Understanding Security+ Ports
If you’re planning to take the Security exam you should have a basic understanding of Security+ ports. Questions continue to appear in the Security+ exam.
There are 65,536 TCP and 65, 536 UDP ports. The first 1024 (0 to 1023) are well known ports and commonly used with default protocols. For example, the default port for HTTP is port 80 and the default port for HTTPS is 443.
Understanding Port Usage
Here’s a short explanation of how the ports were used when you accessed this Web page. When you clicked a link for the blog, your computer created the request and put it into a packet with source and destination IP addresses and ports. The IP address of GetCertifiedGetAhead.Com (the destination) is 184.108.40.206 and since HTTP is used, the destination port is 80.
Your computer then identified an unused port in the dynamic and private port range (49,152 to 65,535) and mapped it to your Web browser for this request. For this explanation, imagine that it picked 49,152. Additionally, imagine that your computer (the source) has an IP address of 220.127.116.11. Here’s what we have:
- Destination IP: 18.104.22.168 (the GetCertifiedGetAhead.Com server)
- Destination Port: 80
- Source IP: 22.214.171.124 (the client’s system)
- Source Port: 49152
Another way of looking at the destination port from the client’s perspective is that it is an outgoing port. If you want to block outgoing HTTP traffic, you can block port 80 at your network firewall. On the other hand, the source IP is an incoming port from the server’s perspective. If you want to block incoming HTTP traffic, you can block incoming port 80.
TCP/IP then used the destination IP to get the packet to the GetCertifiedGetAhead.Com Web server. When the server received the packet, it looked at the destination port (80) and sent the packet to the service handing the HTTP protocol (the Web server application).
The Web server formatted the Web page, and sent it back to your computer. In this case, the destination IP addresses and ports are swapped and would look like this:
- Destination IP: 126.96.36.199 (the client’s system)
- Destination Port: 49152
- Source IP: 188.8.131.52 (the GetCertifiedGetAhead.Com server)
- Source Port: 80
TCP/IP used the destination IP to get the packet back to your system. When the packet arrived, your system looked at the destination port and saw that it is mapped to your Web browser. It then forwarded the packet to your Web browser to display. Of course, the Web page may have been sent in several packets, but each packet used the same process.
Know These Security+ Ports
Ports are used the same way for multiple services. Some of the common ports you should know are:
Remember, you can memorize these ports and then write them down as you start the test. If you get any port questions, you only need to look down at your notes to answer the question.
Here’s another link on Security+ ports that breaks down the ports in different categories and also identifies if they use TCP or UDP.