Security+ Ports

Posted by in Security+ | 10 comments

If you’re planning to take the CompTIA Security+ exam you should have many of the well-known ports memorized. Objective 1.5 “Identify commonly used default network ports” for the CompTIA Security+ exam lists several protocols and you should know the ports used for each of these.

If you understand ports, skip ahead to the relative tables.

Well Known Ports

Well known port numbers are matched to specific protocols and when you see the port, you should be able to identify the protocol. Sometimes you may be given the protocol and be required to identify the port. There are 1024 well known TCP and UDP ports (numbered 0 through 1023) but you don’t need to memorize them all. You should know the ports in the tables on this page.

Logical Ports

The well-known ports are logical ports and have nothing to do with physical ports. For example, TCP port 80 is the port used for Hypertext Transfer Protocol (HTTP) and TCP port 443 is the port used for Hypertext Transfer Protocol Secure (HTTPS).

In contrast, a physical port on a switch or router is used to make a physical connection between devices. You can touch the physical port while the logical port is simply a number embedded in the packet.

Every packet has both a source port and a destination port along with a source IP address and a destination IP address. The IP address is used to get the packet to the destination system and when the packet is received, TCP/IP uses the port information to determine how to handle the packet. This blog on Understanding Ports for Security+ describes the process of how logical ports are used in more detail.

Pass the Security+ exam the first time you take it:
CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

TCP and UDP

Each of these logical ports are technically identified as either a Transmission Control Protocol (TCP) port or a User Datagram Protocol (UDP) port depending on which transport protocol they use. When preparing for the Security+ exam, you should be aware of some of the protocols that use UDP instead of TCP.

If the protocol requires the benefits of TCP such as guaranteed delivery, it will use the TCP port. For example, web traffic using Hypertext Transfer Protocol (HTTP) uses TCP because web pages will not display properly if some of the packets aren’t received. TCP tracks all the packets and if one is lost, it sends a request to have it resent. This takes a little longer, but provides the assurance that all packets are received.

Some protocols use only the UDP port. For example, Trivial File Transport Protocol (TFTP) uses UDP port 69 but not TCP port 69.

Other protocols will use both TCP and UDP, depending on the purpose. For example, Domain Name System (DNS) will normally use UDP port 53 when responding to typical name resolution requests from clients. However, when one DNS server is transferring data to another DNS server, it will typically use TCP port 53.

The tables on this page specify whether a protocol uses TCP, UDP, or both. If you want to know specifically which transport protocol is used for other protocols, check out Wikipedia’s list of TCP and UDP port numbers.

Interestingly, Internet Assigned Numbers Authority (IANA) previously identified which transport protocol was used for each port in their Service Name and Transport Protocol Port Number Registry . However, they seem to have defaulted to just listing both TCP and UDP for each port. For example, Telnet (defined in RFC 854) only uses TCP port 23, not UDP. However, IANAs port number registry lists both TCP and UDP for Telnet.

Realistic practice test questions for the Network+ exam
CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead)

Network+ N10-006 Practice Test Questions

Pass the Network+ Exam (N10-006) The First Time You Take It

At  $277, this exam is expensive.

Make sure you're ready before exam day!

Full bank of at least 293* realistic multiple choice practice test questions with in-depth explanations to help you pass the Network+ exam the first time you take it. This set also includes several performance-based questions.

 Network+ Study Materials

30 Day Package 60 Day Package
Full bank of more than 293* N10-006 Network+ practice test questions.All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect. Check Check
Performance-based QuestionsSeveral sets of performance-based questions. Question types include drag and drop, matching, and sorting type questions. See a demo here. checksm checksm

Bonus #1

Flashcard Set
  • 200 Network+ Flashcards to reinforce key testable concepts
  • View in random and non-random modes.
checksm

Bonus #2

Subnetting mini-tutorial that will help you answer two key question types
  • Identify how many hosts a subnet supports
  • Identify valid IP addresses within a subnet
checksm

Get the Network+ Study Materials Here

All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect. This way no matter how CompTIA words the questions, you'll be able to answer them correctly. Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation.
  • Test mode. In test mode, you can only see the correct answers and explanations after you complete the test.
This package allows you to go through the practice test questions in multiple ways based on how you learn best.
  • Domain 1 through 5** using Learn Mode
  • Domain 1 through 5 using Test Mode (Randomized)
  • The full bank of test questions using Learn Mode
  • The full bank of questions using Test Mode (Randomized)

Test your readiness with these quality questions

Understand the important important concepts using the explanations

 Network+ Study Materials

30 Day Package 60 Day Package
Full bank of more than 293* N10-006 Network+ practice test questions.All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect. Check Check
Performance-based QuestionsSeveral sets of performance-based questions. Question types include drag and drop, matching, and sorting type questions. See a demo here. checksm checksm

Bonus #1

Flashcard Set
  • 200 Network+ Flashcards to reinforce key testable concepts
  • View in random and non-random modes.
checksm

Bonus #2

Subnetting mini-tutorial that will help you answer two key question types
  • Identify how many hosts a subnet supports
  • Identify valid IP addresses within a subnet
checksm

Get the Network+ Study Materials Here

Package includes several sets of performance-based questions. Two sets are simulated performance-based questions. Another set includes multiple performance-based questions using drag and drop capabilities. I love the way these new questions work. Check out a demo here.

You don't need to spend a fortune to get quality practice test questions

If you're like most people, you've already spent money on one or more Network+ books or courses. Now you need to ensure you understand the concepts and how they are tested. You can pay $100 or more for practice test questions, but you don't need to.

The set of practice test questions will give you a view of typical multiple choice questions you can expect to see on the live exam.

Get Certified Get Ahead with Network+ Practice Test Questions

 Network+ Study Materials

30 Day Package 60 Day Package
Full bank of more than 293* N10-006 Network+ practice test questions.All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect. Check Check
Performance-based QuestionsSeveral sets of performance-based questions. Question types include drag and drop, matching, and sorting type questions. See a demo here. checksm checksm

Bonus #1

Flashcard Set
  • 200 Network+ Flashcards to reinforce key testable concepts
  • View in random and non-random modes.
checksm

Bonus #2

Subnetting mini-tutorial that will help you answer two key question types
  • Identify how many hosts a subnet supports
  • Identify valid IP addresses within a subnet
checksm

Get the Network+ Study Materials Here

Beware of questions that do not include explanations - many people have identified errors in these and even when there aren't errors, these types of questions encourage you to memorize answers instead of understanding the underlying concepts. * Don't you hate those little asterisks. Normally they mean "forget what you just read, it's not really true." Not so here though. The bank starts with 293 multiple choice practice test questions, but I'm still adding to them. There will be more. ** CompTIA identified five domains of objectives for the CompTIA Network+ exam. They are:
  • 1.0 Networking Architecture
  • 2.0 Network Operations
  • 3.0 Network Security
  • 4.0 Troubleshooting
  • 5.0 Industry Standards, Practices, and Network Theory

Practice Test Question

When you know the ports and understand the protocols, questions are much easier to answer. For example, consider this practice test question:

Q. What port do you need to close to block outgoing email?

A. TCP port 22

B. TCP port 25

C. TCP port 110

D. TCP port 443

Answer at the end of the blog.


Security+ Full Access Package

Get Certified Get Ahead Security+

Pass the First Time!

Up-to-date Content

New multiple-choice and performance-based questions added regularly

Pass the first time with quality practice test questions, performance-based questions, flashcards, and audio.

Buy The Full Access Study Package Today

60 Days Access For Only $55.98

Need more time? You can easily renew for another 60 days at a significantly reduced price.

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here

Our online Security+ study materials are the perfect complement to the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. They can also be used to help ensure you're ready no matter what study guide you're using.

This exam is expensive.

Make sure you're ready before exam day. 

Here's what you'll get:
  • All of the multiple-choice questions from the best-selling CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. See a demo here. All questions have full explanations so you'll know why the correct answers are correct and why the incorrect answers are incorrect.
  • Over 35 new multiple-choice questions we've added after publishing the study guide.
  • Over 70 performance-based questions. See a demo here.
  • All of the flashcards from the study guide. View them in any Web browser.
  • All of the audio from the study guide. Listen to a sample here.
  • A subnetting mini-tutorial to help you answer key question types in the Security+ exam.
  • Access to a free discount code for 10% off your Security+ voucher. Save $31.10 off the US retail cost for this voucher.

Buy The Full Access Study Package Today

60 Days Access For Only $55.98

All materials are available online shortly after making your payment.

Get the Security+ Full Access Study Package Here


Will You Be Tested on Ports?

It’s entirely possible that if you take the time to memorize these ports, you might not get any questions on them. It’s rare, but some test takers report not seeing a single question on ports. However, this knowledge is still valuable to you in the field.

It’s also entirely possible that if you don’t memorize them, you’ll get ten questions on ports and drop the exam due to this lack of knowledge. With this in mind, it’s worth your time to memorize these ports. If you’re tested on them, the questions will be “gimme” questions that you’ll breeze through easily.


Security+ Ports

When preparing for the Security+ exam, you should know the ports in the following tables. They are organized based on usage.

File Transfer Ports

The ports in this table are used with protocols that transfer files.

File Transfer Protocols TCP UDP Port
FTP – File Transport Protocol TCP 20, 21
SSH – Secure Shell TCP 22
SFTP – Secure File Transport Protocol (uses SSH) TCP 22
SCP – Secure Copy (uses SSH) TCP 22
TFTP – Trivial File Transport Protocol UDP 69
FTPS – File Transport Protocol Secure (uses SSL) TCP 443

Email Ports

The ports in this table are used with email related protocols.

Email Related Protocols TCP UDP Port
SMTP – Simple Mail Transport Protocol TCP 25
POP3 – Post Office Protocol version 3 TCP 110
IMAP4 – Internet message access protocol version 4 TCP 143

Master Security+ Performance Based Questions Video

Remote Access Ports

The ports in this table are associated with protocols used to connect to remote computers for various purposes.

Remote Access Protocols TCP UDP Port
Telnet TCP 23
TACACS – Terminal Access Controller Access-Control System UDP 49
TACACS+ TCP 49
SSL VPN – Secure Sockets Layer virtual private network TCP 443
ISAKMP (VPN) – Internet Security Association and Key Management Protocol (virtual private network) UDP 500
L2TP – Layer 2 Tunneling Protocol UDP 1701
PPTP – Point-to-Point Tunneling Protocol TCP UDP 1723
RDP – Remote Desktop Protocol TCP UDP 3389

Miscellaneous Ports

The ports in this table don’t fit neatly in any of the other categories but are still relevant.

Protocol TCP UDP Port
DNS – Domain Name System TCP UDP 53
DHCP – Dynamic Host Configuration Protocol UDP 67, 68
HTTP – Hypertext Transfer Protocol TCP 80
HTTPS – Hypertext Transfer Protocol Secure TCP 443
Kerberos TCP UDP 88
NNTP – Network News Transfer Protocol TCP 119
SNMP – Simple Network Management Protocol UDP 161
SNMP Trap – Simple Network Management Protocol Trap TCP UDP 162
LDAP – Lightweight Directory Access Protocol TCP UDP 389
Syslog UDP 514

Practice Test Question Answer

Q. What port do you need to close to block outgoing email?

A. Port 22

B. Port 25

C. Port 110

D. Port 443

Answer: B

TCP port 25 is used for SMTP and SMTP is used for outgoing email.

TCP port 22 is used for SSH, SFTP, and SCP but not for email.

TCP port 110 is used for POP3 but POP3 is only used for incoming email, not outgoing email.

TCP port 443 is used for HTTPS, not email.

Summary

There are 1024 well known TCP and UDP ports, numbered 0 through 1023. You don’t need to memorize them all but you should know some of the common port numbers when preparing for the Security+ exam. You should also know which protocols have a preference of TCP over UDP. These concepts are covered in more depth in the CompTIA Security+: Get Certified Get Ahead- SY0-401 Practice Test Questions.

Good luck.

Security+ Practice Test Questions

SYO-401 Practice Test Questions Now Available

Over 440 realistic Security+ practice test questions

All questions include explanations so you'll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Pass the Security+ Exam

the First Time You Take It

Multiple quiz formats to let you use these questions based on the way you learn.
  • Learn mode - randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Learn mode - not randomized. View each of the questions in the same order. Use this if you want to make sure that you see all of the questions. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you'll see the explanation. Click here to see how learn mode works.
  • Test mode - randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - not randomized. View each of the questions in the same order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
  • Test mode - 100 random questions. View 100 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 100 multiple choice questions. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.

Get the full bank of Security+ Practice Test Questions Here

 SYO-401 Practice Test Questions Now Available


INCLUDES QUESTIONS TO HELP YOU PREPARE

FOR THE NEW PERFORMANCE BASED QUESTIONS 

Bonus - Performance Based Questions

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL).  You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 6

You'll see a list of security controls along with a graphic showing devices and locations within an organization, along with instructions on what you might be required to do on the actual exam to match the controls with the devices and locations. You'll then have four questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 7

You'll see a list of authentication methods and authentication factors along with instructions on what you might be required to do on the actual exam to match the authentication methods with the authentication factors. You'll then have six questions that test your knowledge and ability to correctly answer the questions. This set also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 8

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This is similar to Set 2 but expands on the possibilities. The set also includes a link to a page showing the end solution for the overall performance based question simulation.

New - Performance Based Question - Set 9

New questions recently added using a different testing engine. See a demo here. This set includes drag and drop and matching questions on ports.

New - Performance Based Question - Set 10

A random set of 20 performance-based questions using drag and drop, matching, sorting, and fill in-the blank. This set includes performance-based questions on RAID.

Get the full bank of Security+ Practice Test Questions Here

Get the full bank of Security+ Practice Test Questions

Simulated Performance-based Questions

Bonus - Performance Based Questions

Simulated performance-based questions included with all

packages that include practice test questions.

Additional Security+ questions to help you prepare for the new performance based questions. These are included with the full bank of Security+ practice test questions and are divided into different sections. For example, you'll have access to the following links:

- Performance Based Question - Set 1

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of security to mobile devices and servers in a data center. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 2

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 3

You'll see a graphic showing a network with computers and servers separated by a firewall. The firewall is used to control traffic between the computers and users using rules within an access control list (ACL).  You'll have three questions that test your knowledge and ability to correctly identify the relevant components of the rule. The incorrect answers and explanation provide you with insight into how to correctly answer this type of question on the actual exam.

- Performance Based Question - Set 4

You'll see a graphic explaining what you might be required to do on the actual exam related to what a forensic analyst would do during an investigation. You'll then have two questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 5

You'll see a graphic explaining what you might be required to do on the actual exam to match protocols and ports. You'll then have seven questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 6

You'll see a list of security controls along with a graphic showing devices and locations within an organization, along with instructions on what you might be required to do on the actual exam to match the controls with the devices and locations. You'll then have four questions that test your knowledge and ability to correctly answer the questions. This question also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 7

You'll see a list of authentication methods and authentication factors along with instructions on what you might be required to do on the actual exam to match the authentication methods with the authentication factors. You'll then have six questions that test your knowledge and ability to correctly answer the questions. This set also includes a link to a graphic showing the end solution for the overall performance based question simulation.

- Performance Based Question - Set 8

You'll see a graphic explaining what you might be required to do on the actual exam to match different types of attacks with the name of the attack type. You'll then have five questions that test your knowledge and ability to correctly answer the questions. This is similar to Set 2 but expands on the possibilities. The set also includes a link to a page showing the end solution for the overall performance based question simulation.

New - Performance Based Question - Set 9

New questions recently added using a different testing engine. See a demo here. This set includes drag and drop and matching questions on ports.

New - Performance Based Question - Set 10

A random set of 20 performance-based questions using drag and drop, matching, sorting, and fill in-the blank. This set includes performance-based questions on RAID.

Get the full bank of Security+ Practice Test Questions Here

Simulated performance-based questions included with

all packages that include practice test questions.

10 Comments

  1. A colleague took the exam today. And passed. One bit of info he shared was on his exam, knowing xxx wasn’t enough. The question wanted to know what xxx.

  2. Hello, I just had a question regarding SYS401.

    I noticed that in your textbook Security+ Get Certified Get Ahead, there is a table 3.1 that shows a list of well known ports. I’ve seen a list created by others that seemed much more extensive than the one you had. I was wondering just for the purpose of this exam, Security+, is the table listed in your textbook sufficient?

    Thank you in advanced!

  3. Hi Darril,
    I’m taking my Security+ exam this Thursday afternoon. In preparing for the Performance Based questions where you have to configure an ACL for a firewall, I”m a little confused regarding which ports are TCP and which are UDP. For example, in your chart above you list DNS which is port 53 as using TCP and UPD. I have your book as well as another book by Emmett Dulaney (CompTIA Security+ Study Guide, Fifth Edition), and in his book (page 37) he lists DNS as being port 53 UPD only. I’m concerned that on the exam I won’t know if a port is TCP, UPD, or both.

    Also, for configuring the firewall ACL, if a port uses both TCP and UPD, would you have to list a line in the ACL for TCP and a line for TCP? Would you also have to list Deny all at then end for implicit deny. This question relates to the exam.

    Thanks

    • Hi Joe,

      DNS uses both TCP and UDP. Queries to DNS for name resolution use UDP. However, when DNS servers transfer information between each other they use TCP.

      Can you tell me how to adjust the seat position on any car I might drive? You probably could, but there isn’t a single answer that covers them all. Instead, different car seats have different methods of adjusting them.

      Similarly, different firewalls have different methods.

      Some firewalls require separate allow lines in the ACL for both TCP and UDP.
      Others allow you to create a single line for a port using any protocol.

      Some firewalls require you to add a Deny All line at the end to enforce an implicit deny strategy.
      Other firewalls have this line built in and even when you don’t add the line, the firewall still enforces it.

      Good luck.

  4. Thanks for the list but I have a small issue regarding FTPS.
    From my research I thought FTPS uses either (TCP) 989 and (TCP) 990 (implicit mode) or Port 21 and 20 (via explicit mode)?
    But you have listed TCP 443?
    I’m confused?

    • This is one of those questions that really doesn’t have a right answer but from the perspective of the Security+ exam, there is a “correct” answer. This blog focuses on what you need for Security+.

      In the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide, I mention that “FTP uses port 20 for data and port 21 for control signals” and “some implementations of FTPS use ports 989 and 990.”

      FTPS uses SSL and SSL is commonly associated with port 443.

      Consider these three questions:

      Q. What port(s) does FTPS use?
      A. 443
      B. 1
      C. 2
      D. 3
      Obviously, to get the answer correct, you’d choose A though some people might disagree with the accuracy of the answer.

      Q. What port(s) does FTPS use?
      A. 989 and 990
      B. 1
      C. 2
      D. 3
      Obviously, to get the answer correct, you’d choose A though some people might suggest that the question should state “implicit mode.”

      Q. What port(s) does FTPS use?
      A. 20 and 21
      B. 1
      C. 2
      D. 3
      Obviously, to get the answer correct, you’d choose A though some people might suggest that the question should state “explicit mode.”

      All that said, your level of knowledge has expanded beyond what you need for the Security+ exam. If you move into the SSCP or CISSP exam, this extra knowledge is useful but I’d suggest you don’t let it stop you from seeing the “simple” answers on the Security+ exam.

  5. I just passed the Security + exam this morning in GA. I was presented the 70 question bank and the first 7 questions were simulations. Of the 7, the first 3 were straight forward port-related. The other 4 were much more detailed in an effort to test your network and configuration savvy. Flag them and come back. You will need the time, believe me. Darril, your book and plenty of practice test were all that was needed in a committed 2 to 3 month plan from scratch. Thank you. Where can I go from here to develop and hone my security skills?

Leave a Comment

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.