A security team is monitoring traffic on port 21 and suspects that user logins are exposed. Which method best confirms that sensitive information is being shared?
Reassemble the captured exchange and inspect text-based authentication data
Obtain the server’s private key and decrypt the captured data
Examine ephemeral keys to see if they change frequently
Enable a security certificate to verify whether the activity is protected
Reassembling the exchange and examining login data can unveil whether credentials are in readable form. File Transfer Protocol (FTP) often sends credentials unprotected by default, so viewing the actual data helps confirm if encryption is missing. The other options do not provide a direct way to see if user logins are disclosed, since analyzing ephemeral keys or enabling protection does not reveal the contents of an existing unprotected session.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is FTP, and why are its credentials often unprotected?
Open an interactive chat with Bash
What does it mean to 'reassemble the captured exchange,' and how is that done?
Open an interactive chat with Bash
What are some alternatives to FTP that provide encryption for sensitive data?