Common Network Ports

Questions and Answers

Which port is used for unencrypted web traffic?

• Port 23
• Port 80 (correct)
• Port 443
• Port 22

Secure Shell (SSH) uses port 23 for encrypted remote login.

False (B)

What is the primary function of the Domain Name System (DNS)?

Resolves hostnames to IP addresses

Simple Mail Transfer Protocol (SMTP) is used to ______ email.

send

Match the following protocols with their descriptions:

FTP = File transfer with separate data and control connections. DHCP = Automatically assigns IP addresses to network devices. SNMP = Manages and monitors network devices. LDAP = Provides directory services using plain text.

Which protocol is considered insecure and legacy for remote login?

Telnet (B)

TFTP provides authentication for file transfers.

False (B)

What is the purpose of the HTTPS protocol?

Secure, encrypted web traffic

IMAP is a protocol that ______ and manages email on the server.

retrieves

Which port is commonly used by LDAP (Lightweight Directory Access Protocol)?

Port 389 (A)

POP3 is used to manage email on the server.

False (B)

What is the function of the Network Time Protocol (NTP)?

Network Time Protocol

The secure version of LDAP is known as ______.

LDAPS

Which port is used for Windows file and printer sharing using SMB?

Port 445 (D)

RADIUS is only used for authentication purposes.

False (B)

What is the purpose of a Registration Authority (RA) in PKI?

Verifies user identity

A ______ is a request generated by an entity to apply for a digital certificate from a CA.

CSR

What is the main function of the private key in Public Key Infrastructure (PKI)?

Decrypting data (C)

OCSP checks the revocation status of a digital certificate in batch mode.

False (B)

Which PKI trust model relies on individuals signing each other's keys?

Web of Trust

Flashcards

FTP (File Transfer Protocol) Ports

Data transfer occurs on port 20, while control commands are sent on port 21.

SSH (Secure Shell) Port

An encrypted protocol for remote login and command execution.

Telnet Port

Unencrypted protocol for remote login, now considered insecure and legacy.

SMTP (Simple Mail Transfer Protocol) Port

Used to send email.

DNS (Domain Name System) Port

Resolves hostnames to IP addresses.

DHCP Ports

Automatically assigns IP addresses.

TFTP Port

No authentication.

HTTP Port

Unencrypted web traffic.

POP3 Port

Retrieval of emails from a server.

IMAP Port

Retrieves and manages email on the server.

HTTPS Port

Secure, encrypted web traffic.

SNMP Ports

Manages and monitors network devices.

SMB Port

Windows file and printer sharing.

Session Layer

Establishes, manages, ends sessions

Network Layer

Routing, logical addressing

Physical Layer

Transmission of raw bits, cables, signals

PKI Key Purpose

Public key encrypts data, private key decrypts it.

Digital Certificate

A digital record for ownership of a public key.

Certificate Authority (CA)

Issues, validates, revokes digital certificates.

OCSP (Online Certificate Status Protocol)

Checks if a certificate has been revoked.

Study Notes

• Port 20 and 21 are used for FTP (File Transfer Protocol); port 20 is for data transfer, and port 21 is for control/commands.
• Port 22 is for SSH (Secure Shell), which provides encrypted remote login and command execution.
• Port 23 is for Telnet, an unencrypted remote login protocol (insecure, legacy).
• Port 25 is for SMTP (Simple Mail Transfer Protocol), used to send email.
• Port 53 is for DNS (Domain Name System), which resolves hostnames to IP addresses, using UDP/TCP.
• Ports 67 and 68 are used for DHCP, which automatically assigns IP addresses, using UDP.
• Port 69 is for TFTP, a Trivial File Transfer Protocol with no authentication, using UDP.
• Port 80 is for HTTP, which is unencrypted web traffic.
• Port 110 is for POP3, which retrieves email from a server.
• Port 123 is for NTP, the Network Time Protocol, using UDP.
• Port 143 is for IMAP, which retrieves and manages email on the server.
• Ports 161 and 162 are used for SNMP, which manages and monitors network devices, using UDP.
• Port 389 is for LDAP, a Lightweight Directory Access Protocol (plain text).
• Port 443 is for HTTPS, which provides secure, encrypted web traffic.
• Port 445 is for SMB, used for Windows file and printer sharing.
• Port 636 is for LDAPS, a secure version of LDAP.
• Port 993 is for IMAPS, a secure version of IMAP.
• Port 995 is for POP3S, a secure version of POP3.
• Port 1723 is for PPTP, a VPN tunneling protocol (legacy and insecure).
• Ports 1812 and 1813 are for RADIUS, a Remote Authentication Dial-In User Service; 1812 for Authentication, 1813 for Accounting.
• Port 3389 is for RDP, the Remote Desktop Protocol, used for Windows remote access.

RAID Levels

• RAID 0 (Striping): Requires a minimum of 2 drives, offers no redundancy, and provides high performance, suitable for situations where fault tolerance is not critical (e.g., gaming, temp files).
• RAID 1 (Mirroring): Requires 2 drives, provides redundancy, and offers medium performance, ideal for critical systems with small data sets needing maximum uptime.
• RAID 5 (Striping with Parity): Requires 3 drives, provides redundancy, and offers good performance, balancing speed and fault tolerance, suitable for web servers and databases.
• RAID 6 (Striping with Dual Parity): Requires 4 drives and can withstand the loss of 2 drives, offering lower performance than RAID 5 but providing high availability for systems.
• RAID 10 (Mirrored Sets): Requires 4 drives, provides redundancy, and offers high performance, suited for applications needing both performance and redundancy, such as databases and virtual servers.

TCP/IP and OSI Model

• Application Layer: In TCP/IP, maps to OSI Layers 7 (Application), 6 (Presentation), and 5 (Session) and key protocols include HTTP, FTP, SMTP, DNS, TLS, SSH.
• Transport Layer: Maps to OSI Layer 4 (Transport) and key protocols are TCP and UDP.
• Internet Layer: Maps to OSI Layer 3 (Network) and key protocols are IP, ICMP, ARP, and IPsec.
• Network Access Layer: Maps to OSI Layers 2 (Data Link) & 1 (Physical) and key protocols are Ethernet, MAC addresses, Wi-Fi, and Frame Relay.

OSI Model Layers

• Layer 7 (Application): Provides a user interface and network services to applications. Examples include HTTP, FTP, SMTP, DNS, and Telnet.
• Layer 6 (Presentation): Handles data translation, encryption/decryption, and compression, with examples like SSL/TLS, JPEG, and ASCII.
• Layer 5 (Session): Establishes, manages, and ends sessions, with examples like NetBIOS and RPC.
• Layer 4 (Transport): Provides end-to-end communication and flow control, using protocols like TCP and UDP.
• Layer 3 (Network): Handles routing and logical addressing, using protocols like IP, ICMP, and IPsec.
• Layer 2 (Data Link): Manages MAC addressing and error detection, using technologies like Ethernet, ARP, PPP, and Switches.
• Layer 1 (Physical): Transmits raw bits via cables and signals, utilizing Cables, NICs, Hubs, and RF.

Public Key Infrastructure (PKI)

• PKI is a framework for managing digital certificates and public-key encryption.
• PKI uses asymmetric encryption, which relies on a public and private key pair.
• A digital certificate is an electronic document that proves ownership of a public key, issued and signed by a Certificate Authority (CA).
• A Certificate Authority (CA) issues, validates, and revokes digital certificates.
• A Registration Authority (RA) verifies user identity before certificates are issued by the CA.
• A CSR (Certificate Signing Request) is a request generated by an entity to apply for a digital certificate from a CA.
• The public key in PKI encrypts data or verifies digital signatures.
• The private key in PKI decrypts data or creates digital signatures.
• A CRL (Certificate Revocation List) is a list published by the CA containing revoked certificates that should no longer be trusted.
• OCSP (Online Certificate Status Protocol) is a real-time protocol for checking the revocation status of a digital certificate.
• Key escrow involves a trusted third party securely storing private encryption keys for recovery or legal access.
• A Root CA is the top-level authority and is self-signed.
• An Intermediate CA is subordinate and signs end-entity certificates.
• Digital signatures are used for integrity, authentication, and non-repudiation.
• A Wildcard Certificate applies to all subdomains of a domain (e.g., *.example.com).
• A SAN (Subject Alternative Name) Certificate is used for multiple domains or services on one certificate.
• The hierarchical trust model is based on a central authority, where the Root CA signs Intermediate CAs.
• The web of trust model is decentralized and peer-based, used in PGP, and relies on individuals signing each other's keys.
• PKI is an asymmetric system that uses a public and private key pair.
• Digital certificates are typically encoded in X.509 format.

AES Versions

• AES-128: Uses a 128-bit key size and a 128-bit block size.
• AES-192: Uses a 192-bit key size and a 128-bit block size.
• AES-256: Uses a 256-bit key size and a 128-bit block size.