This chapter covers the three most common remote desktop tools tested on the CompTIA A+ Core 2 (220-1102) exam: Remote Desktop Protocol (RDP), Virtual Network Computing (VNC), and TeamViewer. Understanding their differences, default ports, security considerations, and appropriate use cases is essential for the Operational Procedures domain (Objective 4.6). Approximately 5-8% of exam questions touch on remote access technologies, often asking you to identify the correct tool for a given scenario or to recognize a configuration mistake.
Jump to a section
Imagine you have a remote control car with a camera on top, and you want to drive it from another room. The car is like the target computer, and the remote controller is like your local machine. RDP is like a high-end controller that sends steering and throttle commands (keystrokes and mouse clicks) over a dedicated radio frequency (port 3389) and receives a video feed from the car's camera. The video feed is compressed and sent as frames, similar to how RDP sends screen updates. If you use VNC, it's like using a different controller that sends raw joystick positions (RFB protocol) and receives a simpler, uncompressed video feed—more data, more lag. TeamViewer is like a controller that first connects to a central server (the relay) to find the car's IP address, then establishes a direct connection if possible (hole punching), otherwise relays all commands through the server. The central server is essential for NAT traversal, just as TeamViewer's relay servers handle connections when direct peer-to-peer fails. All three allow you to control the car remotely, but they differ in how they encode the video, how they handle network obstacles, and what ports they use.
What Are Remote Desktop Tools and Why Do They Exist?
Remote desktop tools allow a user to connect to and control a computer from a remote location as if they were sitting in front of it. They transmit screen updates, keyboard input, and mouse movements over a network. The 220-1102 exam focuses on three specific technologies:
RDP (Remote Desktop Protocol) – Microsoft's proprietary protocol, built into Windows.
VNC (Virtual Network Computing) – Open-source, platform-independent protocol.
TeamViewer – Commercial third-party application with built-in NAT traversal.
These tools are used for remote administration, help desk support, telecommuting, and accessing lab environments. The exam tests your ability to choose the right tool based on security, platform compatibility, network configuration, and licensing.
How RDP Works Internally
RDP is a multi-channel protocol that separates input, display, and peripheral data into virtual channels. It operates over TCP port 3389 by default. The connection process:
Handshake: The client initiates a TCP connection to port 3389 on the server. The server responds with its RDP version and encryption capabilities.
Authentication: The client sends user credentials (username, password, domain). Windows validates against the local SAM or Active Directory.
License Exchange: If the server is a Windows Terminal Server, it issues a temporary or permanent license. For administrative connections (e.g., Windows 10 Pro), licenses are not required.
Graphics Encoding: RDP uses multiple codecs like RemoteFX, ClearType font smoothing, and bitmap caching. It sends only changed regions of the screen (dirty rectangles) to reduce bandwidth.
Virtual Channels: Separate channels carry audio, clipboard, printer redirection, and smart card data.
Default Values and Timers:
Default port: 3389 (TCP)
Idle timeout: None by default; can be configured via Group Policy (Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Session Time Limits)
Encryption: 128-bit RC4 or TLS 1.0+ (configurable)
Maximum concurrent sessions: 1 remote session per user on Windows client OS; unlimited on Windows Server with Terminal Services.
Configuration Commands:
Enable RDP on Windows 10/11: System Properties > Remote tab > Allow remote connections to this computer
PowerShell: Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name 'fDenyTSConnections' -Value 0
Firewall rule: New-NetFirewallRule -DisplayName 'RDP' -Direction Inbound -Protocol TCP -LocalPort 3389 -Action Allow
Security Considerations:
RDP is vulnerable to brute-force attacks. Enforce Network Level Authentication (NLA) to require credentials before session establishment.
Disable clipboard/drive redirection if not needed to prevent data leakage.
Use VPN or RD Gateway for internet-facing RDP.
How VNC Works Internally
VNC uses the Remote Framebuffer (RFB) protocol, which is simpler than RDP. It operates over TCP port 5900 (+ display number, e.g., :1 = 5901). The process:
Handshake: Client connects to port 5900+N. Server sends its protocol version and security type (e.g., VNC authentication, no authentication, or TLS).
Authentication: For VNC authentication, the server sends a 16-byte challenge; the client encrypts it with the password and sends it back. The server verifies.
Framebuffer Setup: Client requests the server's desktop resolution and pixel format.
Update Requests: The client sends FramebufferUpdateRequest (polling). The server sends only changed rectangles (incremental updates).
Input: Client sends keyboard and mouse events as raw packets (e.g., key press/release, pointer position).
Default Values:
Port: 5900 + display number (e.g., display :0 = 5900, :1 = 5901)
Authentication: 8-character password (VNC challenge-response)
Encryption: None by default; can be tunneled over SSH or use VeNCrypt extension.
Performance: VNC uses raw pixel encoding or hextile (compressed). TightVNC offers tight encoding with JPEG compression.
Configuration Commands:
On Linux: vncserver :1 -geometry 1280x720 -depth 24
On Windows (TightVNC): Install service, set password via TightVNC Server Properties.
Firewall: Open TCP port 5901 for display :1.
Security Considerations:
Default VNC authentication is weak (8-character password, no encryption). Always tunnel over SSH or use a VPN.
VNC is platform-independent but slower than RDP because it transmits raw pixel data more frequently.
How TeamViewer Works Internally
TeamViewer is a proprietary application that uses a hybrid architecture:
Connection Broker: When launched, TeamViewer contacts the TeamViewer master server (via TCP 80/443) to register its ID and get a list of relay servers.
NAT Traversal: If both client and server are behind NAT, TeamViewer attempts UDP hole punching. If that fails, it relays traffic through a TeamViewer relay server (TCP 80/443).
Authentication: The server generates a random session password (or uses a fixed personal password). The client enters the partner ID and password.
Session: Once connected, TeamViewer uses proprietary encoding (similar to RDP) with optimizations for low bandwidth. It supports file transfer, chat, and VoIP.
Default Values:
Ports: 80, 443 (for initial connection and relay), 5938 (direct TCP/UDP for peer-to-peer)
Personal password: Fixed password set in options (optional).
Session password: Random 8-character password generated each session.
Idle timeout: Configurable (default 15 minutes for free version).
Security Considerations:
TeamViewer uses 2048-bit RSA key exchange and AES-256 session encryption.
Use two-factor authentication for unattended access.
Be cautious of phishing attacks where attackers impersonate TeamViewer support.
Interaction with Related Technologies
VPN: Often used to secure RDP and VNC connections over the internet. VPN creates an encrypted tunnel, protecting against eavesdropping.
RD Gateway: A Windows Server role that acts as a proxy for RDP connections over HTTPS (port 443). Allows RDP without a VPN.
SSH Tunneling: Common for VNC on Linux. Example: ssh -L 5901:localhost:5901 user@server then connect to localhost:5901.
Firewalls: All three protocols require specific ports to be open. The exam tests your knowledge of these ports (3389 for RDP, 5900+ for VNC, 80/443/5938 for TeamViewer).
Identify the Remote Access Scenario
Determine whether you need to manage a Windows server, a Linux desktop, or provide ad-hoc support. For Windows-only environments, RDP is the default choice because it is built-in, supports multiple sessions, and integrates with Active Directory. For cross-platform support (e.g., Windows client connecting to Linux), VNC is a common choice. For external support over the internet without VPN setup, TeamViewer is preferred due to its NAT traversal capabilities. The exam often presents a scenario like 'A user needs to help a remote customer without configuring port forwarding' – the answer is TeamViewer.
Check Network Connectivity and Firewall Rules
Ensure the necessary ports are open. For RDP, TCP 3389 must be reachable. For VNC, TCP 5900+ (depending on display number). For TeamViewer, outbound TCP 80 and 443 are typically allowed; if direct connection fails, relay uses these ports. If the remote machine is behind a corporate firewall, you may need to configure port forwarding or use an RD Gateway. The exam may ask: 'Which port must be open for RDP?' Answer: 3389.
Configure the Remote Desktop Server
Enable remote access on the target machine. For RDP on Windows, go to System Properties > Remote tab and select 'Allow remote connections to this computer'. For VNC, install the VNC server (e.g., TightVNC) and set a password. For TeamViewer, install the application and note the partner ID. Ensure the service is running. On Windows, you can use `sc query TermService` to check if the RDP service is running. The exam tests that RDP is disabled by default on Windows client OS and must be explicitly enabled.
Establish the Connection from the Client
On the client, launch the appropriate client software. For RDP, use the built-in Remote Desktop Connection (mstsc.exe) and enter the server's IP or hostname. For VNC, use a VNC viewer (e.g., RealVNC Viewer) and enter IP:display. For TeamViewer, enter the partner ID and the session password. The client and server negotiate encryption and authentication. At the packet level, RDP performs a TLS handshake if configured, while VNC sends a challenge-response. TeamViewer uses its proprietary protocol over TCP 5938 for direct connections.
Verify Session and Optimize Performance
Once connected, verify that you can see the remote desktop and interact with it. Adjust performance settings if needed: RDP allows you to disable wallpaper, menu animations, and other visual effects to reduce bandwidth. VNC offers encoding options like 'Tight' or 'ZRLE' for better compression. TeamViewer automatically adjusts quality based on bandwidth. If the connection is slow, check for packet loss or high latency. The exam may ask about optimizing RDP for low-bandwidth connections – the correct answer is to disable visual effects.
Enterprise Scenario 1: Help Desk Using RDP and RD Gateway
A large enterprise with 10,000 Windows desktops uses RDP for remote troubleshooting. To avoid exposing port 3389 directly to the internet, they deploy an RD Gateway server. Help desk technicians connect to the RD Gateway over HTTPS (port 443), which then proxies their RDP sessions to internal desktops. This setup eliminates the need for VPN and allows granular access control via RD CAP (Connection Authorization Policies) and RAP (Resource Authorization Policies). Misconfiguration often occurs when the RD Gateway certificate is expired, causing clients to receive a security warning. Performance is generally good because RDP compresses graphics efficiently, but in high-latency WAN links, technicians may disable desktop composition (e.g., Aero themes) to improve responsiveness.
Enterprise Scenario 2: Cross-Platform Lab Management with VNC
A research lab runs a mix of Windows and Linux workstations. They use VNC (TightVNC on Windows, TigerVNC on Linux) to provide remote access to users. Each machine runs a VNC server on display :1 (port 5901). To secure traffic, they require all VNC connections to be tunneled over SSH. Users first establish an SSH session to the lab's jump host, then forward a local port to the target machine's VNC port. Common issue: users forget to start the VNC server or set the password. Performance can be poor over high-latency links because VNC sends more raw pixel data than RDP. They mitigate this by reducing color depth to 16-bit and using the 'Tight' encoding.
Enterprise Scenario 3: External Support with TeamViewer
A managed service provider (MSP) supports hundreds of small businesses. They use TeamViewer for unattended remote access to servers and workstations. Each client machine has TeamViewer installed with a fixed personal password and is assigned to the MSP's TeamViewer account. The MSP can connect without needing to know the current session password. TeamViewer's relay servers handle NAT traversal, so no port forwarding is required. The biggest risk is unauthorized access if a personal password is weak or if an attacker gains access to the TeamViewer account. The MSP enforces two-factor authentication on the account and uses the 'Allow only Trusted Devices' feature. Bandwidth usage is moderate because TeamViewer uses adaptive compression.
What the 220-1102 Exam Tests
The exam objective 4.6 (Given a scenario, use remote access technologies) expects you to:
Identify the appropriate remote desktop tool for a given situation (Windows vs. cross-platform, LAN vs. internet, security requirements).
Know default ports: RDP = 3389, VNC = 5900+, TeamViewer = 80/443 and 5938.
Understand security best practices: Use NLA for RDP, tunnel VNC over SSH, use two-factor for TeamViewer.
Recognize that RDP is built into Windows but must be enabled; VNC is third-party; TeamViewer requires installation.
Know that RDP supports multiple sessions on server OS but only one remote session on client OS.
Common Wrong Answers and Why
Choosing VNC for a Windows-only environment because it's 'more secure' – VNC is not more secure by default; it lacks encryption. The correct answer for Windows-to-Windows is RDP because it's built-in and supports NLA.
Saying RDP uses port 5900 – This is a classic trap. Candidates confuse VNC's port with RDP's. RDP uses 3389.
Thinking TeamViewer requires port forwarding – TeamViewer is designed to work without port forwarding via its relay servers. The exam tests that it can bypass NAT.
Believing VNC supports multiple concurrent sessions by default – VNC typically only supports one active session (the physical console). RDP on server OS supports multiple.
Specific Numbers and Terms That Appear Verbatim
Port 3389 for RDP
Port 5900 (or 5901) for VNC
Port 80/443 for TeamViewer initial connection
'Network Level Authentication' (NLA) – must be enabled for secure RDP
'Remote Desktop Gateway' – a role that proxies RDP over HTTPS
'TightVNC' or 'RealVNC' – common VNC implementations
Edge Cases the Exam Loves
RDP over the internet without VPN: The exam will ask why this is bad (exposed to brute force). The solution is to use a VPN or RD Gateway.
VNC on a Linux server: The exam may ask how to secure it (use SSH tunneling).
TeamViewer unattended access: Requires a personal password, not just a session password.
RDP on Windows 10 Home: Not supported; only Pro and Enterprise.
How to Eliminate Wrong Answers
Focus on the scenario's constraints:
If the scenario says 'no additional software can be installed' – RDP is the only option (built-in).
If the scenario says 'must work from anywhere without configuring the firewall' – TeamViewer.
If the scenario says 'must support Linux and Windows' – VNC (or RDP with xrdp).
If the scenario mentions 'encryption required' – RDP (with NLA) or TeamViewer; VNC needs SSH tunnel.
RDP uses TCP port 3389; VNC uses TCP 5900+; TeamViewer uses TCP 80/443 and 5938.
RDP is built into Windows Pro/Enterprise; VNC and TeamViewer require separate installation.
Network Level Authentication (NLA) must be enabled for secure RDP connections.
VNC should always be tunneled over SSH or VPN to ensure encryption.
TeamViewer can bypass NAT and firewalls using relay servers, requiring only outbound HTTP/HTTPS.
Windows Home edition cannot host RDP sessions; only Pro and Enterprise can.
For remote support of external clients without port forwarding, TeamViewer is the best choice.
RDP supports multiple concurrent remote sessions on Windows Server; client OS supports only one remote session at a time.
These come up on the exam all the time. Here's how to tell them apart.
RDP
Default port: TCP 3389
Built into Windows Pro/Enterprise
Uses Network Level Authentication (NLA)
Supports multiple concurrent sessions on server OS
Bandwidth-efficient with advanced graphics compression
VNC
Default port: TCP 5900+ (display dependent)
Cross-platform (Windows, Linux, macOS)
Default authentication is weak (8-char password, no encryption)
Typically only one session (the physical console)
Less efficient; sends more raw pixel data
Mistake
RDP is inherently insecure and should never be used.
Correct
RDP with Network Level Authentication (NLA) and strong passwords is reasonably secure for LAN use. Over the internet, it should be protected with a VPN or RD Gateway. The vulnerability is mainly due to misconfiguration, not the protocol itself.
Mistake
VNC is faster than RDP because it uses less overhead.
Correct
RDP is generally faster and more bandwidth-efficient because it uses advanced compression and only sends changed screen regions. VNC sends more raw pixel data, making it slower over low-bandwidth connections.
Mistake
TeamViewer always uses a direct peer-to-peer connection.
Correct
TeamViewer attempts a direct UDP connection first, but if NAT traversal fails (e.g., symmetric NAT), it falls back to relaying traffic through TeamViewer's servers, which can introduce latency.
Mistake
You can use RDP to connect to any edition of Windows.
Correct
Only Windows Pro, Enterprise, and Server editions can act as RDP hosts. Windows Home edition can only initiate outgoing RDP connections (client). The exam tests this distinction.
Mistake
VNC uses a single well-known port like RDP.
Correct
VNC uses port 5900 + display number. For example, display :0 uses 5900, display :1 uses 5901. The exam may ask which port to open for VNC on display :2 – answer is 5902.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
RDP uses TCP port 3389 by default. This is a common exam question. You can change it in the registry, but the default is 3389. Always remember that VNC uses 5900+ and TeamViewer uses 80/443 and 5938.
No. Windows 10 Home does not include the Remote Desktop host feature. You can only initiate outgoing RDP connections from Home edition to other computers. To host RDP, you need Windows 10 Pro, Enterprise, or Windows Server.
The best way is to tunnel VNC over SSH. On Linux, you can create an SSH tunnel: `ssh -L 5901:localhost:5901 user@remote-server`. Then connect your VNC viewer to localhost:5901. Alternatively, use a VPN. Without encryption, VNC passwords can be sniffed.
The session password is randomly generated each time TeamViewer starts and is used for one-time support sessions. The personal password is a fixed password you set in options, allowing unattended access. For security, use a strong personal password and enable two-factor authentication.
TeamViewer uses a central server to broker connections. Both client and server connect outbound to TeamViewer's servers (TCP 80/443). If direct peer-to-peer fails (due to NAT), traffic is relayed through TeamViewer's servers. This eliminates the need for inbound port forwarding.
NLA requires the user to authenticate before a full RDP session is established. It uses the CredSSP protocol and provides better security by preventing brute-force attacks from reaching the desktop. It is enabled by default on modern Windows versions.
No. Windows 10 Pro only allows one remote session at a time. If a user is logged on locally, the remote session will disconnect them. Windows Server supports multiple concurrent sessions via Remote Desktop Services.
You've just covered Remote Desktop Tools: RDP, VNC, TeamViewer — now see how well it sticks with free 220-1102 practice questions. Full explanations included, no account needed.
Done with this chapter?