CompTIA Security Plus Mock Test Q1597

While responding to an incident on a new Windows server, the administrator needs to disable unused services. Which of the following commands can be used to see processes that are listening on a TCP port?

A. IPCONFIG
B. Netstat
C. PSINFO
D. Net session

Correct Answer: B
Section: Mixed Questions

CompTIA Security Plus Mock Test Q870

A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?

A. RADIUS
B. TACACS+
C. Kerberos
D. LDAP

Correct Answer: B
Section: Access Control and Identity Management

Explanation:
TACACS makes use of TCP port 49 by default.

Incorrect Answers:
A: RADIUS makes use of UDP only.
C, D: Kerberos and LDAP do not make use of TCP port 49.

References:
http://en.wikipedia.org/wiki/TACACS
http://en.wikipedia.org/wiki/RADIUS
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

CompTIA Security Plus Mock Test Q145

A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO).

A. 22
B. 135
C. 137
D. 143
E. 443
F. 3389

Correct Answer: A,F
Section: Network Security

Explanation:
A secure remote administration solution and Remote Desktop protocol is required. Secure Shell (SSH) is a secure remote administration solution and makes use of TCP port 22. Remote Desktop Protocol (RDP) uses TCP port 3389.

Incorrect Answers:
B: Port 135 is used by Microsoft EPMAP (End Point Mapper), also known as DCE/RPC Locator service, which is used to remotely manage services including DHCP server, DNS
server and WINS.
C: NetBIOS Name Service uses TCP port 137.
D: Internet Message Access Protocol v4 (IMAP4) uses TCP port 143.
E: HTTPS uses TCP port 443

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 51, 52
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

CompTIA Security Plus Mock Test Q138

Which of the following ports should be used by a system administrator to securely manage a remote server?

A. 22
B. 69
C. 137
D. 445

Correct Answer: A
Section: Network Security

Explanation:
Secure Shell (SSH) is a more secure replacement for Telnet, rlogon, rsh, and rcp. SSH can be called a remote access or remote terminal solution. SSH offers a means by which a command-line, text-only interface connection with a server, router, switch, or similar device can be established over any distance. SSH makes use of TCP port 22.

Incorrect Answers:
B: Port 69 is used by TFTP.
C: NetBIOS uses port 137.
D: Port 445 is used by Microsoft-DS.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 51
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

CompTIA Security Plus Mock Test Q135

By default, which of the following uses TCP port 22? (Select THREE).

A. FTPS
B. STELNET
C. TLS
D. SCP
E. SSL
F. HTTPS
G. SSH
H. SFTP

Correct Answer: D,G,H
Section: Network Security

Explanation:
G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22.
H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22.

Incorrect Answers:
A: FTPS stands for File Transfer Protocol – Secure. FTPS is similar to SFTP in that it is used to securely transfer files. The difference between the two is the encryption protocol used.
FTPS uses the SSL or TLS cryptographic protocols and therefore uses port 443.
B: STelnet stands for secure telnet. STelnet uses SSL by default and therefore uses port 443.
C: TLS (Transport Layer Security) is a successor to SSL and uses port 443.
E: SSL (Secure Sockets Layer) uses port 443.
F: HTTPS (Hypertext transfer protocol – secure) is used by web sites to encrypt and security transmit data. HTTPS uses the SSL or TLS cryptographic protocols and therefore uses
port 443.

References:
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers