CompTIA Security Plus Mock Test Q1058

Which of the following protocols is the security administrator observing in this packet capture?
12:33:43, SRC 192.168.4.3:3389, DST 10.67.33.20:8080, SYN/ACK

A. HTTPS
B. RDP
C. HTTP
D. SFTP

Correct Answer: B
Section: Cryptography

Explanation:
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network
connection.
Example of RDP tracing output:
No. Time Delta Source Destination Protocol Length Info
5782, 2013-01-06 09:52:15.407, 0.000, SRC 10.7.3.187, DST 10.0.107.58, TCP, 62, 3389 > 59193 [SYN, ACK]

Incorrect Answers:
A: The HTTPS packet format does not include SRC, DST and SYN/ACK attributes.
C: The HTTP packet format does not include SRC, DST and SYN/ACK attributes.
D: The SFTP packet format does not include SRC, DST and SYN/ACK attributes.

References:
http://en.wikipedia.org/wiki/Remote_Desktop_Protocol
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 75, 76, 274