Which is an insecure service/protocol/port example?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the PCI DSS Test with detailed questions and explanations. Use flashcards and quizzes to enhance knowledge. Ensure you're ready for your certification exam!

Multiple Choice

Which is an insecure service/protocol/port example?

Explanation:
The main concept is that some protocols transmit data in the clear, without encryption, making credentials and sensitive information easy to eavesdrop. FTP does this: usernames, passwords, and file contents are sent in plaintext over the network, and it lacks the built-in encryption and integrity protections that modern protocols provide. In contrast, SSH provides encrypted remote access, HTTPS secures web traffic with TLS, and SFTP transfers files securely over SSH, all protecting data in transit. Because of this, FTP is the insecure example. This is exactly the kind of risk PCI DSS aims to mitigate by requiring encryption for transmission of cardholder data.

The main concept is that some protocols transmit data in the clear, without encryption, making credentials and sensitive information easy to eavesdrop. FTP does this: usernames, passwords, and file contents are sent in plaintext over the network, and it lacks the built-in encryption and integrity protections that modern protocols provide. In contrast, SSH provides encrypted remote access, HTTPS secures web traffic with TLS, and SFTP transfers files securely over SSH, all protecting data in transit. Because of this, FTP is the insecure example. This is exactly the kind of risk PCI DSS aims to mitigate by requiring encryption for transmission of cardholder data.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy