrypts the packet New IP Header -> ESP Header-> IP Header -> Data -> ESP Trailer -> Integrity Check value

Question 37

Name different ways to transfer data?

Answer 37

- WiFi - Ethernet - HDD

Question 38

TCP

Answer 38

OSI Layer 4 - Transmission Control Panel - Connection oriented (formal connection setup and close) - Reliable delivery (recovery from errors, manages out of order messages) - TCP allows us to make sure the other people recieved our message/data

Question 39

UDP

Answer 39

Layer 4 - User Data Gram Protocol - Connectionless system - no formal open close setup - Unrealiable delivery - we don't know if they got it

Question 40

IPv4 Sockets

Answer 40

Server IP Address, protocol, server application port number Client IP address, protocol, client port number

Question 41

Non-Ephemeral Ports

Answer 41

Permanent Port Numbers (typically servers like HTTP/FTP) 0 to 1023

Question 42

Ephemeral Ports

Answer 42

Temporary Port numbers (Typically clients) 1024 - 65535

Question 43

Unicast

Answer 43

One-to-one connection - send information between two systems/file transfers

Question 44

Multicast

Answer 44

One to many of many - like a subscription or App or video game - used in IPv4 and IPv6

Question 45

Anycast

Answer 45

One to one of many - used IPv4 and IPv6 - The traffic to one of many is one of many similar systems

Question 46

Broadcast

Answer 46

one to all - send information to everyone at once - limited tothe broad cast domain