CompTIA Security+ (SY0-501) — Question 445

A new security policy in an organization requires that all file transfers within the organization be completed using applications that provide secure transfer.
Currently, the organization uses FTP and HTTP to transfer files.
Which of the following should the organization implement in order to be compliant with the new policy?

Answer options

• A. Replace FTP with SFTP and replace HTTP with TLS
• B. Replace FTP with FTPS and replaces HTTP with TFTP
• C. Replace FTP with SFTP and replace HTTP with Telnet
• D. Replace FTP with FTPS and replaces HTTP with IPSec

Correct answer: A

Explanation

The correct answer is A because SFTP (SSH File Transfer Protocol) provides secure file transfer capabilities, and TLS (Transport Layer Security) adds encryption to HTTP traffic, ensuring compliance with the new security policy. Options B, C, and D either do not implement the required security protocols or suggest protocols (TFTP, Telnet) that do not provide encryption or security, making them unsuitable for compliance.