CompTIA Security+ (SY0-601) — Question 90

An analyst is trying to identify insecure services that are running on the internal network. After performing a port scan, the analyst identifies that a server has some insecure services enabled on default ports. Which of the following BEST describes the services that are currently running and the secure alternatives for replacing them? (Choose three.)

Answer options

• A. SFTP, FTPS
• B. SNMPv2, SNMPv3
• C. HTTP, HTTPS
• D. TFTP, FTP
• E. SNMPv1, SNMPv2
• F. Telnet, SSH
• G. TLS, SSL
• H. POP, IMAP
• I. Login, rlogin

Correct answer: B, C, F

Explanation

The correct answers are B, C, and F because they represent insecure protocols and their secure counterparts. SNMPv2 is less secure than SNMPv3, HTTP is an insecure version of HTTPS, and Telnet is an insecure alternative to SSH. The other options either do not provide a direct secure alternative or do not fit the criteria of being insecure services with secure replacements.