CompTIA Security Plus Mock Test Q870

A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?

A. RADIUS
B. TACACS+
C. Kerberos
D. LDAP

Correct Answer: B
Section: Access Control and Identity Management

Explanation:
TACACS makes use of TCP port 49 by default.

Incorrect Answers:
A: RADIUS makes use of UDP only.
C, D: Kerberos and LDAP do not make use of TCP port 49.

References:
http://en.wikipedia.org/wiki/TACACS
http://en.wikipedia.org/wiki/RADIUS
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers