Nonessential protocols

Does anyone have a list of the nonessential protocols? I see see NetBios and SNMP as examples. They are both insecure is this a common feature of nonessential protocols? Any help will be appreciated. I am a bit confused on this point.

Find more posts tagged with

SAVE $250 on Your CompTIA Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CompTIA Boot Camps

Comments

sprkymrk

What exactly do you mean by non-essential? It would really depend on your environment. Do you mean insecure?

goforthbmerry

WOW fast response. Yes I think the practice question means insecure. Services and protocols that should be turned off if not truely necessary.

sprkymrk

I was just gently reminded by Webmaster (he's such a nice guy he didn't want to embarrass me, so he sent me a PM

) of "non-essential" in relation to the CompTIA Security+ exam. Here is his sage advice, only slightly edited:

"Nonessential" is in the Sec+ exam objectives, and refers to hardening. It basically comes down to any protocols or services that aren't used should be disabled. Telnet (if ssh is used) is a typical example. SNMP. So there is no 'list' per se, it depends. They are usually older protocols and services for which an similar, newer and more secure alternative exists.

(Thanks Johan!)

RussS

My philosiphy is that all protocols are non essential .......... until someone screams

It really depends on what is needed for that site - I have many different site I look after and most of them would have 3389, 443 and 25 open and that is about it. Shoot I have a couple that only have 25 open and if someone needs to visit a website they use a stand alone machine that is seperate from the network and has its own internet connection.

dissolved

goforthbmerry wrote:

Does anyone have a list of the nonessential protocols? I see see NetBios and SNMP as examples. They are both insecure is this a common feature of nonessential protocols? Any help will be appreciated. I am a bit confused on this point.

My guess is that they're looking for protocols that are weak in the authentication area. SNMP and Netbios are weak because those are both protocols that don't always require authentication. They also leak a lot of information if you do happen to authenticate to the host via this port.
Keep this in mind when taking the test. Also pay attention to non-encrypted protocols (tcp 69) and classic vulnerable ports (figer tcp 79)

nikonjd

For the exam purpose, you would want to know the following. I'm taking the exam tomorrow.

nonessential protocols
netbios services
snmp (simple network managert protocol)

essentials protocols are more secure
network news transfer protocol (NNTP)
domain name service (DNS)
internet control message protocol (ICMP)
mail
web

jkstech

I'm in agreement with sprkymrk and Russ

for the test, I believe they are referring to things that don't need to be enabled

if you have a web server sitting in your dmz and that's all it is, you don't need to enable it to be a dns server, dhcp server

it's talking about what the others have said, hardening, or only enabling what you need and nothing more, it shrinks the "attack surface"