Saturday, March 10, 2012

Network+ Practice Test Questions

Network+ practice test questions are now available in the Get Certified Get Ahead series for only $9.99. Use these to help you take and pass the Network+ exam the first time you take it. The book includes:
  • 275 realistic practice test questions
  • Over 175 flash cards
Each practice test question includes in-depth explanations to help you understand why the correct answer is correct and why the incorrect answers are incorrect. Master this content and no matter how CompTIA words the questions, you'll be able to correctly answer them correctly.
The book is organized in five chapters matching the five Network+ domains:
  • Network Concepts
  • Network Installation and Configuration
  • Network Media and Topologies
  • Network Management
  • Network Security
The introduction includes details on the exam to give you an idea of what to expect such as the passing score, time to take the exam, and how to register.

Each chapter includes four sections to meet the needs and learning styles of different users. You can go through the questions in quiz mode and see the answers on the next Kindle screen, go through them without the answers readily available, or read them with the answers and explanations on the same screen. You can choose what works best for you.

Quiz Mode Section

This section includes practice test questions including answers formatted specifically for the Kindle. One screen shows the question. When you decide what you think is the correct answer, go to the next screen to see the correct answer and the in-depth explanation. If the question or answers include an acronym, you'll see it spelled out in the explanation to help you remember what it is.

Flash Cards

These flash cards are formatted specifically for the Kindle to help reinforce important concepts. One screen shows a flash card type question and the next screen shows the answer. If a flash card question or answer includes an acronym, you'll see it spelled out in the answer to help you remember what it is.

Practice Test Questions Without Answers

This section repeats the questions in the quiz mode section but the answers are not readily available. You can use this to test yourself to see if you know why the correct
answers are correct, and why the incorrect answers are incorrect.

Practice Test Questions with Answers

This section combines the questions, answers, and explanations so you can use it as a last minute review for any of the domains.
Pass the Security+ exam the first time you take it
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Free Kindle Apps Available

While the Kindle are great for reading, you don't need one to use this eBook. Amazon has created free applications you can use on just about any platform including:
  • Windows PC
  • MAC
  • Android
  • iPhone
  • iPad
  • BlackBerry
  • Windows Phone 7
You can also read books in some web browsers through the Kindle Cloud Reader.

Mobile App Coming Soon

The folks at LearnZapp are working on a mobile app with this content too. The mobile app includes an interactive test engine and will be available for the following platforms:
  • iOS devices including iPhones and iPads
  • Android devices
  • Barnes and Noble Nook
  • BlackBerry
The Network+ app will be using the same format as their successful Security+ app.

Summary

If you're studying for the Network+ N10-005 exam and want a resource to help you take and pass the exam the first time you take it, check out the CompTIA Network+ N10-005 Practice Test Questions (Get Certified Get Ahead). At only $9.99 it's a steal.
Posted by at 3:56 AM 0 comments Links to this post
Reactions: 

Wednesday, March 7, 2012

Taking Action for Success

"Only action is action."
— Brian Tracy
The third step to achieve success with any worthwhile goal you desire is to take action. It sounds simple to say that you need to take action to achieve your goals, but it is also a step that stops many people in their tracks. Many people have great ideas related to their goals but they don’t take action and their ideas slip away.

This is part of a four article series outlining the steps to achieve success with any worthwhile goal you desire.
If you’ve set a goal, written it down, and think about it regularly, ideas to achieve it will come in different forms of inspiration. Inspiration ignites ideas that will burn brightly for a short time and if you’re willing to embrace the ideas with action you can convert them into success. However, if you just allow yourself to be momentarily amused by the inspirational spark, these ideas will fade and disappear.

Once you’ve set a goal and begin receiving inspiration, you must start taking action. It doesn’t matter how big or small the action is. It only matters that you start and you continue. Success will follow.

There’s an old joke told about a spiritual man named Matt who found himself in dire financial need. When he was laid off his job, Matt prayed to God “Please let me win the lottery.” Several lottery drawings passed but he didn’t win. As he was about to lose his home, Matt again prayed “Please let me win the lottery.” Several more drawings passed but still no winnings. One more time he prayed, but this time he asked “God, why have you forsaken me? Why won’t you help me?” Suddenly the heavens opened up and he heard a voice boom down to him “Matt, meet me halfway. Buy a lottery ticket.”

I’m not suggesting you spend your money on lottery tickets, but I am strongly suggesting that you need to take action. You may find that even the smallest steps will catapult you closer to your dreams than you thought possible. Without action, your ideas may simply disappear into empty dreams.

Take Action Regularly

Your future is created by what you do today, not tomorrow.”
- Robert Kiyosaki
Whatever goal you pursue, it’s important to regularly take action toward that goal. You don’t have to put 100 percent of every waking moment on achieving a goal, but you do need to regularly spend time with any goal.

As an example, if you want to stay healthy, many experts recommend at least 30 minutes of exercise at least three times a week. However, if you miss a month of exercising, you can’t go to the gym and work out for six hours to make up the time. It just doesn’t work that way.

Additionally, after the month of missed exercising is past, you may find that you can’t even do the same level of exercise you did a month ago. If you’re pursuing a goal, spend time with it regularly. This keeps up the momentum. If you stop, you’ll lose your momentum and any progress may be lost.

Expect Obstacles

"Sometimes adversity is what you need to become successful."
- Zig Ziglar
As you pursue any goal, you should expect obstacles to appear but it’s important to remember that obstacles are rarely roadblocks. An obstacle doesn’t mean that you should stop pursuing your goal. Instead obstacles are often opportunities to look at things a little differently.

There’s an old story about a farmer whose donkey fell down a hole that he had left uncovered. The farmer couldn’t think of a way to get the donkey out and ultimately decided the donkey was old and the hole needed to be covered up anyway. He enlisted the help of his neighbors and they began shoveling dirt into the hole.

At first, the donkey was braying horribly with each shovel of dirt that fell on him. But then he quieted down. The farmer looked down into the hole and saw that as each of shovel of dirt hit the donkey’s back, he shook it off and took a step up. As everyone continued to shovel dirt into the hole, the donkey continued to shake it off and take another step up. In time, the donkey was able to step over the edge.

When an obstacle to your goal comes up, your first inclination may be to fight it. However, if you’re able to shake off the nuisance of the obstacle, you may be able to use it as an opportunity to get closer to your goal. If you’re able to resist an urge to fight, you may be able to look at any obstacle from a different perspective.

One of the reasons people choose not to act is the fear of making mistakes. However, mistakes are a part of the learning process and part of what can move you forward. If you never try, you’ll never identify what works and what doesn’t. Making mistakes is good. The only problem occurs if you are unable to learn from your mistakes and you repeat them.
Posted by at 4:44 AM 0 comments Links to this post
Reactions: 

Monday, March 5, 2012

SQL Server 2012 Certifications

I just saw where the SQL Server 2012 certification tracks are announced (listed at the bottom of the page). I was having trouble making the seven exams line up to three tracks before and now I understand why. There are only two tracks. They are: 

Data Platform (this is related to an administrator)
  • 70-461 Querying Microsoft SQL Server 2012
  • 70-462 Administering Microsoft SQL Server 2012 Databases
  • 70-463 Implementing a Data Warehouse with Microsoft SQL Server 2012
  • 70-464 Developing Microsoft SQL Server 2012 Databases
  • 70-465 Designing Database Solutions for SQL Server 2012
Business Intelligence (this is related to a developer)
  • 70-461 Querying Microsoft SQL Server 2012
  • 70-462 Administering Microsoft SQL Server 2012 Databases
  • 70-463 Implementing a Data Warehouse with Microsoft SQL Server 2012
  • 70-466 Implementing Data Models and Reports with Microsoft SQL Server 2012
  • 70-467 Designing Business Intelligence Solutions with Microsoft SQL Server 2012 Platform
Each track requires a candidate to take and pass a total of five exams. The first three exams are the same for both tracks, but the last two are different. Also, it looks like they are abandoning the MCITP name for the SQL 2012 certifications and just calling them Professional-level certifications.

I'm really wondering how popular these tracks will be. Five exams for either of the certifications sounds quite challenging, and in my experience, the database certifications aren't valued as highly as the network certifications (such as the server MCITP certifications).

On the administration side, an administrator pursues and completes a server track, and then may also specialize with database servers. In contrast, SQL Server 2008 has these three tracks:

MCITP: Database Administrator 2008

  • Exam 70-432: TS: Microsoft SQL Server 2008, Installation and Maintenance
  • Exam 70-450: PRO: Designing, Optimizing and Maintaining a Database Server Infrastructure using Microsoft SQL Server 2008

MCITP: Database Developer 2008

  • Exam 70-433: TS: Microsoft SQL Server 2008, Database Development
  • Exam 70-451: PRO: Designing Database Solutions and Data Access Using Microsoft SQL Server 2008

MCITP: Business Intelligence Developer 2008

  • Exam 70-448: TS: Microsoft SQL Server 2008, Business Intelligence Development and Maintenance
  • Exam 70-452: PRO: Designing a Business Intelligence Infrastructure Using Microsoft SQL Server 2008
Posted by at 4:58 AM 0 comments Links to this post
Labels: ,
Reactions: 

Saturday, March 3, 2012

Network+ Hardware Tools

If you're planning on taking the Network+ exam soon, you may want to review the hardware tools used to troublshoot connectivitity. I was recently doing some work with Network+ practice test questions and ended up creating a short list for my own use. This list doesn't provide complete details of these tools, but it should give you enough for the Network+ exam. Many people are using the Microsoft Windows Networking Essentials book to help prepare for the the Network+ exam. This book was actually written for the MTA 98-366 Networking Fundamentals exam but there is a lot of crossover. I'm developing some Network+ practice test questions that can also be used to help people take and pass the Network+ exam the first time they take it.

Cable Tester

Cable testers verify that a cable is wired accurately and doesn’t have any breaks in it. You can use it to check a cable after connecting connectors to the cable. Additionally, you can use on cables you suspect are faulty due to problems such as being stepped on or run over by a chair. Check out google images.

Cable Certifier

A cable certifier is used to verify that a cable meets its specifications such as the bandwidth and frequency. For example, it can verify a CAT 5e cable meets specifications and supports speeds of 1000 Mbps, and can verify a CAT 6 cable supports speeds of 10 Gbps. Check out google images.

Crimper

A crimper is tool used to attach a connector to a cable. As an example, technicians commonly use a crimper to attach an RJ-45 cable onto a twisted pair cable. Check out google images.

Butt Set

A butt set is used by telephone technicians to test telephone lines. It includes a handheld set used to make phone calls and do testing. The handheld set has pushbuttons to enter phone numbers and codes, a speaker, and microphone. Technicians connect it to phone lines with alligator clips. Check out google images.

Toner Probe

A toner probe allows you to place a tone on one end of a wire and then locate the other end of the wire by finding the wire that has the tone. It includes two components: a tone generator and a speaker. You connect the tone generator onto one end of the cable to place a tone on the cable. You can then go to the other end of the cable in another room. The speaker has a probe you can touch to individual cables and the tone plays on the speaker when you’ve found the correct cable. Check out google images.

Punch Down Tool

Punch down tools are used to terminate cables to jacks, or connect cables to wiring blocks such as 66 block or a 110 block. Punch down tools are spring loaded requiring just a little pressure by the technician. The technician positions the wire over the connection and pushes it in with the punch down tool. When the spring releases, it strips the insulation off the wire and secure the wire into the connection. Check out google images.

Protocol Analyzer / Sniffer

A protocol analyzer (also called a sniffer) can capture packets traveling over the network for analysis. These packets can be saved in a capture file, inspected, and analyzed. Information within packets includes the source and destination IP addresses, source and destination media access control (MAC) addresses, source and destination ports, and payload data. If data is sent across the network in clear text (not encrypted), it can easily be viewed in the protocol analyzer. Protocol analyzers can be hardware devices or software programs running on a computer. Administrators use a protocol analyzer to analyze network activity and troubleshoot problems on a network. For example, if they suspect an unauthorized peer-to-peer software application is running on the network, they can use a protocol analyzer to verify their suspicions and identify which computer is running the application. If they suspect an Internet-based server is being attacked, they can use the sniffer to capture and analyze the traffic sent to the server. Attackers also use sniffers. For example, wireless attackers use wireless sniffers to capture wireless traffic. Once captured, it’s relatively easy to discover information such as the service set identifier (SSID) even if SSID broadcast is disabled, or to detect MAC addresses allowed via a MAC address filter.
Pass the Security+ exam the first time you take it: CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

Environmental monitor

An environmental monitor logs environmental conditions such as temperature and humidity. It is useful in server rooms or data centers to identify problems in environmental controls before they cause problems for the equipment. Many include logs that can be used to see if there is any relationship between system problems and environmental controls. For example, an overworked or failing air conditioner can result in systems overheating and randomly rebooting. The reboot times can be matched to the temperatures recorded in the environmental monitor logs. Check out google images.

Loop back plug

A loop back plug swaps the send and receive signals on a single connector and can be used for testing ports. Data sent out the send pins is looped back to the receive pins and if it succeeds it verifies the port is working. Loopback plugs are commonly used to check network interface card (NIC) jacks and ports on switches. Check out google images.

TDR

A time domain reflectometer (TDR) is used to identify the location of a break in a cable. It sends a signal down the wire and when the signal reaches the break, it is reflected back. The TDR is able to measure how much time it takes for the reflected signal to arrive and based on the time it can determine the exact location of a break. For cables that are hundreds of feet in length (or more), the TDS is invaluable in troubleshooting breaks. A TDR can also identify the location of less severe problems. For example, if a cable is nicked, it affects the electrical characteristics of the cable and the TDR shows these differences, and the location of the problem. Check out google images.

OTDR

An optical time domain reflectometer (OTDR) measures the distance between cable ends for a fiber optic cable. It works similar to how a TDR works by sending a signal down the fiber cable and measuring how long it takes the signal to return. An OTDR will work with fiber cable. Check out google images.

Summary

If you're plannin on taking the Network+ exam soon, this list of hardware tools are important to know. Good luck.
Posted by at 12:42 PM 0 comments Links to this post
Labels: , ,
Reactions: 

Tuesday, February 28, 2012

Protocol IDs for Security+ and SSCP Exams

If you're preparing for the Security+ or SSCP exams, you'll need to know a few of the protocol IDs used by TCP/IP. The protocol ID is a number embedded in the header of the packet to identify the protocol. It is used for many protocols that are not identified with a port number.

I recently wrote a blog titled Ports for Network+, Security+, and SSCP Exams which covered the relevant port numbers for these exams. Both port numbers and protocol IDs are used to identify protocols by devices such as routers and firewalls. However, they are different numbers. For example, Hypertext Transfer Protocol (HTTP) uses port number 80, but it is not accurate to say that it uses protocol ID 80. In fact, there isn't a protocol ID that identifies HTTP.

Practice Test Question

Test your knowledge of protocol IDs with this question. This is an example that you may see on the SSCP exam.

Q. You want to block DoS attacks using ping at a firewall. What would you do?

A. Block port 1 at the firewall

B. Block protocol ID 1 at the firewall

C. Block port 6 at the firewall

D. Block protocol ID 6 at the firewall

Answer at end of blog

Protocol IDs

The following table identifies some of the commonly used protocol IDs that you may be tested on.
Protocol Protocol ID
ICMP - Internet Control Message Protocol 1
IGMP - Internet Group Management Protocol 2
TCP - Transmission Control Protocol 6
UDP - User Datagram Protocol 17
IPsec ESP - Internet Protocol security Encapsulating Security Payload 50
IPsec AH - Internet Protocol security Authentication Header 51
You are more likely to be tested on the protocol IDs in the SSCP exam. If you do see this content on the Security+ exam, it will probably only focus on IPsec ESP or IPsec AH. If you want to see a full listing of protocol ID numbers, check out this list on Internet Assigned Numbers Authority (IANA).
Pass the Security+ exam the first time you take it:
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide
Routers and firewalls use access control lists (ACLs) to filter traffic. They can filter traffic based on IP addresses, network IDs, ports, and protocol IDs. The ports are used to filter traffic using well-known ports mapped to specific protocols. For example, you can block or allow outgoing email by closing or opening port 25, the well-known port for Simple Mail Transport Protocol (SMTP). Similarly, you can block ICMP traffic (used by ping) by blocking any traffic using protocol ID 1.

Q. You want to block DoS attacks using ping at a firewall. What would you do?

A. Block port 1 at the firewall

B. Block protocol ID 1 at the firewall

C. Block port 6 at the firewall

D. Block protocol ID 6 at the firewall

Answer: B

Ping uses Internet Control Message Protocol (ICMP) and ICMP is identified with protocol ID 1. Blocking protocol ID 1 blocks all pings including a denial-of-service (DoS) attack using ping.

Ports 1 and 6 are unrelated to ping or ICMP so would not have any effect on blocking pings.

Protocol ID 6 identifies Transmission Control Protocol (TCP) so by blocking protocol ID 6, you would block all TCP traffic.


Posted by at 12:46 PM 0 comments Links to this post
Labels: , ,
Reactions: 

Listening for Inspiration

The second step to achieve success with any worthwhile goal you desire is to listen for inspiration. This is part of a four part series:
Once you’ve set your goal, you’re ready to start looking for ways to achieve it. Often, when you first set a goal, you won't know how to achieve it but once you set your sights on your goal, you can then start working towards it.

What should you do after setting your goal? Listen for inspiration on how to achieve it.

Defining Inspiration

Inspiration is the process of being motivated or stimulated to do or feel something.

It often comes in a flash as a sudden moment of clarity. Inspiration can come as a sudden idea that catapults your knowledge giving you the means to do or accomplish something. Driving down the road, you
may see a billboard in a different way and get a flash of insight. Listening to someone talking, you may suddenly gain a deeper understanding of a topic that has been elusive. You may get a sudden shift in your perception while reading a book or article.

Great speakers, such as John F. Kennedy often inspire us. In one speech in 1962, he said “We choose to go to the moon in this decade and do the other things, not because they are easy, but because they are
hard, because that goal will serve to organize and measure the best of our energies and skills, because that challenge is one that we are willing to accept, one we are unwilling to postpone, and one which we intend to win.” These words inspired many people within the United States space program and seven years later in 1969, Neil Armstrong and Buzz Aldrin landed on the moon in Apollo 11.

We are often inspired by other people’s actions. It can be as simple as seeing someone bend down to pick up a piece of paper and throw it away, and become inspired to do something similar, or as grand as
seeing someone raise a million dollars for a worthwhile cause and decide to do something similar.

There’s an important point to remember here. After inspiration is action. After you receive the flash, you need to do something with it.

Encouraging Inspiration

If you want to achieve a specific goal, you’ll want the inspiration to achieve it. One of the best things you can do to encourage inspiration related to your goal is to repeat it daily. Write it on 3 X 5 card and repeat it in the morning, or before you go to bed, or whenever works best for you. However, repeat it daily. This keeps your goal at the forefront of your thoughts and helps get your mind working on receiving and recognizing inspiration when it comes.

As an example, imagine your goal is to take and pass the Security+ exam by a certain date. When you remind yourself of this daily, it will be on your mind and you’ll be more likely to think about ways to achieve your goal.

In contrast, imagine someone thought to himself on the first day of last month that he might like to get the Security+ certification. However, he did not set a goal and did not regularly remind himself of this desire. It’s very possible his mind will be occupied with thoughts that have nothing to do with the Security+ exam.

Create a List of Action Steps

One way to get going on a goal is to sit down, think about your goal, and come up with a list of at least ten things you can do to get a step closer. You’ll probably come up with five rather quickly but
stick with it until you’ve written at least ten.

If your goal is to earn the Security+ certification by a certain date, your list may start with:
  • Identify the objectives of the exam
  • Identify study resources
  • Purchase study resources
  • Read ____ pages a day
  • Spend ____ minutes daily creating notes
Once you come up with the list, prioritize the action steps. Identify what needs to be done first, second, and so on. This is very useful when you move onto the next step for success: taking action. This
list tells you exactly what you need to do. You start with item 1, and when you’re done, you move on to item 2. Keep doing this until you complete the list and achieve your goal.

It’s very possible that the first list you create isn’t the best. No problem. Creating the first of anything is often the hardest but once you’ve created it, improving it is easy.

As you start working on your goal, you will likely get flashes of inspiration to add steps to your list or to do things a little differently. Excellent. Modify your list. But notice that these flashes of inspiration come because you are focused on your goal and how to achieve it.

There’s More

There are certainly many more ways to encourage inspiration. However, the two items I’ve mentioned (repeat your goal daily and create a list of action steps) are enough to get you started.

Also, I want to stress that this can work for any worthwhile goal that you believe in. Imagine Nicole has the following goal:
  • “I am earning more than $5,000 a month providing a worthwhile service to others.”
When she sets the goal, she may not have any idea what worthwhile service she could provide to others that could earn her $5,000 a month. However, there are many people in the world that are doing so, so why not Nicole? And the number doesn’t need to be $5,000. It can be any number Nicole believes is possible for her. If she sets it at $5,000 and achieves success with her goal in a year, she may choose to
set a new goal with a higher number that didn’t seem so believable to her at first.

Your Turn

If you haven’t done so, I strongly encourage you to take the time to write down a goal for yourself and use this information to help you listen for inspiration. Success is within your grasp for any worthwhile goal you desire.

Coming next: Taking Action.
Posted by at 12:09 PM 0 comments Links to this post
Labels: , ,
Reactions: 

Saturday, February 25, 2012

Ports for Network+, Security+, and SSCP Exams

If you're planning on taking a certification exam such as CompTIA Security+, CompTIA Network+, or SSCP you should have many of the well-known ports memorized. The objectives for the CompTIA Network+ exam lists many of the protocols and the ports spelling out exactly what you need to know. Similarly, the objectives for the CompTIA Security+ exam lists several protocols with a statement to identify the ports for each. The SSCP exam objectives are very generic but do indicate port numbers are needed.

Well known port numbers are matched to specific protocols and when you see the port, you should be able to identify the protocol. Sometimes you may be given the protocol and be required to identify the port. There are 1024 well known TCP and UDP (numbered 0 through 1023) but you don't need to memorize them all. However, you do need to know certain ports for the CompTIA Security+, CompTIA Network+, and SSCP exams.

Logical Ports

The well-known ports are logical ports and have nothing to do with physical ports. For example, port 80 is the port used for Hypertext Transfer Protocol (HTTP) and port 443 is the port used for Hypertext Transfer Protocol Secure (HTTPS).

In contrast, a physical port on a switch or router is used to make a physical connection between devices. You can touch the physical port while the logical port is simply a number embedded in the packet.

Every packet has both a source port and a destination port along with a source IP address and a destination IP address. The IP address is used to get the packet to the destination system and when the packet is received, TCP/IP uses the port information to determine how to handle the packet. This blog on Understanding Ports for Security+ describes the process of how logical ports are used in more detail.
Pass the Security+ exam the first time you take it:
CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide

TCP and UDP

Each of these logical ports are technically identified as either a Transmission Control Protocol (TCP) port or a User Datagram Protocol (UDP) port depending on which transport protocol they use. For example, HTTP can use either UDP port 80 or TCP port 80. It almost always uses TCP for guaranteed delivery but both TCP port 80 and UDP port 80 are reserved for HTTP.

Some protocols use only the UDP port. For example, Trivial File Transport Protocol (TFTP) uses UDP port 69 but not TCP port 69.

As you advance in the IT field, you'll find that you need to know whether a protocol is using a TCP port or a UDP port. However for these exams, this depth of knowledge is rarely needed. Instead, you should focus on memorizing the port number. If you want to know specifically which transport protocol is used for any protocol, check out Wikipedia's list of TCP and UDP port numbers.

Interestingly, Internet Assigned Numbers Authority (IANA) previously identified which transport protocol was used for each port in their Service Name and Transport Protocol Port Number Registry . However, they seem to have defaulted to just listing both TCP and UDP for each port. For example, Telnet (defined in RFC 854) only uses TCP port 23, not UDP. However, IANAs port number registry lists both TCP and UDP for Telnet.

Network+ Ports

When preparing for the Network+ exam, you should know these ports.
Protocol Port
FTP - File Transport Protocol 20, 21
SSH - Secure Shell 22
Telnet 23
SMTP - Simple Mail Transport Protocol 25
DNS - Domain Name System 53
DHCP - Dynamic Host Configuration Protocol 67, 68
TFTP - Trivial File Transport Protocol 69
HTTP - Hypertext Transfer Protocol 80
HTTPS - Hypertext Transfer Protocol Secure 443
SSL VPN - Secure Sockets Layer virtual private network 443
POP3 - Post Office Protocol version 3 110
NTP - Network Time Protocol 123
IMAP4 - Internet message access protocol version 4 143
SNMP - Simple Network Management Protocol 161
IPsec - Internet Protocol security (through the use of ISAKMP - Internet Security Association and Key Management Protocol) 500
RDP - Remote Desktop Protocol 3389
When you know the ports and understand the protocols, questions are much easier to answer. For example, consider this practice test question that could be in a Network+, Security+, or SSCP exam:

Q. What port do you need to close to block outgoing email?

A. Port 22

B. Port 25

C. Port 110

D. Port 443

Answer at the end of the blog.

Security+ Ports

When preparing for the Security+ exam, you should know these ports.
Protocol Port
FTP - File Transport Protocol 20, 21
SSH - Secure Shell 22
SFTP - Secure File Transport Protocol (uses SSH) 22
SCP - Secure Copy (uses SSH) 22
Telnet 23
SMTP - Simple Mail Transport Protocol 25
TACACS - Terminal Access Controller Access-Control System 49
DNS - Domain Name System 53
DHCP - Dynamic Host Configuration Protocol 67, 68
TFTP - Trivial File Transport Protocol 69
HTTP - Hypertext Transfer Protocol 80
HTTPS - Hypertext Transfer Protocol Secure 443
SSL VPN - Secure Sockets Layer virtual private network 443
Kerberos 88
POP3 - Post Office Protocol version 3 110
NNTP - Network News Transfer Protocol 119
IMAP4 - Internet message access protocol version 4 143
SNMP - Simple Network Management Protocol 161
SNMP Trap - Simple Network Management Protocol Trap 162
LDAP - Lightweight Directory Access Protocol 389
ISAKMP (VPN) - Internet Security Association and Key Management Protocol (virtual private network) 500
Syslog 514
L2TP - Layer 2 Tunneling Protocol 1701
PPTP - Point-to-Point Tunneling Protocol 1723
RDP - Remote Desktop Protocol 3389

SSCP Ports

The list of SSCP ports is a little easier for me to create. It's simply all of the ports listed in the previous two tables. The (ISC)2 objectives do not list specific ports that you need to know but instead include the words "Commonly Used Ports and Protocols". Theortically, they can ask you about any of the ports but you're unlikely to see anything other than what is listed here. If you do, please let me know.

Practice Test Question Answer

Q. What port do you need to close to block outgoing email?

A. Port 22

B. Port 25

C. Port 110

D. Port 443

Answer: B

Port 25 is used for SMTP and SMTP is used for outgoing email.

Port 22 is used for SSH, SFTP, and SCP but not for email.

Port 110 is used for POP3 but POP3 is only used for incoming email, not outgoing email.

Port 443 is used for HTTPS, not email.
Posted by at 8:20 AM 0 comments Links to this post
Labels: , , , ,
Reactions: 
Subscribe to: Posts (Atom)