Common Ports and Protocols — N10-009 Reference Table
Every port and protocol CompTIA Network+ (N10-009) expects you to memorize. Grouped by category with TCP/UDP, the encrypted alternative where one exists, and the one thing most students forget.
- Network+ tests port numbers by rote. There is no shortcut — memorize them. But group them by *category*, not alphabetically, and you'll retain twice as much.
- For every insecure protocol, know the encrypted replacement and its port: FTP → SFTP/FTPS, HTTP → HTTPS, Telnet → SSH, LDAP → LDAPS, SNMP → SNMPv3.
- Some protocols use BOTH TCP and UDP (DNS, LDAP). Some only appear in one direction (DHCP client 68, server 67).
Why this matters
The N10-009 blueprint calls out “common ports and protocols” as a stand-alone objective. Expect a handful of straight-recall questions: “Which port does LDAPS use?” and “Which protocol runs on TCP 3389?” — no context, no scenario. If you know the table below cold, those points are free.
Category 1 — File transfer & remote access
| Port | Protocol | TCP/UDP | Secure? |
|---|---|---|---|
| 20 / 21 | FTP (data / control) | TCP | No |
| 22 | SSH / SCP / SFTP | TCP | Yes |
| 23 | Telnet | TCP | No |
| 3389 | RDP | TCP (also UDP for perf) | Yes |
| 5900 | VNC | TCP | Depends |
| 989 / 990 | FTPS (data / control) | TCP | Yes |
Category 2 — Mail
| Port | Protocol | TCP/UDP | Notes |
|---|---|---|---|
| 25 | SMTP | TCP | Server-to-server. |
| 110 | POP3 | TCP | Legacy client pull. |
| 143 | IMAP | TCP | Modern client pull. |
| 465 | SMTPS (SSL) | TCP | Deprecated but still tested. |
| 587 | SMTP submission (TLS) | TCP | The modern outbound. |
| 993 | IMAPS | TCP | |
| 995 | POP3S | TCP |
Category 3 — Web & directory
| Port | Protocol | TCP/UDP |
|---|---|---|
| 80 | HTTP | TCP |
| 443 | HTTPS | TCP |
| 389 | LDAP | TCP + UDP |
| 636 | LDAPS | TCP |
| 88 | Kerberos | TCP + UDP |
Category 4 — Network services
| Port | Protocol | TCP/UDP | Notes |
|---|---|---|---|
| 53 | DNS | UDP + TCP | UDP for queries, TCP for zone transfers & big responses. |
| 67 / 68 | DHCP (server / client) | UDP | Broadcast at layer 2. |
| 69 | TFTP | UDP | No auth, no encryption. |
| 123 | NTP | UDP | |
| 162 | SNMP trap | UDP | |
| 161 | SNMP get/set | UDP | |
| 514 | Syslog | UDP (usually) | Some deployments use TCP 6514 for TLS-secured syslog. |
| 6514 | Syslog over TLS | TCP | The secure replacement. |
Category 5 — Auth & VPN
| Port | Protocol | TCP/UDP | Notes |
|---|---|---|---|
| 500 | IKE (IPsec Phase 1) | UDP | |
| 4500 | IPsec NAT-Traversal | UDP | Used when a NAT device is between the peers. |
| 1701 | L2TP | UDP | |
| 1723 | PPTP | TCP | Insecure, still shows on the exam. |
| 1812 | RADIUS auth | UDP | |
| 1813 | RADIUS accounting | UDP | |
| 49 | TACACS+ | TCP | Encrypts the whole payload — differentiates it from RADIUS. |
Category 6 — Databases & other
| Port | Protocol | TCP/UDP |
|---|---|---|
| 1433 | Microsoft SQL Server | TCP |
| 3306 | MySQL / MariaDB | TCP |
| 5432 | PostgreSQL | TCP |
| 5060 / 5061 | SIP / SIP-TLS | TCP + UDP / TCP |
| 3389 | RDP | TCP |
Common exam traps
- DHCP server = UDP 67, client = UDP 68. The direction matters. A firewall question that asks “which port must you permit for clients to reach the DHCP server?” — you permit destination UDP 67.
- DNS = UDP AND TCP. UDP for normal queries, TCP for zone transfers between servers or replies over 512 bytes (very common with DNSSEC).
- RADIUS encrypts the password only. TACACS+ encrypts the entire payload. That’s why TACACS+ is preferred for admin authentication.
- SNMPv1/v2c community strings are cleartext. SNMPv3 adds authentication and encryption — always the “secure” answer.
- Syslog is UDP 514 by default. If the exam mentions “secure syslog”, think TCP 6514 with TLS.
Cheat strip
FTP 20/21 TCP SFTP 22 TCP FTPS 989/990 TCP
Telnet 23 TCP SSH 22 TCP
HTTP 80 TCP HTTPS 443 TCP
DNS 53 UDP+TCP DHCP 67/68 UDP
NTP 123 UDP SNMP 161 UDP SNMPTrap 162 UDP
Syslog 514 UDP SyslogTLS 6514 TCP
LDAP 389 LDAPS 636 TCP
RADIUS 1812/1813 UDP TACACS+ 49 TCP
IKE 500 UDP IPsec NAT-T 4500 UDP
RDP 3389 TCP+UDP SMB 445 TCP
SMTP 25 TCP SMTPS 465 / SUB 587
POP3 110 / POP3S 995 IMAP 143 / IMAPS 993
SQL 1433 (MSSQL) / 3306 (MySQL) / 5432 (Postgres)
Network Topologies — Bus, Ring, Star, Mesh, Hybrid, Hub-and-Spoke
Every physical and logical topology CompTIA Network+ (N10-009) tests: bus, ring, star, mesh, hybrid, point-to-point, hub-and-spoke, three-tier, spine-leaf. Diagrams, trade-offs, real-world use.
Cable Connector Types — Copper, Fiber, Coax
Every connector CompTIA Network+ (N10-009) shows in exam images: RJ45, RJ11, F-type, BNC, SC, LC, ST, MTRJ, MPO, LC-APC vs LC-UPC. What each pairs with and the one-line 'how to tell them apart' rule.
Want this drilled into reflex?
1:1 weekly sessions, live feedback on your labs, and US interview prep — built around the Network+® exam blueprint. Free first session. No card on file until you decide.
Related topics
DHCP — Dynamic Host Configuration Protocol
Definitive CCNA-level DHCP guide — the DORA exchange step-by-step, packet anatomy, DHCP options table, lease renewal timing (T1/T2), Cisco IOS server + relay config, DHCPv6 brief, DHCP Snooping security, 8 worked scenarios, and the DHCP debug workflow.
IP ServicesDNS — Domain Name System
How www.example.com becomes an IP address. Covers the recursive query path (root → TLD → authoritative), record types (A, AAAA, CNAME, MX, PTR), TTL caching, and the most common DNS failure modes.
IP ServicesSNMP — Simple Network Management Protocol
How monitoring systems pull metrics and receive alerts from network devices. Covers SNMPv1/v2c/v3, community strings, traps vs informs, MIB / OID navigation, and why SNMPv3 is the only one acceptable in 2026.
Get the free CCNA 12-week roadmap
You're already reading up on Common Ports and Protocols — N10-009 Reference Table. The roadmap is the order I recommend studying every CCNA topic in — with what to lab each week and where Common Ports and Protocols — N10-009 Reference Table fits. A written personal reply, not an autoresponder. Expect it within one business day.
Personal reply from a senior network engineer. No third-party tracking. Unsubscribe any time.