I'm curious to know how do you remember the port number information, which tool to use when scanning for vulnerabilities? I'm really bad in domain 6 and hope can have someone to guide me in this chapter.
Thank you very much.
Remembering TCP port numbers comes with experience/familiarity. It'd be common over time to know which ports common service like FTP, SSH, Telnet, SMTP, TACACS, DNS, HTTP, Kerberos, LDAP etc run on. In terms of tools for scanning you might also want to look at C|EH.
Everyone learns differently but I think that if you really don't know any of them, you should try flash cards, quizzes, and maybe even dig in a little further and open up a firewall to test with and configure them, adding notes as you do it. I think it is more important to know the differences between port types, and what is secure and not secure. TCP vs UDP. FTP, SFTP, SSH, etc.
There are also some videos if you search for them that could help but since they are with another cert body I will not publish the links directly in here.
CISSP Exam Cram has some great videos on memory mnemonics for the exam - Frameworks, models, ports, encryptions, hashing, etc.
I never really understood why the "Managerial" CISSP needs to get down in the weeds about port numbers and protocols.
Rule 0 - Have a good inventory of assets
Rule 1 - Scan for open Ports
Rule 2 - Close off unused Ports
Rule 3 - If you don't understand this, get yourself a good network manager and pay them well
This is Sam from Taiwan. I would shared some of the ideas how I prepared the Domain 6 on the exam.
First of all, we need to make it clear on why we need to do the assessment and testing for the security operations. It was because we need to ensure the controls are in good and acceptable manner after we applied it.
For my point of view, you are not need to remember which tools to do what, but only need to know if we need to ensure the system was hardened well, we should check the port that remain opened with the tool called Nmap. And we need to know why we need the third-party compliance audit, because we are doing well and we need to told others that we are doing really well on the compliance.
Hope the above could help you build some idea on the Domain 6 and I just passed the exam on 14th.
Please let me know if you need any help on the discussion and I would love to shared with you all.
A wise man once told me that when preparing for a certification exam and reading the exam objectives if a protocol is mentioned there it is a good thing to know that protocol and it's associated port number(s). That advice has never let me down.