ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization must automatically transfer daily payroll files that include employee PII from an Amazon EC2 instance to a partner's server. The partner can open only one inbound port, and HIPAA policy mandates encryption and mutual authentication for data in transit. Which transfer protocol best meets these security and connectivity requirements with the least firewall impact?
FTPS in explicit TLS mode using control port 21 and dynamic data ports
TFTP with an application-level AES encryption add-on
SFTP (SSH File Transfer Protocol) over TCP port 22
Plain FTP encapsulated in a GRE tunnel protected by IPsec
SFTP runs as a subsystem of the Secure Shell (SSH) protocol, so it supplies confidentiality, integrity, and client-and-server authentication over a single well-known TCP port (22). That fulfills HIPAA's requirement to protect sensitive data in transit while letting the partner expose just one port. FTPS- even in explicit TLS mode- still needs additional ephemeral data-channel ports besides TCP 21, complicating firewall rules. TFTP offers no native encryption or authentication, and adding custom encryption would still lack strong identity validation. Encapsulating plain FTP in a GRE tunnel that is then protected by IPsec would secure the payload, but the solution forces the firewall to permit IPsec ESP (protocol 50) and IKE (UDP 500/4500), exceeding the single-port constraint and adding unnecessary complexity. Therefore, SFTP over SSH is the most appropriate choice.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SSH File Transfer Protocol (SFTP)?
Open an interactive chat with Bash
Why does HIPAA mandate encryption and mutual authentication?
Open an interactive chat with Bash
How does SFTP ensure compliance with HIPAA requirements?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Cryptography
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .