312-50V10 · Question #792
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?
The correct answer is A. IPsec. IPsec is a Layer 3 protocol that encrypts IP packets end-to-end, making it the only option here that operates at the network layer. SFTP, FTPS, and SSL all operate above Layer 3.
Question
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?
Options
- AIPsec
- BSFTP
- CFTPS
- DSSL
How the community answered
(33 responses)- A88% (29)
- B3% (1)
- C3% (1)
- D6% (2)
Why each option
IPsec is a Layer 3 protocol that encrypts IP packets end-to-end, making it the only option here that operates at the network layer. SFTP, FTPS, and SSL all operate above Layer 3.
IPsec (Internet Protocol Security) operates at Layer 3 of the OSI model and encrypts IP datagrams directly, providing transparent end-to-end encryption for any application protocol including FTP. Because it works at the network layer, it does not require FTP itself to be modified or replaced. It can be deployed in transport or tunnel mode to secure traffic between two endpoints.
SFTP (SSH File Transfer Protocol) is an application-layer (Layer 7) replacement for FTP, not a Layer 3 encryption protocol.
FTPS is FTP secured with SSL/TLS, which operates at the application/session layer, not Layer 3.
SSL/TLS operates at the session/presentation layer (Layers 5-6), not at Layer 3 of the OSI model.
Concept tested: IPsec as a Layer 3 encryption protocol
Source: https://learn.microsoft.com/en-us/windows-server/security/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2
Topics
Community Discussion
No community discussion yet for this question.