Chapter 92 · Quiz

Secure Protocols — Quiz

Six multiple-choice questions and four matching questions. Submit for instant scoring and explanations.

Question 1 of 6
A security analyst runs a packet capture on the network and opens the results in Wireshark. The capture shows traffic on TCP port 143 where the analyst can clearly read email subject lines, message bodies, and the user’s login credentials in plain text. Which protocol is in use, and what is the secure alternative?
Question 2 of 6
A network administrator types a username and password into a remote device management session. A security auditor later reviews a packet capture taken during that session and sees the credentials in plain text. Which remote access protocol was in use, and which should replace it?
Question 3 of 6
A security engineer observes TCP traffic on port 443 destined for a company web server. She assumes the traffic is encrypted. Her colleague runs a packet capture and finds the HTTP headers are fully readable. What does this demonstrate?
Question 4 of 6
A security researcher at a security conference sets up a passive wireless monitor near the conference registration area, which has an open Wi-Fi access point. What traffic is the researcher able to capture and read?
Question 5 of 6
A remote employee works from various locations including home, hotels, and public Wi-Fi. The company needs all traffic from that employee’s laptop to be encrypted in transit to the corporate network, including traffic from legacy applications that do not support encryption natively. Which solution BEST meets this requirement?
Question 6 of 6
An organization runs a legacy manufacturing control application that only communicates via FTP (port 21). Replacing it will take 18 months. The security team must reduce the risk of credential and data exposure immediately. Which interim measure BEST addresses the risk without replacing the application?

Matching

Match each description to the correct protocol or technology.

1. A wireless security standard that encrypts all traffic between each user device and the access point using per-session keys, preventing nearby attackers from reading captured wireless frames
2. Encrypted web browsing protocol running on TCP port 443 that uses TLS to protect all HTTP request and response data; the secure replacement for plain-text HTTP on port 80
3. A remote console protocol that sends every keystroke — including usernames and passwords — as plain text across the network; visible in full detail in any packet capture
4. An encrypted network-layer tunnel created between a user device and a concentrator that protects all transmitted traffic regardless of which application generates it; covers legacy unencrypted protocols automatically
A. WPA3
B. HTTPS
C. Telnet
D. VPN