If you’re planning on taking the Security+ you should have a basic understanding of logical ports. Questions continue to appear in the SY0-401 exam, just as they appeared in the SY0-201 exam and the SY0-301 exam, they are sometimes different.
There are 65,536 TCP and 65, 536 UDP ports. The first 1024 (0 to 1023) are well known ports and commonly used with default protocols. For example, the default port for HTTP is port 80 and the default port for HTTPS is 443.
Here’s a short explanation of how the ports were used when you accessed this Web page. When you clicked a link for the blog, your computer created the request and put it into a packet with source and destination IP addresses and ports. The IP address of forums.getcertifiedgethead.com (the destination) is 220.127.116.11 and since HTTP is used, the destination port is 80.
Your computer then identified an unused port in the dynamic and private port range (49,152 to 65,535) and mapped it to your Web browser for this request. For this explanation, imagine that it picked 49,152. Additionally, imagine that your computer (the source) has an IP address of 18.104.22.168. Here’s what we have:
- Destination IP: 22.214.171.124 (the forums.getcertifiedgethead.com server)
- Destination Port: 80
- Source IP: 126.96.36.199 (the client’s system)
- Source Port: 49152
Another way of looking at the destination port from the client’s perspective is that it is an outgoing port. If you want to block outgoing HTTP traffic, you can block port 80 at your network firewall. On the other hand, the source IP is an incoming port from the server’s perspective. If you want to block incoming HTTP traffic, you can block incoming port 80.
TCP/IP then used the destination IP to get the packet to the forums.getcertifiedgethead.com Web server. When the server received the packet, it looked at the destination port (80) and sent the packet to the service handing the HTTP protocol (the Web server application).
The Web server formatted the Web page, and sent it back to your computer. In this case, the destination IP addresses and ports are swapped and would look like this:
- Destination IP: 188.8.131.52 (the client’s system)
- Destination Port: 49152
- Source IP: 184.108.40.206 (the certapps.com server)
- Source Port: 80
TCP/IP used the destination IP to get the packet back to your system. When the packet arrived, your system looked at the destination port and saw that it is mapped to your Web browser. It then forwarded the packet to your Web browser to display. Of course, the Web page may have been sent in several packets, but each packet used the same process.
Ports are used the same way for multiple services. Some of the common ports you should know are:
Remember, you can memorize these ports and then write them down as you start the test. If you get any port questions, you only need to look down at your notes to answer the question.
Other Security+ Study Resources
- Security+ blogs organized by categories
- Security+ blogs with free practice test questions
- Security+ blogs on new performance-based questions
- Mobile Apps: Apps for mobile devices running iOS or Android
- Audio Files: Learn by listening with over 6 hours of audio on Security+ topics
- Flashcards: 494 Security+ glossary flashcards, 222 Security+ acronyms flashcards and 223 Remember This slides
- Quality Practice Test Questions: Over 300 quality Security+ practice test questions with full explanations
- Full Security+ Study Packages: Quality practice test questions, audio, and Flashcards