CCIE Security Exam: True Statements about SSH Protocol

True Statements about SSH Protocol

Prev Question Next Question

Question

Which three statements are true about the SSH protocol? (Choose three.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

BEF.

SSH (Secure Shell) is a cryptographic network protocol that provides secure remote access to servers and other network devices. It was designed as a replacement for insecure protocols such as Telnet, rlogin, and rsh. Below are the explanations of the true statements about the SSH protocol.

B. SSH protocol provides for secure remote login and other secure network services over an insecure network. This statement is true. SSH protocol provides secure remote access to servers and other network devices over an insecure network, such as the Internet. It uses encryption to protect the confidentiality and integrity of data transmitted between the client and server.

E. SSH transport protocol provides for authentication, key exchange, confidentiality, and integrity. This statement is true. SSH transport protocol provides for authentication, key exchange, confidentiality, and integrity. Authentication is the process of verifying the identity of the client or server. Key exchange is the process of generating a shared secret key used for encryption and decryption of data. Confidentiality is the protection of data from unauthorized access, and integrity is the protection of data from unauthorized modification.

F. SSH authentication protocol supports public key, password, host-based, or none as authentication methods. This statement is true. SSH authentication protocol supports various authentication methods, including public key, password, host-based, or none. Public key authentication is more secure than password authentication because it uses a key pair (private and public) to authenticate the client or server. Host-based authentication uses the hostname of the client or server to authenticate them. None authentication means that no authentication is required, which is not recommended for security reasons.

A, C, and D are false statements: A. SSH protocol runs over TCP port 23. This statement is false. SSH protocol runs over TCP port 22, not port 23. Port 23 is used by Telnet, which is an insecure protocol.

C. Telnet is more secure than SSH for remote terminal access. This statement is false. Telnet is an insecure protocol that sends data in plain text, which can be easily intercepted and read by attackers. SSH, on the other hand, uses encryption to protect data transmitted between the client and server.

D. SSH protocol runs over UDP port 22. This statement is false. SSH protocol runs over TCP port 22, not UDP port 22. TCP is a reliable protocol that provides error checking and retransmission of lost packets, while UDP is an unreliable protocol that does not provide these features.