Configuration File Upload: Best Practices for Security Administration

Automated Upload of Configuration Files: Ensuring Data Protection

Prev Question Next Question

Question

A security administrator has written a script that will automatically upload binary and text-based configuration files onto a remote server using a scheduled task.

The configuration files contain sensitive information.

Which of the following should the administrator use? (Choose two.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

CE.

The security administrator needs to transfer sensitive information to a remote server using a script and scheduled task. To ensure that the information is transferred securely, the administrator should use the following two options from the given choices:

B. SCP (Secure Copy Protocol): SCP is a secure file transfer protocol that provides authentication and encryption of data during transmission. It is a part of the SSH (Secure Shell) protocol suite and uses the same authentication and security mechanisms as SSH. SCP uses port 22 by default and can be used for transferring both binary and text-based files.

E. Certificate-based authentication: Certificate-based authentication provides a secure method for verifying the identity of the parties involved in a communication. It uses digital certificates to verify the identity of the sender and receiver. A certificate is a digital file that contains the public key of an entity along with its identity information, which is verified by a trusted third-party certificate authority (CA). This authentication method is more secure than traditional password-based authentication as it eliminates the risk of password interception and replay attacks.

A. TOPT (Time-based One-Time Password), C. FTP (File Transfer Protocol) over a non-standard port, D. SRTP (Secure Real-Time Transport Protocol), and F. SNMPv3 (Simple Network Management Protocol version 3) are not suitable for this scenario as they do not provide sufficient security for transferring sensitive information.

TOPT provides an additional layer of security for authentication, but it does not provide encryption for data during transmission.

FTP over a non-standard port is not secure as the port number can be easily discovered by an attacker, and FTP does not provide encryption.

SRTP is used for securing real-time communication, such as voice and video calls, and is not suitable for transferring files.

SNMPv3 is a management protocol used for monitoring and managing network devices, but it does not provide encryption for data during transmission.

Therefore, the administrator should use SCP for secure file transfer and certificate-based authentication for secure authentication to ensure that the sensitive information is transferred securely to the remote server.