Enabling the Best Protocol

A use case typically describes an organizational goal. Many protocols mentioned in the CompTIA Security+ objectives support specific use cases. If you’re planning to take the Security+ SY0-501 exam, you should understand how to enable the best protocol to meet an organizational goal.

For example, can you answer this question?

Q. Your organization’s security policy requires that PII data-in-transit must be encrypted. Which of the following protocols would BEST meet this requirement?

A. FTP

B. SSH

C. SMTP

D. HTTP

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Enabling Best Protocol

File Transfer Use Cases

Some common use cases related to transferring files transmit data over the network, ensure confidentiality when transmitting data over a network, and ensure administrators connect to servers using secure connections.

The following list identifies basic protocols used to transfer data over a network:

• FTP. File Transfer Protocol (FTP) uploads and downloads large files to and from an FTP server. By default, FTP transmits data in cleartext, making it easy for an attacker to capture and read FTP data with a protocol analyzer. FTP active mode uses TCP port 21 for control signals and TCP port 20 for data. FTP passive mode (also known as PASV) uses TCP port 21 for control signals, but it uses a random TCP port for data. If FTP traffic is going through a firewall, this random port is often blocked, so it is best to disable PASV in FTP clients.

• TFTP. Trivial File Transfer Protocol (TFTP) uses UDP port 69 and is used to transfer smaller amounts of data, such as when communicating with network devices. Many attacks have used TFTP, but it is not an essential protocol on most networks. Because of this, administrators commonly disable it.

Full Security+ Course

SY0-601 Full Security+ Course

Helping you Pass the First Time

This course includes all of the multiple-choice practice test questions, performance-based questions, audio, and flashcards from the but adds the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide within an online course.

Test your readiness with these quality materials

Here’s what you get

All of the content from the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. All questions include explanations so you’ll know why the correct answers are correct, and why the incorrect answers are incorrect.

Performance-based Questions

These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions.

Online Flashcard Set

Online Security+ Remember This Slide from the popular CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide
Online Security+ Question and Answer Flashcards organized by domain
Online Security+ Acronyms Flashcards

Audio – SY0-601 Security+ Remember This Audio Files

Learn by Listening (MP3 downloads.)

Audio – SY0-601 Security+ Question and Answer Audio Files

Learn by Listening (MP3 downloads.)

Bonus #1

The same set of questions organized by domain including questions in the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide plus extra practice test questions.

Bonus #2

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide.

Bonus #3

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. This includes labs, extra practice test questions, and supplementary materials.

Bonus #4

Extended access. Access the study materials for a total of 60 days because sometimes life happens.

Bonus #5

10% off Voucher Code. Access to a coupon code that will give you 10% off your exam voucher. At the current price of $370 USD for the Security+ voucher, this can save you $37.

Get the SY0-601 Full Security+ Course Here

The following list identifies several encryption protocols used to encrypt data-in-transit. They can be used for various use cases related to secure file transfer:

• SSH. Secure Shell (SSH) encrypts traffic in transit and can be used to encrypt other protocols such as FTP. Linux administrators often used Telnet when remotely administering systems, but this is not recommended because Telnet sends traffic over the network in cleartext. Instead, administrators commonly use SSH to remotely administer systems. Secure Copy (SCP) is based on SSH and is used to copy encrypted files over a network. SSH can also encrypt TCP Wrappers, a type of access control list used on Linux systems to filter traffic. When SSH encrypts traffic, it uses TCP port 22.

• SSL. The Secure Sockets Layer (SSL) protocol was the primary method used to secure HTTP traffic as Hypertext Transfer Protocol Secure (HTTPS). SSL can also encrypt other types of traffic, such as SMTP and Lightweight Directory Access Protocol (LDAP). However, it has been compromised and is not recommended for use.

• TLS. The Transport Layer Security (TLS) protocol is the designated replacement for SSL and should be used instead of SSL. Additionally, many protocols that support TLS use STARTTLS. STARTTLS looks like an acronym, but it isn’t. Instead, it is a command used to upgrade an unencrypted connection to an encrypted connection on the same port.

• IPsec. Internet Protocol security (IPsec) is used to encrypt IP traffic. It is native to IPv6 but also works with IPv4. IPsec encapsulates and encrypts IP packet payloads and uses Tunnel mode to protect virtual private network (VPN) traffic. IPsec includes two main components: Authentication Header (AH) identified by protocol ID number 51 and Encapsulating Security Payload (ESP) identified by protocol ID number 50. It uses the Internet Key Exchange (IKE) over UDP port 500 to create a security association for the VPN.

• SFTP. Secure File Transfer Protocol (SFTP) is a secure implementation of FTP. It is an extension of Secure Shell (SSH) using SSH to transmit the files in an encrypted format. SFTP transmits data using TCP port 22.

• FTPS. File Transfer Protocol Secure (FTPS) is an extension of FTP and uses TLS to encrypt FTP traffic. Some implementations of FTPS use TCP ports 989 and 990. However, TLS can also encrypt the traffic over the ports used by FTP (20 and 21). Notice that the difference between SFTP and FTPS is that SFTP uses SSH and FTPS uses TLS.

Email and Web Use Cases

Some common use cases related to email are send and receive email, send and receive secure email, and manage email folders.

Some common protocols used for email and the web include:

• SMTP. Simple Mail Transfer Protocol (SMTP) transfers email between clients and SMTP servers. SMTP uses TCP port 25. SMTP unofficially used port 465 with SSL and port 587 with TLS. However, it is now recommended that SMTP use STARTTLS to initialize a secure connection.

• POP3 and Secure POP. Post Office Protocol v3 (POP3) transfers emails from servers down to clients. POP3 uses TCP port 110. Secure POP3 encrypts the transmission with SSL or TLS and can use TCP port 995. However, STARTTLS is now recommended to create a secure connection on port 110.

• IMAP4 and Secure IMAP. Internet Message Access Protocol version 4 (IMAP4) is used to store email on an email server. IMAP4 allows a user to organize and manage email in folders on the server. As an example, Google Mail uses IMAP4. IMAP4 uses TCP port 143. IMAP4 with SSL or TLS can use TCP port 993, but STARTTLS is recommended using the same TCP port 143.

• HTTP. Hypertext Transfer Protocol (HTTP) transmits web traffic on the Internet and in intranets. Web servers use HTTP to transmit web pages to clients’ web browsers. Hypertext Markup Language (HTML) is the common language used to display the web pages. HTTP uses TCP port 80.

• HTTPS. Hypertext Transfer Protocol Secure (HTTPS) encrypts web traffic to ensure it is secure while in transit. Web browsers commonly indicate that a secure session is using HTTPS by displaying a lock icon and by including HTTPS in the Uniform Resource Locator (URL) field. HTTPS is encrypted with either SSL or TLS and it uses TCP port 443.

Security+ (SY0-601) Practice Test Questions

SY0-601 Practice Test Questions

Over 385 realistic Security+ practice test questions

At least 10 performance-based questions

All questions include explanations so you’ll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Upgrade Your Resume with the Security+ New Version

Multiple quiz formats to let you use these questions based on the way you learn.

Learn mode – randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation. Click here to see how learn mode works.
Test mode – randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
Test mode – 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions.

Pass the First Time You Take It

Get the full bank of SY0-601 Practice Test Questions Here

Click here if you’re looking for SY0-501 Online Study Package