Can FTP use SSL or IPSEC?

RZetlinRZetlin Inactive Imported Users Posts: 155
I am stuck on this pratice question:

John is the security officer for her company. His greatest concern is that someone could intercept communications between the users and the company servers. He breathed a sigh of relief when he remembered that the internal web servers used SSL as the security protocol. Then he turned his attention to file transfers made through FTP. How can he secure this kind of traffic?

My choices are:

a. SSL for FTP
b. use Public/Private Key exchange
c. IPSEC
d. use the encrypted file system (EFS)


My first choice is IPSEC since IPSEC works on Layer 3 and up.

Though the web servers use SSL which points to SSL or certificates.

Comments

  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    I would think IPSEC, that could secure FTP and any other communication between two hosts.

    I don't think SSL/certificate based FTP exists, though there is something called "Secure FTP" that is simply a way to transfer files using SSH. You won't see that on a MS exam though.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • RZetlinRZetlin Inactive Imported Users Posts: 155
    SSL with FTP would work, but since the whole subject for 70-291 is on IPSEC that seems to be the correct choice.
  • TeKniquesTeKniques OSCE, OSCP, CISSP, CISA, SSCP, MCSE (03), Security+, Network+, A+, Project+ Member Posts: 1,262 ■■■■□□□□□□
    It's C for sure.

    I secure FTP with IPSec where I work because IIS has no SFTP features. Hopefully IIS 7 will include that and make things a lot easier.
  • SlowhandSlowhand MCSE: Cloud Platform and Infrastructure, MCSA: Windows Server 2003/2012/2016, CCNA Routing & Switchi Bay Area, CaliforniaMod Posts: 5,161 Mod
    Yup, it's definately IPSec, since it's pretty indiscriminant about what it's securing, as long as it's IP traffic.

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • RTmarcRTmarc Member Posts: 1,082 ■■■□□□□□□□
    communications between the users and the company servers
    IPSEC all the way.
Sign In or Register to comment.