An organization's outbound firewall rules are set to "deny all" except for ports explicitly allowed. The firewall is stateful and allows return traffic for established sessions. Staff need to use active-mode FTP to transfer files to public servers. Which single destination TCP port should you open to allow this traffic?
Active-mode FTP begins with the client opening a control connection to the server's well-known control port, TCP 21. The server then initiates the data connection back to the client from its own port 20, so the client does not require an outbound rule for port 20. Allowing outbound TCP 21 is therefore sufficient; ports 20, 22, and any UDP ports are not needed for outbound access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why does active-mode FTP use TCP port 21?
Open an interactive chat with Bash
How does a stateful firewall affect FTP traffic?
Open an interactive chat with Bash
What is the difference between active-mode and passive-mode FTP?