Chapter 1 - section 1.4 - Explain common networking ports, protocols, services, and traffic types.

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/30

flashcard set

Earn XP

Description and Tags

section 1.4

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

31 Terms

1
New cards

Objective

Protocols Ports

• File Transfer Protocol (FTP) 20/21

• Secure File Transfer Protocol (SFTP) 22

• Secure Shell (SSH) 22

• Telnet 23

• Simple Mail Transfer Protocol (SMTP) 25

• Domain Name System (DNS) 53

• Dynamic Host Configuration Protocol (DHCP) 67/68

• Trivial File Transfer Protocol (TFTP) 69

• Hypertext Transfer Protocol (HTTP) 80

• Network Time Protocol (NTP) 123

• Simple Network Management Protocol (SNMP) 161/162

• Lightweight Directory Access Protocol (LDAP) 389

• Hypertext Transfer Protocol Secure (HTTPS) 443

• Server Message Block (SMB) 445

• Syslog 514

• Simple Mail Transfer Protocol Secure (SMTPS) 587

• Lightweight Directory Access Protocol over SSL (LDAPS) 636

Internet Protocol (IP) types

• Internet Control Message Protocol (ICMP)

• Transmission Control Protocol (TCP)

• User Datagram Protocol (UDP)

• Generic Routing Encapsulation (GRE)

• Internet Protocol Security (IPSec)

- Authentication Header (AH)

- Encapsulating Security Payload (ESP)

- Internet Key Exchange (IKE)

Traffic types

• Unicast

• Multicast

• Anycast

• Broadcast

2
New cards

File Transfer Protocol (FTP) – Ports 20/21

  • Used for transferring files

  • Port 21: control channel

  • Port 20: data channel

  • Insecure (cleartext credentials)

  • Replaced by secure alternatives in modern networks

3
New cards

Secure File Transfer Protocol (SFTP) – Port 22

  • Secure file transfer protocol

  • Runs over SSH

  • Encrypts authentication and data

  • Uses single port (22)

  • Preferred secure FTP replacement

4
New cards

Secure Shell (SSH) – Port 22

  • Secure remote administration

  • Encrypted command-line access

  • Replaces Telnet

  • Supports tunneling and file transfer

  • Common for server management

5
New cards
Telnet – Port 23
- Remote command-line access
- Sends data in cleartext
- Insecure and deprecated
- Replaced by SSH
- Still appears in exam questions
6
New cards
Simple Mail Transfer Protocol (SMTP) – Port 25
- Sends email between servers
- Also used by clients to send mail
- Does not retrieve email
- Insecure by default
- Often paired with SMTPS
7
New cards
Domain Name System (DNS) – Port 53
- Resolves domain names to IP addresses
- Uses UDP for queries
- Uses TCP for zone transfers
- Critical core network service
- Failure causes widespread outages
8
New cards
Dynamic Host Configuration Protocol (DHCP) – Ports 67/68
- Automatically assigns IP configuration
- Server: Port 67
- Client: Port 68
- Uses UDP
- Provides IP, subnet mask, gateway, DNS
9
New cards
Trivial File Transfer Protocol (TFTP) – Port 69
- Simple file transfer protocol
- Uses UDP
- No authentication or encryption
- Used for network device boot files
- Lightweight and fast
10
New cards
Hypertext Transfer Protocol (HTTP) – Port 80
- Transfers web content
- Stateless protocol
- Data sent in cleartext
- Commonly redirected to HTTPS
- Application-layer protocol
11
New cards
Network Time Protocol (NTP) – Port 123
- Synchronizes system clocks
- Uses UDP
- Critical for logs, security, authentication
- Time drift can cause failures
- Uses hierarchical time sources
12
New cards
Simple Network Management Protocol (SNMP) – Ports 161/162
- Network monitoring and management
- Port 161: queries
- Port 162: traps/alerts
- Versions: v1, v2c (insecure), v3 (secure)
- Uses community strings or encryption
13
New cards
Lightweight Directory Access Protocol (LDAP) – Port 389
- Directory services authentication
- Stores users and objects
- Cleartext by default
- Used with Active Directory
- Secured using LDAPS
14
New cards
Hypertext Transfer Protocol Secure (HTTPS) – Port 443
- Secure web communication
- Uses SSL/TLS encryption
- Ensures confidentiality and integrity
- Default for modern websites
- Application-layer protocol
15
New cards
Server Message Block (SMB) – Port 445
- File and printer sharing
- Used in Windows environments
- Supports authentication and permissions
- Target of many attacks
- Application-layer protocol
16
New cards
Syslog – Port 514
- Centralized logging protocol
- Uses UDP by default
- Sends event messages
- Critical for monitoring and auditing
- Common on network devices
17
New cards
Simple Mail Transfer Protocol Secure (SMTPS) – Port 587
- Secure email submission
- Uses TLS encryption
- Preferred over SMTP port 25
- Used by email clients
- Improves email security
18
New cards
Lightweight Directory Access Protocol Secure (LDAPS) – Port 636
- Secure version of LDAP
- Uses SSL/TLS encryption
- Protects credentials
- Used with directory services
- Application-layer protocol
19
New cards
Internet Control Message Protocol (ICMP)
- Used for network diagnostics
- Reports errors and status
- Used by ping and traceroute
- Does not carry user data
- Network-layer protocol
20
New cards
Transmission Control Protocol (TCP)
- Reliable, connection-oriented protocol
- Ensures delivery and order
- Uses acknowledgments and retransmission
- Higher overhead than UDP
- Data unit: Segments
21
New cards
User Datagram Protocol (UDP)
- Connectionless protocol
- Fast but unreliable
- No acknowledgments
- Used for streaming and DNS
- Data unit: Segments
22
New cards
Generic Routing Encapsulation (GRE)
- Tunneling protocol
- Encapsulates multiple protocols
- No encryption by itself
- Often paired with IPSec
- Used in VPNs
23
New cards
IPSec
- Secures IP communications
- Provides confidentiality, integrity, authentication
- Operates at Network layer
- Common in VPNs
- Uses AH and ESP
24
New cards
IPSec Authentication Header (AH)
- Provides authentication and integrity
- Does NOT encrypt data
- Protects packet headers
- Less commonly used
- Part of IPSec suite
25
New cards
IPSec Encapsulating Security Payload (ESP)
- Provides encryption, authentication, integrity
- Encrypts payload
- Most commonly used IPSec mode
- Used in VPN tunnels
- Stronger than AH
26
New cards
Internet Key Exchange (IKE)
- Manages IPSec keys
- Negotiates security associations
- Uses UDP ports 500 and 4500
- Automates secure key exchange
- Required for IPSec VPNs
27
New cards
Unicast Traffic
- One-to-one communication
- Most common traffic type
- Example: web browsing
- Sent to a single destination
- Efficient for individual communication
28
New cards
Multicast Traffic
- One-to-many communication
- Uses special multicast addresses
- Efficient for streaming
- Reduces bandwidth usage
- Requires multicast support
29
New cards
Anycast Traffic
- One-to-nearest communication
- Sent to closest destination
- Used for DNS and CDNs
- Improves performance
- Uses same IP on multiple servers
30
New cards
Broadcast Traffic
- One-to-all communication
- Sent to all devices in network
- High bandwidth usage
- Limited to local network
- Often restricted or minimized
31
New cards
Protocols & Networking Concepts – Exam Questions (Sample)
- Q: Which protocol securely replaces Telnet?
- A: SSH
- Q: DNS uses which port and protocol?
- A: Port 53, UDP (TCP for zone transfers)
- Q: Which IPSec component provides encryption?
- A: ESP
- Q: Best traffic type for one-to-nearest delivery?
- A: Anycast
- Q: TCP vs UDP key difference?
- A: TCP is reliable, UDP is fast