CISSP Question #60: Real Exam Question with Answer & Explanation

The correct answer is D: Authentication is not encrypted.. File Transfer Protocol (FTP) is a protocol that enables the transfer of files between a client and a server over a network. FTP has a security limitation in that it does not encrypt the authentication process, meaning that the username and password are sent in clear text over the

Submitted by hans_de· Mar 5, 2026Communication and Network Security

Question

Which of the following is a security limitation of File Transfer Protocol (FTP)?

Options

APassive FTP is not compatible with web browsers.
BAnonymous access is allowed.
CFTP uses Transmission Control Protocol (TCP) ports 20 and 21.
DAuthentication is not encrypted.

Explanation

File Transfer Protocol (FTP) is a protocol that enables the transfer of files between a client and a server over a network. FTP has a security limitation in that it does not encrypt the authentication process, meaning that the username and password are sent in clear text over the network. This exposes the credentials to interception and eavesdropping by unauthorized parties, who could then access the files or compromise the system.

Topics

#FTP security#unencrypted authentication#protocol vulnerabilities

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions