nerdexam
F5

101 · Question #545

Which FTP mode should be used by a client behind a firewall that has no special configurator?

The correct answer is A. Passive FTP. Passive FTP requires the client to initiate both the control and data channel connections, making it compatible with firewalls that block unsolicited inbound connections.

Section 1: OSI Model, Network, and Application Delivery Basics

Question

Which FTP mode should be used by a client behind a firewall that has no special configurator?

Options

  • APassive FTP
  • BSecure FTP
  • CActive FTP
  • DProtected FTP

How the community answered

(34 responses)
  • A
    91% (31)
  • C
    3% (1)
  • D
    6% (2)

Why each option

Passive FTP requires the client to initiate both the control and data channel connections, making it compatible with firewalls that block unsolicited inbound connections.

APassive FTPCorrect

In Passive mode, the FTP client sends a PASV command, and the server responds with an IP and port for the client to connect to for the data channel. Since all connections originate from the client side, stateful firewalls with no special FTP configuration allow the traffic without needing to permit inbound server-initiated connections.

BSecure FTP

Secure FTP (SFTP or FTPS) addresses encryption and authentication, not the firewall traversal problem caused by data channel directionality.

CActive FTP

Active FTP has the server initiate the data connection back to the client on a high port, which is typically blocked by firewalls that deny unsolicited inbound sessions.

DProtected FTP

'Protected FTP' is not a recognized FTP operating mode defined in any standard.

Concept tested: Passive FTP firewall traversal behavior

Source: https://www.rfc-editor.org/rfc/rfc1579

Topics

#FTP#passive FTP#active FTP#firewall traversal

Community Discussion

No community discussion yet for this question.

Full 101 Practice