CCNA TCP & UDP Ports Questions

30 questions · TCP & UDP Ports · All types, answers revealed

1
MCQhard

A technician is troubleshooting a VoIP phone that intermittently drops calls. The phone uses SIP (Session Initiation Protocol) for signaling and RTP (Real-time Transport Protocol) for audio. Which ports are typically used by these protocols?

A.SIP: 5060, RTP: 16384-32767
B.SIP: 80, RTP: 443
C.SIP: 1720, RTP: 5060
D.SIP: 443, RTP: 80
AnswerA

SIP uses port 5060 for signaling, and RTP uses a dynamic UDP range for audio.

Why this answer

SIP typically uses port 5060 (UDP or TCP) for signaling, and RTP uses a range of UDP ports (often 16384-32767) for audio streams. Port 80 is HTTP, port 443 is HTTPS, and port 1720 is H.323 (another VoIP protocol).

2
MCQmedium

A small office reports that internal users can access the internet but cannot resolve domain names to IP addresses. The DNS server is configured correctly. Which port should be checked on the firewall?

A.Port 80
B.Port 53
C.Port 443
D.Port 67
AnswerB

Port 53 is the standard port for DNS queries and zone transfers.

Why this answer

DNS uses port 53 for both TCP and UDP. If port 53 is blocked, DNS queries will fail, causing name resolution issues. Port 80 is for HTTP, port 443 for HTTPS, and port 67 for DHCP.

Blocking port 53 prevents DNS resolution while allowing other traffic.

3
MCQhard

A company deploys a new internal application that uses a custom TCP port. The application fails to connect from client workstations. A technician verifies that the server is running and the firewall allows outbound traffic. Which step should the technician take next to identify the port issue?

A.Run netstat on the server to see if the application is listening on the correct port.
B.Ping the server from a client to test network connectivity.
C.Use nslookup to verify the server's hostname resolves correctly.
D.Check the DHCP lease to ensure the client has a valid IP address.
AnswerA

Netstat shows listening ports and can confirm if the application is bound to the expected port.

Why this answer

To identify the port issue, the technician should use netstat to check if the server is listening on the expected port. Telnet to the port can test connectivity, but netstat shows listening services. Ping tests ICMP, not TCP.

DNS lookup resolves names, not ports. Netstat is the correct tool to verify port availability.

4
MCQmedium

A user wants to access their company's webmail using a secure connection from a public Wi-Fi hotspot. The webmail server is configured to use IMAP over SSL. Which port should the email client use?

A.143
B.110
C.993
D.995
AnswerC

Port 993 is IMAPS, the secure version of IMAP using SSL/TLS.

Why this answer

IMAP over SSL (IMAPS) uses port 993. This provides encrypted access to email, protecting credentials and data on public networks.

5
MCQmedium

A small office uses a network printer that supports both IPP and LPD printing. The printer is configured to use the default port for IPP. Which port must be open on the firewall for printing to work?

A.515
B.9100
C.631
D.80
AnswerC

Port 631 is the default port for IPP, used for network printing.

Why this answer

Internet Printing Protocol (IPP) uses port 631 by default. Opening this port allows print jobs to be sent to the printer over the network.

6
MCQmedium

A technician is troubleshooting a VoIP phone that cannot register with the SIP server. The phone has a valid IP address and can ping the server. Which port should be verified as open for SIP traffic?

A.Port 80
B.Port 443
C.Port 5060
D.Port 1720
AnswerC

Port 5060 is the default port for SIP traffic.

Why this answer

SIP (Session Initiation Protocol) typically uses port 5060 for unencrypted traffic and port 5061 for encrypted traffic. Port 80 is for HTTP, port 443 for HTTPS, and port 1720 for H.323. If port 5060 is blocked, SIP registration will fail.

7
MCQhard

During a security audit, a technician discovers that an internal web server is responding on port 8080 instead of the standard HTTP port. What is the most likely reason for this configuration?

A.The server is running HTTPS on a non-standard port.
B.The server is configured as a web proxy or alternate HTTP server.
C.The server is running an FTP service.
D.The server is using a custom application protocol.
AnswerB

Port 8080 is a common alternative for HTTP traffic, often used by proxy servers or when port 80 is blocked.

Why this answer

Port 8080 is commonly used as an alternative HTTP port, often for proxy servers or to avoid conflicts with standard port 80. It allows HTTP traffic without using the default port.

8
MCQeasy

A customer reports that they cannot send emails from their desktop email client, but they can receive emails. The email server is running on the local network. Which port is most likely blocked on the firewall?

A.25
B.110
C.143
D.993
AnswerA

Port 25 is the default SMTP port for sending email; blocking it prevents outgoing mail.

Why this answer

SMTP uses port 25 for sending emails. If outgoing email fails but incoming works, port 25 is likely blocked. Port 110 (POP3) and 143 (IMAP) are for receiving email, and 993 is IMAPS (secure IMAP).

9
MCQeasy

A technician is configuring a new web server that must support both standard HTTP and HTTPS traffic. Which two ports should be opened in the firewall?

A.80 and 443
B.21 and 22
C.8080 and 8443
D.25 and 110
AnswerA

Port 80 (HTTP) and port 443 (HTTPS) are the standard ports for web traffic.

Why this answer

HTTP uses port 80 and HTTPS uses port 443. These are the standard ports for web traffic. Port 8080 is an alternate HTTP port, and 8443 is an alternate HTTPS port, but the question specifies standard ports.

10
MCQhard

A network administrator needs to allow secure remote administration of a router using SSH. The router is configured to use the default SSH port. Which port must be opened on the firewall?

A.22
B.23
C.161
D.443
AnswerA

Port 22 is the default SSH port, used for secure remote administration.

Why this answer

SSH (Secure Shell) uses port 22 by default for secure remote administration. Opening this port allows encrypted command-line access to the router.

11
MCQmedium

A user needs to transfer files securely between two Linux servers over the internet. Which port should be allowed through the firewall for this purpose?

A.21
B.22
C.20
D.443
AnswerB

Port 22 is SSH, which SFTP uses for secure file transfers.

Why this answer

SFTP (SSH File Transfer Protocol) uses port 22, the same as SSH, for secure file transfers. It provides encryption and authentication.

12
MCQmedium

A technician is configuring a remote desktop solution for a user who needs to access their Windows workstation from home. Which port must be forwarded on the router for RDP (Remote Desktop Protocol)?

A.22
B.3389
C.5900
D.443
AnswerB

Port 3389 is the default port for RDP, used for remote desktop connections to Windows.

Why this answer

RDP uses TCP port 3389 by default. Port 22 is SSH, port 5900 is VNC, and port 443 is HTTPS. RDP is the standard for Windows remote desktop.

13
MCQeasy

A user cannot connect to a remote server using RDP. The network team confirms that the firewall allows outbound traffic on all ports. Which port is typically used for RDP and should be verified on the server side?

A.Port 22
B.Port 3389
C.Port 23
D.Port 5900
AnswerB

Port 3389 is the default port for Remote Desktop Protocol.

Why this answer

RDP (Remote Desktop Protocol) uses port 3389 by default. Port 22 is for SSH, port 23 for Telnet, and port 5900 for VNC. If the server's firewall is not allowing inbound traffic on port 3389, the RDP connection will fail.

14
MCQmedium

A technician is configuring a network monitoring tool that uses SNMP to query network devices. Which two ports should be allowed for SNMP communication?

A.Port 22 and 23
B.Port 80 and 443
C.Port 161 and 162
D.Port 67 and 68
AnswerC

Port 161 is for SNMP queries and port 162 for SNMP traps.

Why this answer

SNMP uses port 161 for queries (GET/SET) and port 162 for traps (notifications). Port 161 is used by the agent to receive requests, and port 162 is used by the manager to receive traps. Ports 22 and 23 are for SSH and Telnet, 80 and 443 for web, 67 and 68 for DHCP.

15
MCQeasy

A user reports that they cannot send emails from their Outlook client, but they can receive emails. The email server is using standard ports. Which port is most likely blocked on the firewall?

A.110
B.143
C.25
D.443
AnswerC

Port 25 is SMTP, the standard port for sending email. Blocking it would prevent outgoing email while allowing incoming.

Why this answer

SMTP uses port 25 for sending email, while POP3 (port 110) or IMAP (port 143) are used for receiving. Blocking port 25 prevents outgoing email but not incoming.

16
MCQeasy

A technician is configuring a new web server that must support both standard and encrypted web traffic. Which two ports should be opened in the firewall?

A.Port 22 and 21
B.Port 80 and 443
C.Port 3389 and 5900
D.Port 53 and 123
AnswerB

Port 80 handles HTTP and port 443 handles HTTPS, covering both standard and encrypted web traffic.

Why this answer

Standard web traffic uses port 80 (HTTP) and encrypted web traffic uses port 443 (HTTPS). Port 22 is for SSH, port 21 for FTP, and port 3389 for RDP.

17
MCQmedium

A company's internal DNS server is not resolving hostnames for clients. The technician verifies that the DNS service is running and the firewall allows traffic on port 53. However, clients still cannot resolve names. What is the most likely issue?

A.The firewall is blocking UDP port 53
B.The DNS server is using port 5353 instead of 53
C.The firewall is blocking TCP port 53
D.Clients are using the wrong DNS server IP
AnswerC

DNS requires TCP for zone transfers and large responses; blocking TCP port 53 can cause resolution failures.

Why this answer

DNS uses both UDP and TCP on port 53. UDP is used for standard queries, but TCP is necessary for zone transfers or large responses. If only UDP is allowed, some DNS operations may fail.

Port 53 is correct, but the protocol type matters.

18
MCQmedium

A technician is setting up a network printer that supports both LPD (Line Printer Daemon) and IPP (Internet Printing Protocol). The printer must be accessible from Windows and Linux clients. Which port should be opened for IPP?

A.515
B.631
C.9100
D.80
AnswerB

Port 631 is the standard port for IPP, used by both Windows and Linux.

Why this answer

IPP uses TCP port 631. LPD uses port 515. Port 9100 is used by some HP printers for direct printing (JetDirect).

Port 80 is HTTP, which is not typically used for printing.

19
MCQhard

A network administrator notices that a critical database server is responding slowly. The server uses both TCP and UDP for different services. Which of the following is a characteristic of UDP that could explain performance issues under heavy load?

A.UDP retransmits lost packets automatically
B.UDP uses a three-way handshake to establish a connection
C.UDP does not guarantee packet delivery or order
D.UDP provides flow control to prevent congestion
AnswerC

UDP is unreliable and does not guarantee delivery or ordering, which can cause data loss under heavy load.

Why this answer

UDP is connectionless and does not guarantee delivery, so it does not retransmit lost packets. Under heavy load, packet loss can increase without recovery, causing application-level issues. TCP retransmits lost packets, which can add latency but ensures delivery.

20
MCQhard

A technician is troubleshooting a legacy application that uses FTP for file transfers. The transfers work but are extremely slow. The network team mentions that the firewall is configured to inspect traffic on certain ports. Which port should be opened for FTP data transfer to improve performance?

A.Port 22
B.Port 20
C.Port 23
D.Port 69
AnswerB

Port 20 is the default data port for active FTP transfers.

Why this answer

FTP uses two ports: port 21 for control commands and port 20 for data transfer. If port 20 is blocked or inspected heavily, data transfer will be slow. Port 22 is for SFTP (SSH FTP), port 23 for Telnet, and port 69 for TFTP.

Opening port 20 allows faster data transfer.

21
MCQeasy

A customer complains that their web browser cannot load any HTTPS websites, but HTTP sites work fine. The firewall is configured to allow common ports. Which port is most likely being blocked?

A.80
B.443
C.22
D.53
AnswerB

Port 443 is HTTPS. Blocking it prevents secure web traffic while allowing unencrypted HTTP.

Why this answer

HTTPS uses port 443 for secure web traffic. If port 443 is blocked, HTTPS sites won't load, but HTTP (port 80) will still work.

22
MCQmedium

A user reports that they cannot access a website hosted on a remote server. The technician finds that the firewall allows HTTP and HTTPS traffic, but the website uses a non-standard port. The user's browser shows 'connection refused'. Which tool can the technician use to verify if the remote port is open?

A.Ping
B.Telnet
C.Nslookup
D.Tracert
AnswerB

Telnet can connect to a specific port to verify if it is open and listening.

Why this answer

Telnet can be used to test connectivity to a specific port (e.g., telnet example.com 8080). Ping uses ICMP, not TCP ports. Nslookup tests DNS resolution.

Tracert traces the route but does not test port status.

23
MCQmedium

A user reports that they can receive emails but cannot send any. The email client is configured with SMTP on port 25. The IT team confirms that port 25 is blocked by the ISP. Which alternative port should be used for SMTP submission?

A.Port 110
B.Port 143
C.Port 587
D.Port 993
AnswerC

Port 587 is the standard SMTP submission port, often allowed by ISPs.

Why this answer

Many ISPs block port 25 to prevent spam. Port 587 is the standard SMTP submission port that is often unblocked. Port 110 is for POP3, port 143 for IMAP, and port 993 for IMAPS.

Using port 587 allows sending email when port 25 is blocked.

24
MCQeasy

A user wants to securely transfer files to a remote server using a command-line tool. Which port is the default for SFTP (SSH File Transfer Protocol)?

A.21
B.20
C.22
D.990
AnswerC

SFTP uses SSH on port 22 for secure file transfer.

Why this answer

SFTP runs over SSH, which uses port 22 by default. Port 21 is for standard FTP, port 20 is FTP data, and port 990 is FTPS (FTP over SSL).

25
MCQhard

A security audit reveals that an internal file server is listening on multiple ports, including 137, 138, 139, and 445. The auditor recommends disabling older protocols. Which port is associated with SMB over TCP/IP directly (without NetBIOS)?

A.137
B.139
C.445
D.443
AnswerC

Port 445 is used by SMB directly over TCP/IP, without NetBIOS.

Why this answer

Port 445 is used by SMB directly over TCP/IP (also known as SMB over TCP). Ports 137-139 are used by NetBIOS over TCP/IP, which is older and less secure. Port 443 is HTTPS, and port 21 is FTP.

26
MCQhard

A technician is configuring a new database server that needs to accept remote connections from client applications using the default port for MySQL. Which port should be opened in the firewall?

A.1433
B.1521
C.3306
D.5432
AnswerC

Port 3306 is the default port for MySQL database connections.

Why this answer

MySQL uses port 3306 by default for client connections. Opening this port allows remote database access.

27
MCQmedium

A technician is troubleshooting a DHCP issue where clients are not receiving IP addresses. Which port must be open on the firewall for DHCP server communication?

A.67
B.68
C.53
D.123
AnswerA

Port 67 is the DHCP server port, used to receive client requests and send offers.

Why this answer

DHCP uses UDP ports 67 (server) and 68 (client). Opening port 67 allows DHCP server broadcasts to reach clients.

28
MCQeasy

A technician is setting up a network printer that supports both standard and secure printing. Which port should be configured for secure IPP printing?

A.Port 9100
B.Port 515
C.Port 443
D.Port 631
AnswerD

Port 631 is the standard port for IPP, including secure IPP with encryption.

Why this answer

Secure IPP (Internet Printing Protocol) uses port 631 with encryption. Port 9100 is for raw printing (often HP JetDirect), port 515 for LPD, and port 443 for HTTPS but not specifically for printing. Port 631 is the correct choice for secure IPP.

29
MCQeasy

A customer reports that they can browse the internet but cannot send or receive emails using their desktop email client. The email server is known to be working. Which port is most likely being blocked by a firewall?

A.Port 80
B.Port 443
C.Port 587
D.Port 110
AnswerC

Port 587 is the standard SMTP submission port for outgoing email.

Why this answer

Email submission typically uses port 587 for SMTP with STARTTLS, or port 25 for unencrypted SMTP. Port 80 is HTTP, port 443 is HTTPS, and port 110 is POP3 for receiving email. Blocking port 587 would prevent outgoing email while allowing web browsing.

30
MCQmedium

During a network upgrade, a technician needs to allow remote desktop connections to Windows workstations from the internal network. Which port must be opened in the firewall?

A.22
B.23
C.3389
D.5900
AnswerC

Port 3389 is the default port for RDP, enabling remote desktop connections.

Why this answer

Remote Desktop Protocol (RDP) uses port 3389 by default. Opening this port allows remote desktop connections to Windows machines.

Ready to test yourself?

Try a timed practice session using only TCP & UDP Ports questions.