While responding to an incident on a new Windows server, the administrator needs to disable unused services. Which of the following commands can be used to see processes that are listening on a TCP port?
A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?
A. RADIUS B. TACACS+ C. Kerberos D. LDAP
Correct Answer: B Section: Access Control and Identity Management
TACACS makes use of TCP port 49 by default.
A: RADIUS makes use of UDP only.
C, D: Kerberos and LDAP do not make use of TCP port 49.
A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO).
A. 22 B. 135 C. 137 D. 143 E. 443 F. 3389
Correct Answer: A,F Section: Network Security
A secure remote administration solution and Remote Desktop protocol is required. Secure Shell (SSH) is a secure remote administration solution and makes use of TCP port 22. Remote Desktop Protocol (RDP) uses TCP port 3389.
B: Port 135 is used by Microsoft EPMAP (End Point Mapper), also known as DCE/RPC Locator service, which is used to remotely manage services including DHCP server, DNS
server and WINS.
C: NetBIOS Name Service uses TCP port 137.
D: Internet Message Access Protocol v4 (IMAP4) uses TCP port 143.
E: HTTPS uses TCP port 443
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 51, 52
Which of the following ports should be used by a system administrator to securely manage a remote server?
A. 22 B. 69 C. 137 D. 445
Correct Answer: A Section: Network Security
Secure Shell (SSH) is a more secure replacement for Telnet, rlogon, rsh, and rcp. SSH can be called a remote access or remote terminal solution. SSH offers a means by which a command-line, text-only interface connection with a server, router, switch, or similar device can be established over any distance. SSH makes use of TCP port 22.
B: Port 69 is used by TFTP.
C: NetBIOS uses port 137.
D: Port 445 is used by Microsoft-DS.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 51
By default, which of the following uses TCP port 22? (Select THREE).
A. FTPS B. STELNET C. TLS D. SCP E. SSL F. HTTPS G. SSH H. SFTP
Correct Answer: D,G,H Section: Network Security
G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22.
H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22.
A: FTPS stands for File Transfer Protocol – Secure. FTPS is similar to SFTP in that it is used to securely transfer files. The difference between the two is the encryption protocol used.
FTPS uses the SSL or TLS cryptographic protocols and therefore uses port 443.
B: STelnet stands for secure telnet. STelnet uses SSL by default and therefore uses port 443.
C: TLS (Transport Layer Security) is a successor to SSL and uses port 443.
E: SSL (Secure Sockets Layer) uses port 443.
F: HTTPS (Hypertext transfer protocol – secure) is used by web sites to encrypt and security transmit data. HTTPS uses the SSL or TLS cryptographic protocols and therefore uses