PrepAway - Latest Free Exam Questions & Answers

Which of the following should be used by Tim to ensure …

Tim is a network administrator of Acme Inc. He is responsible for configuring the network devices. John the
new security manager reviews the configuration of the Firewall configured by Tim and identifies an issue.
This specific firewall is configured in failover mode with another firewall. A sniffer on a PC connected to the
same switch as the firewalls can decipher the credentials, used by Tim while configuring the firewalls.
Which of the following should be used by Tim to ensure that no one can eavesdrop on the communication?

PrepAway - Latest Free Exam Questions & Answers

A.
SSH

B.
SFTP

C.
SCP

D.
RSH

Explanation:
Network devices are often configured by a command line interface such as Telnet. Telnet, however is insecure
in that the data including login credentials is unencrypted as it passes over the network. A secure alternative is
to use Secure Shell (SSH).
Secure Shell (SSH) functions as a type of tunneling mechanism that provides terminal-like access to remote
computers. SSH is a program and a protocol that can be used to log into another computer over a network.
SSH should be used instead of Telnet, FTP, rlogin, rexec, or rsh, which provide the same type of functionality
SSH offers but in a much less secure manner. SSH is a program and a set of protocols that work together to
provide a secure tunnel between two computers. The two computers go through a handshaking process and
exchange (via Diffie-Hellman) a session key that will be used during the session to encrypt and protect the data
sent.
Incorrect Answers:
B: SFTP (Secure File Transfer Protocol) is FTP over SSH. SFTP is secure but it is not used to configure
network devices.
C: SCP (Secure Copy) is an application used to copy files over a network using an SSH connection. SCP is
secure but it is not used to configure network devices.
D: RSH (Remote Shell) offers remote command line functionality. However, like Telnet, RSH is insecure.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, pp. 859-860
http://www.novell.com/documentation/suse91/suselinux-adminguide/html/ch19s02html
http://en.wikipedia.org/wiki/Remote_Shell
http://en.wikipedia.org/wiki/Secure_copy


Leave a Reply