CompTIA Security+ (SY0-601) — Question 194

While reviewing pcap data, a network security analyst is able to locate plaintext usernames and passwords being sent from workstations to network switches. Which of the following is the security analyst MOST likely observing?

Answer options

• A. SNMP traps
• B. A Telnet session
• C. An SSH connection
• D. SFTP traffic

Correct answer: B

Explanation

The correct answer is B, as Telnet transmits data, including usernames and passwords, in plaintext, making it vulnerable to interception. In contrast, SSH (C) and SFTP (D) encrypt the data being transmitted, while SNMP traps (A) typically do not involve user credentials in the same way.