Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?
A. TCP 23
B. UDP 69
C. TCP 22
D. TCP 21
Correct Answer: C
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP). Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP).
By default, which of the following uses TCP port 22? (Select THREE).
A. FTPS
B. STELNET
C. TLS
D. SCP
E. SSL
F. HTTPS
G. SSH
H. SFTP
Correct Answer: DGH
G: Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client- server architecture, connecting an SSH client application with an SSH server. Common applications include remote command- line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
D: SCP stands for Secure Copy. SCP is used to securely copy files over a network. SCP uses SSH to secure the connection and therefore uses port 22.
H: SFTP stands for stands for Secure File Transfer Protocol and is used for transferring files using FTP over a secure network connection. SFTP uses SSH to secure the connection and therefore uses port 22.
Incorrect Answers:
A: FTPS stands for File Transfer Protocol Secure. FTPS is similar to SFTP in that it is used to securely transfer files. The difference between the two is the encryption protocol used. FTPS uses the SSL or TLS cryptographic protocols and therefore uses port 443.
B: STelnet stands for secure telnet. STelnet uses SSL by default and therefore uses port 443.
C: TLS (Transport Layer Security) is a successor to SSL and uses port 443.
E: SSL (Secure Sockets Layer) uses port 443.
F: HTTPS (Hypertext transfer protocol secure) is used by web sites to encrypt and security transmit data. HTTPS uses the SSL or TLS cryptographic protocols and therefore uses port 443.
Which of the following ports is used for SSH, by default?
A. 23
B. 32
C. 12
D. 22
Correct Answer: D
Secure Shell (SSH) is a cryptographic network protocol for securing data communication. It establishes a secure channel over an insecure network in a client- server architecture, connecting an SSH client application with an SSH server. Common applications include remote command- line login, remote command execution, but any network service can be secured with SSH. SSH uses port 22.
Incorrect Answers:
A: Port 23 is used by the Telnet protocol, not by SSH.
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?
A. 20
B. 21
C. 22
D. 23
Correct Answer: B
When establishing an FTP session, clients start a connection to an FTP server that listens on TCP port 21 by default.
Incorrect Answers:
A: FTP uses port 20, but it is not the default port.
After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?
A. 25
B. 68
C. 80
D. 443
Correct Answer: B
The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks for distributing IP addresses for interfaces and services. DHCP makes use of port 68.
A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened on the firewall in order for this VPN to function properly? (Select TWO).
A. UDP 1723
B. TCP 500
C. TCP 1723
D. UDP 47
E. TCP 47
Correct Answer: CD
A PPTP tunnel is instantiated by communication to the peer on TCP port 1723. This TCP connection is then used to initiate and manage a second GRE tunnel to the same peer. The PPTP GRE packet format is non-standard, including an
additional acknowledgement field replacing the typical routing field in the GRE header. However, as in a normal GRE connection, those modified GRE packets are directly encapsulated into IP packets, and seen as IP protocol number 47.
Incorrect Answers:
A, E: PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.
B: TCP port 500 is used by the Internet Security Association and Key Management Protocol (ISAKMP) References: http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Question 1127:
A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed?
A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?
A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?
A. ICMP
B. BGP
C. NetBIOS
D. DNS
Correct Answer: C
The LMHOSTS file provides a NetBIOS name resolution method that can be used for small networks that do not use a WINS server. NetBIOS has been adapted to run on top of TCP/IP, and is still extensively used for name resolution and registration in Windows-based environments.
Incorrect Answers:
A: Internet Control Message Protocol (ICMP) is a network health and link-testing protocol that is commonly used by tools such as ping, traceroute, and pathping. It is not include in the LMHOSTS file.
B: Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet. It is not include in the LMHOSTS file.
C: Domain Name System (DNS) distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. It is not include in the LMHOSTS file.
A security analyst noticed a colleague typing the following command:
`Telnet some-host 443'
Which of the following was the colleague performing?
A. A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack.
B. A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall.
C. Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead.
D. A mistaken port being entered because telnet servers typically do not listen on port 443.
Correct Answer: B
B: The Telnet program parameters are: telnet is the name or IP address of the remote server to connect to. is the port number of the service to use for the connection. TCP port 443 provides the HTTPS (used for secure web connections) service; it is the default SSL port. By running the Telnet some-host 443 command, the security analyst is checking that routing is done properly and not blocked by a firewall.
Incorrect Answers:
A: The telnet command parameter used by the colleague is done to check what service is running, i.e. HTTPS, not an attempt to get a denial of service attack.
C: TCP port 443 will not allow an insecure remote session because is the default SSL port.
D: TCP port 443 is the default SSL port and SSH makes use of TCP port 22.
References:
https://support.microsoft.com/en-us/kb/290051
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, p 83.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JK0-022 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.