TCP/80 vs TCP/143

Russ Troutt

New member
Apr 12, 2022
1
3
715
I was going through practice questions with my students yesterday and we were given the question, "An HTTPS application is secured using the SSL/TLS protocol but should use a different port for unencrypted HTTP. Which port should unencrypted HTTP use"?

We all agreed the answer was TCP/80, but that was incorrect, with the correct answer being TCP/143. I wanted to reach out the community of other instructors here so I could get a better understanding of why the answer was 143 and not 80, not just for myself but for my students as well. From reading the CompTIA A+ book, TCP/143 is HTTP associated with IMAP and reading mail messages on a server mailbox, where TCP/80 is your standard HTTP for unsecure websites. Thanks in advance for any input and clarification as to why the answer to this question is TCP/143 and not TCP/80.
 

Attachments

  • port80practicequestion.jpg
    port80practicequestion.jpg
    153.1 KB · Views: 21
I think the program got confused and mixed-up mail and internet. This seemed to happen between asking the question and presenting the answers.
Port 80 is HTTP and HTTPS is port 443.

The question might have thought it was talking about securing email, but that isn't the question.
 
I was going through practice questions with my students yesterday and we were given the question, "An HTTPS application is secured using the SSL/TLS protocol but should use a different port for unencrypted HTTP. Which port should unencrypted HTTP use"?

We all agreed the answer was TCP/80, but that was incorrect, with the correct answer being TCP/143. I wanted to reach out the community of other instructors here so I could get a better understanding of why the answer was 143 and not 80, not just for myself but for my students as well. From reading the CompTIA A+ book, TCP/143 is HTTP associated with IMAP and reading mail messages on a server mailbox, where TCP/80 is your standard HTTP .
The question is poorly worded: "An HTTPS application..." That is the issue. The question should have been worded and referred as "email client application" or "web server". Back in day, some application server ports would be switch from thier default know ports as a security harding measure.
 
  • Like
Reactions: Brian Ford
The question is poorly worded: "An HTTPS application..." That is the issue. The question should have been worded and referred as "email client application" or "web server". Back in day, some application server ports would be switch from thier default know ports as a security harding measure.
i echo the post of @Thomas Rawding
the "https application" it is referring to is an email application.


Yes, I agree with Russ. The question mentioned using S/MIME to encrypt email. To receive encrypted email, IMAP uses port 993. Also, SMTP uses 587 to encrypt mail that is being sent.
the question mentioned using s/mime? i didn't see that in the screenshot

but if it is indeed in the question, then that would be the hint to answering it.
 
What when wrong with this question and how it came about is an interesting topic and we may never figure that out for sure. I do sympathise with the need to understand everything, I am like that. Drives my wife crazy at times. :rolleyes::unsure:

However, for people preparing for the exam the best advise is to just discard this question. Don't waste your precious mental and time resources trying to figure it out. We've all seen bad questions like this in many practice decks and not to dwell on them is the advise I give my students.

Why? If they do that on the test questions (dwell on them for too long) they will do it in the exam and lose too much time.
 
Yes, I agree with Russ. The question mentioned using S/MIME to encrypt email. To receive encrypted email, IMAP uses port 993. Also, SMTP uses 587 to encrypt mail that is being sent.
The question did not mention S/MIME or email.
Yes, I agree with Russ. The question mentioned using S/MIME to encrypt email. To receive encrypted email, IMAP uses port 993. Also, SMTP uses 587 to encrypt mail that is being sent.
I do wish the question didn’t have to be so tricky and I wish the explanation would explain what “HTTPS applications”might mean and even further explain the logic behind the question. I realize that CompTIA is trying to test ‘assimilation of knowledge’ where we know the ports and we read the problem and we must create a solution based on the two. There are a lot of questions like this and as an instructor I need to know how to ready my students (not teach them the answers). I’m attending both the 1101 and 1102 TTTs and while the information is good I would love more of the caveat scenarios training.
Anyone know if a good resource on breaking down questions on CompTIA exams?
Obviously, I’m easily derailed by such a simple question. And If I saw S/MIME in the question I would have paid more attention to the HTTPS part.