In AP Cybersecurity, a source port is the logical port number on the sending device that a packet leaves from. Firewalls read it in the packet header and use it in access control list (ACL) rules to permit or deny traffic.
A source port is the logical port number that identifies where a packet is coming from on the sending device. Every network conversation has two ends, and each end uses a port number. The source port is the sender's end; the destination port is the receiver's end.
Think of it like a return address on an envelope. The destination port says where the packet is headed (like port 22 for SSH or port 80 for HTTP), and the source port says which spot on the sender the reply should come back to. Source ports are usually picked dynamically from a high range, while destination ports tend to be the well-known service numbers. A firewall reading packet headers can filter on either one, because EK 3.4.A.2 says stateless firewalls filter on header info like IP addresses, ports, and protocols.
Source port lives in Unit 3, Topic 3.4 (Protecting Networks: Firewalls). It directly supports [AP Cybersecurity 3.4.B] and [AP Cybersecurity 3.4.D], where you build and read ACL rules that allow or deny traffic by source or destination port. EK 3.4.B.3 lists logical port as one of the things an ACL rule filters by, and EK 3.4.D.2 confirms rules can allow or deny based on source or destination port. So understanding which port is the source matters the moment you have to configure or interpret a firewall rule, which is exactly what Topic 3.4 asks you to do.
Keep studying AP Cybersecurity Unit 3
Visual cheatsheet
view galleryDestination Port (Unit 3)
These two always travel together in a packet header. Source port is the sender's return spot, destination port is where the packet is headed. Most well-known service rules (like SSH on 22) filter by destination port, but a thorough ACL can lock down source ports too.
Access Control List / ACL (Unit 3)
An ACL is the rulebook a firewall checks in order, and source port is one of the criteria a rule can match on. When you write Deny inbound TCP port 80 from 192.168.1.0/24, you're combining port and source IP, the same way you can target a source port.
Packet Filtering (Unit 3)
A stateless firewall does packet filtering by reading header fields, and source port is one of those fields. The firewall doesn't care about the conversation's history; it just checks the source port, destination port, IP, and protocol against the rules.
Expect source port to show up inside firewall and ACL questions in Unit 3, not as its own standalone topic. MCQ stems may give you a rule using the syntax from EK 3.4.D.2 (like Allow inbound TCP port 22 from ALL) and ask what gets permitted or denied, so you need to read which port is the source versus the destination. On a configure-a-firewall task tied to [AP Cybersecurity 3.4.D], you might have to write or correct a rule that filters by source port and source IP. The skill is precision: know which field the rule is matching and predict the permit-or-deny outcome.
Source port is the port the packet leaves from on the sender; destination port is the port the packet is going to on the receiver. Easy memory hook: source = sender's return address, destination = where it's delivered. Most ACL rules for well-known services (SSH 22, HTTP 80) actually filter by destination port, so don't assume the port in a rule is the source.
A source port is the logical port number on the sending device that a packet leaves from, and it shows up in the packet header.
Firewalls can filter on source port because stateless firewalls read header info like IP addresses, ports, and protocols (EK 3.4.A.2).
ACL rules can permit or deny traffic based on source or destination port, source or destination IP, service, protocol, or application (EK 3.4.D.2).
Source ports are usually chosen dynamically from a high range, while destination ports are typically the well-known service numbers like 22 or 80.
Source and destination port together identify the two ends of a single network conversation.
It's the logical port number on the sending device that a packet originates from. Firewalls read it in the packet header and can use it in ACL rules to allow or deny traffic, which ties directly to Topic 3.4.
No. The source port is where the packet leaves from on the sender, and the destination port is where it's headed on the receiver. Both sit in the same packet header, but they describe opposite ends of the connection.
When a rule like Allow inbound TCP port 22 from ALL lists a service port, it's usually the destination port (SSH on 22). The source port is the sender's return port, often a random high number, so don't assume the port named in a service rule is the source.
Yes. EK 3.4.D.2 says firewall rules can allow or deny inbound or outbound traffic based on source or destination port, IP address, service, protocol, or application, so source port is a valid filtering criterion.
Because reading and writing ACL rules in Topic 3.4 ([AP Cybersecurity 3.4.B] and 3.4.D) requires knowing which port a rule is matching. Mixing up source and destination port can flip your permit-or-deny answer on an MCQ or configure-a-firewall task.
Connect this key term to the AP exam workflow: review the course, practice questions, and check related study tools.