What Is a Port Number?

A port number is a logical communication endpoint used by network services. Think of an IP address as an apartment building — the port number is the specific apartment inside.

🏢
IP Address
The building
+
🚪
Port Number
The specific apartment

Complete A+ Port Numbers List

Port Protocol Service Exam priority
20 / 21 TCP
FTP
File Transfer Protocol — 20 = data, 21 = control
High
22 TCP
SSH / SFTP
Secure Shell + Secure File Transfer (SFTP runs over SSH)
High
23 TCP
Telnet
Unencrypted remote access — replaced by SSH
High
25 TCP
SMTP
Simple Mail Transfer Protocol — sends email between servers
High
53 UDP / TCP
DNS
Domain Name System — resolves hostnames to IPs
High
67 / 68 UDP
DHCP
67 = server, 68 = client — automatic IP assignment
Medium
80 TCP
HTTP
Unencrypted web traffic
High
110 TCP
POP3
Post Office Protocol — downloads email to device, deletes from server
High
137–139 TCP/UDP
NetBIOS
Windows name resolution and file sharing (legacy)
Medium
143 TCP
IMAP
Internet Message Access Protocol — email stays on server, synced to devices
High
161 / 162 UDP
SNMP
Simple Network Management Protocol — monitors network devices. 161 = queries, 162 = traps
Medium
389 TCP
LDAP
Lightweight Directory Access Protocol — used with Active Directory
Medium
443 TCP
HTTPS
Encrypted web traffic — HTTP over SSL/TLS
High
445 TCP
SMB
Server Message Block — Windows file and printer sharing
Medium
587 TCP
SMTP (Submission)
Authenticated email submission — modern replacement for port 25 for clients
Medium
636 TCP
LDAPS
LDAP over SSL — encrypted directory access
Know it
990 TCP
FTPS
FTP over SSL — encrypted file transfer (different from SFTP)
Know it
993 TCP
IMAPS
IMAP over SSL — encrypted email retrieval
Medium
995 TCP
POP3S
POP3 over SSL — encrypted email download
Medium
3389 TCP
RDP
Remote Desktop Protocol — graphical remote access to Windows
High

Network+ Port Numbers

The Network+ exam N10-009 tests a broader set of ports than A+, covering routing protocols, infrastructure services, voice over IP, and database servers you'll encounter in enterprise environments.

PortProtocolServiceExam priority
49 TCP
TACACS+
Terminal Access Controller Access Control System — AAA for Cisco devices, fully encrypts payload
High
69 UDP
TFTP
Trivial File Transfer Protocol — simple, no auth, used to push IOS images to network devices
High
119 TCP
NNTP
Network News Transfer Protocol — Usenet newsgroup transfers
Know it
179 TCP
BGP
Border Gateway Protocol — inter-AS routing on the internet. The routing protocol of the internet.
High
427 TCP/UDP
SLP
Service Location Protocol — discovers services on a local network
Know it
514 UDP
Syslog
System logging protocol — sends log messages to a central syslog server
High
520 UDP
RIP
Routing Information Protocol — legacy distance-vector routing protocol
Medium
546 / 547 UDP
DHCPv6
DHCPv6 client (546) and server (547) — IPv6 address assignment
Medium
1433 TCP
MS SQL Server
Microsoft SQL Server — default database port
High
1521 TCP
Oracle DB
Oracle Database listener — default connection port
Medium
1720 TCP
H.323
VoIP call setup protocol — used in older video conferencing systems
Know it
1812 / 1813 UDP
RADIUS
Remote Authentication Dial-In User Service — 1812 = auth, 1813 = accounting. Used for 802.1X and VPN auth.
High
3306 TCP
MySQL / MariaDB
MySQL and MariaDB database server — most common open-source database port
High
5060 / 5061 TCP/UDP
SIP
Session Initiation Protocol — VoIP call setup. 5060 = unencrypted, 5061 = TLS encrypted
High
5432 TCP
PostgreSQL
PostgreSQL database server — common in enterprise and cloud environments
Medium
5900 TCP
VNC
Virtual Network Computing — graphical remote desktop (cross-platform, no encryption by default)
High
8080 / 8443 TCP
HTTP-alt / HTTPS-alt
Alternate web server ports — 8080 = HTTP, 8443 = HTTPS. Used for dev, proxies, and web apps.
High
27017 TCP
MongoDB
MongoDB NoSQL database — default connection port
Know it

Security+ Port Numbers

Security+ SY0-701 tests ports from both a defensive and offensive perspective — knowing which ports represent attack surfaces, which are commonly scanned, and which security tools use which ports.

PortProtocolServiceSecurity relevance
88 TCP/UDP
Kerberos
Authentication protocol used in Active Directory — Kerberoasting attack targets this port
High
135 TCP
RPC / MSRPC
Windows Remote Procedure Call — used by many Windows services; common target in lateral movement
High
443 TCP
HTTPS / TLS
Encrypted web — attackers commonly tunnel C2 traffic over port 443 to blend with normal traffic
High
445 TCP
SMB
Windows file sharing — exploited by WannaCry (EternalBlue). Block at perimeter firewall; disable if unused.
High
500 UDP
IKE / IPsec
Internet Key Exchange — used to set up IPsec VPN tunnels
High
636 TCP
LDAPS
LDAP over TLS — secure directory access. Port 389 (unencrypted) should be disabled in favor of 636.
High
853 TCP
DNS over TLS (DoT)
Encrypts DNS queries to prevent eavesdropping and DNS spoofing — privacy-focused DNS
Medium
989 / 990 TCP
FTPS
FTP over TLS — 989 = data, 990 = control. Distinct from SFTP (which runs over SSH port 22).
Medium
1194 UDP
OpenVPN
OpenVPN default port — commonly used for remote access VPN
Medium
3389 TCP
RDP
Remote Desktop Protocol — high-value attack target; exposed RDP is a leading ransomware entry point. Change default port or restrict with firewall.
High
4444 TCP
Metasploit / Meterpreter
Default listener port for Metasploit Framework — seeing outbound connections to 4444 is a strong malware indicator
High
6881–6889 TCP/UDP
BitTorrent
Peer-to-peer file sharing — often blocked in corporate environments; data loss risk
Know it
⚡ Security+ exam tip — FTPS vs SFTP: These are completely different protocols that both do encrypted file transfer. SFTP (Secure FTP) runs over SSH on port 22 and is a subsystem of SSH. FTPS (FTP Secure) runs over TLS on ports 989/990 and is FTP with a TLS wrapper. Exam questions deliberately confuse these — know which uses which port.

Memory Tricks

80
HTTP — Web
The standard, unencrypted web
443
HTTPS — Secure Web
Secure web traffic = think: padlock
22
SSH — Secure Shell
Two 2's = doubly secure
3389
RDP — Remote Desktop
Big number = big screen sharing
53
DNS — Name Lookup
Short number = fast lookup
25
SMTP — Email Sending
25 letters in the alphabet — sends mail
⚡ CompTIA A+ Exam Tip

If a question mentions secure web traffic → think Port 443 (HTTPS).

If a question mentions remote desktop access → think Port 3389 (RDP).

If DNS is failing → Port 53 may be blocked by the firewall.


A+ Exam Scenarios — Port Questions

The A+ exam tests ports through scenario questions. Here are the most common patterns and the answers:

💬 "A user cannot access HTTPS websites but HTTP works fine." → Port 443 is blocked by the firewall
💬 "Which port does Remote Desktop use?" → 3389
💬 "Which protocol uses port 53?" → DNS
💬 "A user's email is not being received. Which port should be checked?" → 25 (SMTP)
💬 "Which port is used for encrypted email retrieval that keeps mail on the server?" → 993 (IMAPS)
💬 "A technician needs to securely transfer files to a Linux server. Which port?" → 22 (SFTP/SSH)
💬 "Which port does DHCP use to communicate with clients?" → 68
💬 "An administrator needs to monitor network devices remotely. Which protocol and port?" → SNMP, port 161
💬 "Which port is used for Windows file sharing?" → 445 (SMB)
💬 "Telnet is a security risk because..." → It transmits data including passwords in plaintext — use SSH (22) instead

Troubleshooting Example

🔧 Real-World Scenario

Scenario: A user can access HTTP websites but not HTTPS websites.

What should you check? Verify that port 443 is not being blocked by a firewall rule. HTTP (port 80) working while HTTPS fails is a classic port-blocking symptom.


Quick Reference — All A+ Ports

20/21FTP
22SSH/SFTP
23Telnet
25SMTP
53DNS
67/68DHCP
80HTTP
110POP3
137-139NetBIOS
143IMAP
161/162SNMP
389LDAP
443HTTPS
445SMB
587SMTP Auth
990FTPS
993IMAPS
995POP3S
3389RDP

📚 Recommended Study Tools

Lock In These Port Numbers

Practice exams and structured review are the fastest way to make these stick.

To lock these in from memory, drill them as spaced-repetition flashcards in CertFlash: CompTIA Study Cards, a free iOS app whose A+ deck is free, with a one-time unlock covering Network+, Security+, CySA+, Linux+, Cloud+, and PenTest+.

Related Networking Articles

Preparing for A+, Network+, or Security+?

See the books, practice exams, and free resources that actually work.

See Best Study Resources →