Studied by 0 people
What is the difference between TCP and UDP?
TCP: This stands for Transmission Control Protocol. This is connection-oriented, reliable delivery and allows for flow control.
UDP: This stands for User Datagram Protocol. This is connectionless, unreliable delivery and no flow control.
Port 20/21
FTP (File Transfer Protocol). Used for file transferring between devices and uses a username/password to authenticate.
Port 22
SSH (Secure Shell). Used for encrypted communication.
SFTP (Secure File Transfer Protocol). Uses SSH to transfer data securely from one device to another through encrypted communication.
Port 23
Telnet. Similar to SSH, this is unencrypted and data is in a clear communication.
Port 25
SMTP (Simple Mail Transfer Protocol). Used to send email from server to server or from client to mail server through plaintext.
Port 587
SMTPS (Simple Mail Transfer Protocol Secure). Similar to SMTP, this sends email securely through TLS security.
Port 53
DNS (Domain Name System). Protocol used to resolve domain names into IP Addresses. This also uses UDP.
Port 67/68
DHCP (Dynamic Host Configuration Protocol). This protocol automatically assigns IP addresses. This also uses UDP.
Port 69
TFTP (Trivial File Transfer Protocol). This protocol uses no authentication for file transfers and is used usually with transferring configuration files. This uses UDP as well.
Port 80
HTTP (Hyper Text Transfer Protocol). The most common protocol when accessing a website or using a browser. Sends data in cleartext.
Port 443
HTTPS (Hyper Text Transfer Protocol Secure) This protocol is the secure version of HTTP. Uses either SSL or TLS to encrypt data.
Port 123
NTP (Network Time Protocol). This protocol syncs time clocks on all devices on a network. This uses UDP as well.
Port 161/162
SNMP (Simple Network Management Protocol). This protocol is used for monitoring and managing devices on a network. This also uses UDP.
Port 389
LDAP. (Lightweight Directory Access Protocol). This protocol is used to access directory services like Active Directory.
Port 636
LDAPS (Lightweight Directory Access Protocol over SSL). Secure version of LDAP that uses SSL for encryption.
Port 445
SMB (Server Message Block). This protocol is used by Microsoft and is used for file sharing and printer sharing in Windows networks.
Port 514
Syslog. This protocol is used for sending system log messages to a central server for monitoring and analysis. This also uses UDP.
Port 1433
SQL (Structured Query Language). This protocol is used for communication with Microsoft SQL Server databases.
Port 3389
RDP (Remote Desktop Protocol). This protocol is used to establish remote connections from one PC to another and to control that remote computer.
Port 5060/5061
SIP (Session Initiation Protocol). This protocol is used to set up, manage and terminate VOIP sessions.
In terms of IP Protocols, what is ICMP?
ICMP (Internet Control Message Protocol) is used for network diagnostics and error reporting. The most common commands uses are “ping” and “traceroute”.
In terms of IP Protocols, what is GRE?
GRE (Generic Routing Encapsulation) is a tunneling protocol that encapsulates (wraps) network packets inside IP packets. This however provides no encryption and usually used with IPSEC for security.
In terms of IP Protocols, what is IPSEC?
IPSEC (Internet Protocol Security) offers authentication and encryption for secure communication over IP networks.
In IPSEC, what are the 2 protocols that are used?
AH (Authentication Header): Provides data integrity and authentication, but not encryption.
ESP(Encapsulating Security Payload): Provides encryption and optional authentication.
In terms of IPSEC, what does IKE do?
IKE (Internet Key Exchange) is used to establish the connection between 2 devices and agreeing on the encryption and decryption key. This uses the Diffe-Hellman to create the shared key.
In terms of IKE, what is used to create the shared key?
The Diffe-Hellman system is used to create the shared key.
Match the following traffic types with their definitions:
Traffic Type:
Unicast
Multicast
Anycast
Broadcast
Definition:
One-to-nearest communication. Packet is sent from one source to the “nearest” destination which is based off routing protocols.
One-to-one communication. Packet is sent from one source to one destination.
One-to-all communication. Packet is sent from one source to all devices on the local network.
One-to-many communication. Packet is sent from one source to a specific group of destinations. Only devices that join this group receive the packet.
Unicast: One-to-one communication. Packet is sent from one source to one destination.
Multicast: One-to-many communication. Packet is sent from one source to a specific group of destinations. Only devices that join this group receive the packet.
Anycast: One-to-nearest communication. Packet is sent from one source to the “nearest” destination which is based off routing protocols.
Broadcast: One-to-all communication. Packet is sent from one source to all devices on the local network.
