What is the recommended mitigation for unencrypted FTP exposing credentials?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the CompTIA Cloud+ exam. Enhance your skills with flashcards and multiple choice questions, each supported by hints and explanations. Prepare effectively for your certification!

Multiple Choice

What is the recommended mitigation for unencrypted FTP exposing credentials?

Explanation:
Transmitting credentials over plain FTP means they travel in clear text and can be captured by anyone monitoring the network. The best way to mitigate this is to switch to a secure file transfer method that encrypts the session, so both authentication and data are protected in transit. Using SSH-based File Transfer, such as SFTP or FTPS, provides that encryption: SFTP uses the SSH protocol to encrypt the entire transfer, while FTPS wraps FTP in TLS to secure the connection. Either option prevents credentials from being exposed to eavesdroppers and tampering. Other options don’t address the underlying issue. Simply increasing the encryption strength of FTP isn’t effective because plain FTP itself isn’t encrypted, so stronger encryption on top wouldn’t hijack the plaintext transmission. Telnet is also unencrypted and would expose credentials, not protect them. Changing the default port likewise does not secure the data being sent over the network.

Transmitting credentials over plain FTP means they travel in clear text and can be captured by anyone monitoring the network. The best way to mitigate this is to switch to a secure file transfer method that encrypts the session, so both authentication and data are protected in transit. Using SSH-based File Transfer, such as SFTP or FTPS, provides that encryption: SFTP uses the SSH protocol to encrypt the entire transfer, while FTPS wraps FTP in TLS to secure the connection. Either option prevents credentials from being exposed to eavesdroppers and tampering.

Other options don’t address the underlying issue. Simply increasing the encryption strength of FTP isn’t effective because plain FTP itself isn’t encrypted, so stronger encryption on top wouldn’t hijack the plaintext transmission. Telnet is also unencrypted and would expose credentials, not protect them. Changing the default port likewise does not secure the data being sent over the network.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy