CompTIA Security+ Guidance
Security+ isn't Network+, except when it is
CompTIA assumes that this is your third certification. They assume got A+ (PC hardware and Windows desktop fundamentals) certification or equivalent background a few years ago, and then expanded into networking tasks and maybe did Network+ a year or two ago. Hmmm. Maybe.
This is despite Security+ being partly aimed at managers who need to talk to technical people without understanding the technology.
I broke the list in half for two columns on wide displays. "Encrypted" in the table means encrypted enough, as in the cases of TACACS and RADIUS.
A glaring example is the presence of UDP and TCP port numbers plus three IP protocol numbers in the question pool. It just depends on luck, which questions you happen to draw. You might get no questions at all about these, but you might get 10 to 12 questions in which you need to know some of these numbers.
| Protocol | TCP port |
UDP port |
IP proto |
Encrypted? |
| CIFS (ex-SMB) | 445 | |||
| DHCP | 67 / 68 | |||
| DNS | 53 | 53 | ||
| FTP | 20 / 21 | |||
| FTP/S | 990 / 989 | ✔ | ||
| HTTP | 80 | |||
| HTTP/S | 443 | ✔ | ||
| IMAP2 | 143 | |||
| IMAP/S | 993 | ✔ | ||
| Kerberos | 88 | 88 | ✔ | |
| LDAP | 389 | 389 | ||
| LDAP/S | 636 | 636 | ✔ | |
| MS SQL | 1433 | |||
| NetBIOS | 139 | 139 | ||
| NTP | 123 |
| Protocol | TCP port |
UDP port |
IP proto |
Encrypted? |
| POP3 | 110 | |||
| POP3/S | 995 | ✔ | ||
| RADIUS | 1812 | ✔ | ||
| RDP | 3389 | ✔ | ||
| SIP | 5060 | 5060 | ||
| SMTP | 25 | |||
| SMTP/S | 465 | ✔ | ||
| SNMP | 161 | 161 | ||
| SNMP trap | 162 | 162 | ||
| ssh, sftp, scp | 22 | ✔ | ||
| TACACS | 49 | ✔ | ||
| TELNET | 23 | |||
| ICMP | 1 | |||
| IKE | 500 | ✔ | ||
| IPsec ESP | 50 | ✔ | ||
| IPsec AH | 51 | ✔ |
Break these into categories of no more than about 7 items each. Maybe something like this:
| Files: | CIFS, FTP, FTP/S, NetBIOS, sftp, scp |
| Infrastructure: | DHCP, DNS, ICMP, NTP, SNMP, SNMP trap |
| Authentication: | Kerberos, LDAP, LDAP/S, RADIUS, TACACS |
| Email: | IMAP, IMAP/S, POP, POP/S, SMTP, SMTP/S |
| Web: | HTTP, HTTPS |
| Remote access: | RDP, ssh, TELNET |
| VPN: | IKE, IPsec ESP, IPsec AH |
| etc: | MS SQL, SIP |
Or maybe number ranges
| 1-49: | ICMP, FTP, ssh/sftp/scp, TELNET, SMTP, TACACS |
| 50-99: | IPsec ESP, IPsec AH, DNS, DHCP, HTTP, Kerberos |
| 100-299: | POP3, NTP, NetBIOS, IMAP2, SNMP, SNMP trap |
| 300-599: | LDAP, HTTPS, CIFS, SMTP/S, IKE |
| 600-999: | LDAP/S, POP3/S, FTP/S, IMAP/S |
| > 1000: | RADIUS, MS SQL, RDP, SIP |