During the analysis of a PCAP file, a security analyst noticed several communications with a remote server
on port 53. Which of the following protocol types is observed in this traffic?
A.
FTP
B.
DNS
C.
Email
D.
NetBIOS
Explanation:
DNS (Domain Name System) uses port 53.Incorrect Answers:
A: FTP (File Transfer Protocol) uses ports 20 and 21, not port 53.
C: Email uses multiple ports depending on what aspect of ‘email’ we’re talking about. For example SMTP
(Simple Mail Transfer Protocol) used for sending email uses port 25. POP3 and IMAP, two methods of
accessing and downloading email use ports 110 and 143 respectively.
D: NetBIOS uses ports 137, 138 and 139.http://en.wikipedia.org/wiki/Domain_Name_System
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers