Ports & Protocols Flashcards

1
Q

FTP

A

File Transfer Protocol
tcp/20 - active mode data
tcp/21 - control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Port 20

A

FTP Active Mode Data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Port 21

A

FTP Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SSH

A

Secure Shell
tcp/22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Port 22

A

SSH
SFTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SFTP

A

Secure FTP
tcp/22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Telnet

A

tcp/23

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Port 23

A

Telnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SMTP

A

Simple Mail Transfer Protocol
server to server email
tcp/25
tcp/587

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Port 25

A

SMTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Port 587

A

SMTP w/ TLS Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DNS

A

Domain Name System
udp/53
tcp for large data transfers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Port 53

A

DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

DHCP

A

Dynamic Host Config Protocol
udp/67
udp/68

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Port 67

A

DHCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Port 68

A

DHCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

TFTP

A

Trivial FTP
udp/69

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Port 69

A

TFTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

HTTP

A

Hypertext Transfer Protocol
tcp/80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

HTTPS

A

HTTP secure
tcp/443

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Port 80

A

HTTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Port 443

A

HTTPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

NTP

A

Network Time Protocol
udp/123

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Port 123

A

NTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
SNMP
Simple Network Management Protocol udp/161 udp/162 - SNMP Trap - net device automatically sends status messages
26
Port 161
SNMP
27
Port 162
SNMP Trap
28
LDAP
Lightweight Directory Access Protocol tcp/389 tcp/636 - secure | LDAP is used to store and manage data such as usernames, passwords, and
29
Port 389
LDAP
30
Port 636
LDAPS
31
SMB
Server Message Block File sharing tcp/445
32
Port 445
SMB
33
Syslog
udp/514
34
Port 514
Syslog
35
SQL Server
Structured Query Language tcp/1433
36
Port 1433
SQL Server
37
RDP
Remote Desktop Protocol tcp/3389
38
Port 3389
RDP
39
SIP
Session Initiation Protocol tcp/5060 tcp/5061 VoIP
40
Port 5060
SIP
41
Port 5061
SIP
42
ICMP
Internet Control Message Protocol Not TCP or UDP Ping, TTL expired, unreachable
43
GRE
Generic Routing Encapsulation tunnel btw 2 endpoints no encryption
44
VPN
Virtual Private Network encrypted
45
IPSec
Internet Protocol Security Security for Layer 3 encryption and packet signing widely used standard protocol for VPN
46
AH
Authentication Header for IPSec Hash of packet and shared key
47
ESP
Encapsulating Security Payload for IPSec Encrypts the packet and ESP trailer
48
IKE
Internet Key Exchange for IPSec Build Security Association (SA) agree on keys to use
49
IPSec Transport Mode
Data is encrypted but IP address is not
50
IPSec Tunnel Mode
Both Data and IP address are encrypted
51
RIPv2 Metric
RIPv2 uses number of hops to destination as the metric
52
Routing Metric
Each protocol has a different method for calculating a metric Cannot be used interchangeably between protocols Lowest metric is best
53
Administrative Distance by protocol
Based on which is most trusted: Local 0 Static Route 1 EIGRP 90 OSPF 110 RIPv1/RIPv2 120 DHCP default route 254 Unknown 255
54
Prefix Length Route Tables
Used to evaluate and prioritize next hop Most specific wins (longest prefix)
55
Route Table Entry R 10.10.30.0/24 [120/1] via 10.10150.2, 00:00:14, Serial0/3/1
R - Route Code 10.10.30.0/24 - Subnet ID with Prefix Length 120 - Administrative Distance 1 - Metric 10.10.50.2 - Next Hop 00:00:14 - Route Timestamp - how long this entry has been active Serial0/3/1 - Outgoing interface
56
BGP EIGRP OSPF
BGP - Route outside of your AS EIGRP - partly Cisco Proprietary - route within your AS OSPF - Common standard to route within your AS
57
AS
Autonomous System All devices on your controlled local network
58
Link-State Protocol
Routing path chosen based on "cost" each link has a cost assigned - Throughput, reliability, round trip time Low cost and fastest path wins Identical costs are load balanced - OSPF - IS-IS - BGP-LS
59
OSPF
Open Shortest Path First Link-State Protocol
60
EIGRP
Enhanced Interior Gateway Routing Protocol Hybrid Protocol Cisco Proprietary
61
BGP
Border Gateway Protocol Hybrid Protocol Used to route to outside of your Autonomous System
62
Routing Table Entry D 10.10.30.0/24 [90/2172416] via 10.10.50.1, 00:05:54, Serial0/3/0
D - Route Code - EIGRP 10.10.30.0/24 - Subnet ID with Prefix Length 90 - Administrative Distance 2172416 - Metric 10.10.50.1 - Next Hop 00:05:54 - Route Timestamp - how long this entry has been active Serial0/3/1 - Outgoing interface
63
FHRP
First Hop Redundancy Protocol Create Virtual IP address for router. If the physical router fails, the VIP shifts to another router so no interruption is network access Default Gateway is actually multiple routers
64
VIP
Virtual IP address An address that can be transferred from device to device to provide fail-over for routers using FHRP
65
Subinterfaces
Non-physical interfaces - VLANS in a trunk Example: Interface Ethernet1/1 Subinterface Ethernet1/1.10 Subinterface Ethernet 1/1.20 Subinterface Ethernet 1/1.100
66
NAT
Network Address Translation
67
PAT
Port Address Translation
68
802.1Q Tagging
Add VLAN Tag to a Frame to pass it through a trunk
69
Trunk
Combine VLANS on one interface
70
SVI
Switched Virtual Interface Virtual interface in a Layer 3 switch used to route traffic between VLANs
71
Native VLAN
Does not add an 802.1Q header Can traverse a trunk without a tag Native VLAN needs to match on both switches used because some devices cannot use 802.1Q
72
Voice VLAN
VOIP needs consistent connection speed If there's alot of data traffic on same network, bad voice quality Put VOIP on separate VLAN with dedicated bandwidth
73
Link Aggregation
Connect multiple interfaces together and configure so treated as one high capacity link
74
LACP
Link Aggregation Control Protocol Automatically recognize multiple connections to the same device and implements Link Aggregation
75
MTU
Maximum Transmission Unit Max packet size
76
Jumbo Frame
Ethernet Frame with more than 1,500 bytes of payload Up to 9,216 bytes
77
STP
Spanning Tree Protocol Automatically recognize and prevent loops on net Reconfigure if a link is disabled
78
STP port states
Blocking Listening Learning Forwarding Disabled
79
RSTP
Rapid Spanning Tree Protocol 802.1w Faster convergence of network configuration
80
SNMP Versions
SNMP v1 - Structured tables stored in the clear SNMP v2c - +data typed, bulk transfer, still in the clear SNMP v3 -
81
OID
Object Identifier identifies devices as data about their network usage is stored in the MIB for SNMP query
82
SNMP
Simple Network Management Protocol Monitor network statistics and data Data stored in MIB
83
MIB
Management Information Base Stores network activity data to be queried using SNMP
84
SNMP Trap
Periodically poll MIBs on network devices to proactively provide alerts when a problem is detected
85
SNMP Authentication
Community String - v1 and v2c only - password style Username and PW - v3 transmitted as PW hash
86
SNMP Community String
Password-style authentication method only used in SNMP v1 and v2c
87
Network Discovery methods
- LLDP - CDP - IP scanners (Nmap) - Commercial net scanners - SNMP
88
LLDP
Link Layer Discovery Protocol
89
CDP
Cisco Discovery Protocol
90
NetFlow
Protocol used to collect and analyze network traffic, performance, troubleshooting, and plan upgrades
91
DHCP Process
1. Discover - send discover packet - from 0.0.0.0:udp/68 - to 255.255.255.255:udp/68 2. Offer - DHCP Server send offer packet - to 255.255.255.255:udp/68 3. Request - send request packet to DHCP server - might have gotten multiple offers, send request to one 4. Acknowledgement - send ack packet - to 255.255.255.255:udp/68
92
DHCP Scope
Pool of addresses managed by the DHCP server
93
DHCP Reservation
Table to reserve IP addresses for devices so they are always assigned the same one
94
DHCP Renewal - Timers
T1 Timer - 50% of lease time T2 Timer - 87.5% (7/8ths) of lease time
95
DHCP Options
Configure other settings Many many -
96
NDP
Neighbor Discovery Protocol Like ARP for IPv6 No broadcasts Discover neighbor MAC addresses Uses ICMPv6
97
SLAAC
StateLess Address AutoConfiguration Devices automatically create their own IPv6 address from their MAC Address 64-bit network prefix last 64-bit: - Split MAC in half - Insert ff:fe - flip 7th bit to make routable Uses Duplicate Address Detection (DAD) to prevent duplicate IPs
98
NDP Messages
RA: Router Advertisement - from router - from router or periodically from ff02::1 multicast RS: Router Solicitation - from device - to all IPv6 routers ff02::2
99
DNS Record Types
SOA - Start of Authority A - Address - IPv4 AAAA - Address - IPv6 CNAME - Canonical Name MX - Mail Exchange TXT - Text NS - Name Server PTR - Pointer
100
DNS Recursive query
Start at Root server then .com server then authoritative name server of website then store in cache
101
DNSSEC
Domain Name Security Extensions Responses digitally signed
102
DoH
DNS over HTTPS
103
DoT
DNS over TLS Send data over tcp/853 but encrypt with TLS/SSL
104
DNS - SOA record
Start of Authority Describes DNS zone details - name of zone (xyz.com) - Serial Number - Refresh, retry, and expiry timeframes - Caching duration/TTL
105
DNS - CNAME
Canonical Name Aliases for services that all point to the same server - chat, mail, ftp, www
106
DNS - TXT
SPF DKIM
107
DNS - SPF
Sender Policy Framework Prevent spoofing
108
DNS - DIKM
Domain Keys Identified Mail Digitally sign outgoing mail DIKM record contains public key
109
DNS - PTR
Reverse of A and AAAA
110
NTS
Network Time Security NTP but with authentication uses cookie
111
PTP
Precision Time Protocol Granularity to nanosecond Hardware based
112
Hybrid Routing Protocol
Combines link-state and distance-vector routing strategies - EIGRP - BGP - ZRP
113
IS-IS
Intermediate System to Intermediate System Link-State Protocol
114
RIP
Routing Information Protocol Distance Vector Protocol
115
RPC
Remote Procedure Call Session Layer manage comms sessions between devices