CompTIA Security+ (SY0-501) — Question 610

A security administrator is implementing a secure method that allows developers to place files or objects onto a Linux server. Developers are required to log in using a username, password, and asymmetric key.
Which of the following protocols should be implemented?

Answer options

• A. SSL/TLS
• B. SFTP
• C. SRTP
• D. IPSec

Correct answer: B

Explanation

SFTP (Secure File Transfer Protocol) is specifically designed for securely transferring files and supports authentication methods such as usernames, passwords, and asymmetric keys. SSL/TLS is used for encrypting data in transit but does not directly facilitate file transfers. SRTP is focused on securing real-time audio and video, while IPSec is used for securing network communications at the IP layer, making them unsuitable for the given scenario.