A company is using a legacy FTP server to transfer financial data to a third party. The legacy system does not support SFTP, so a compensating control is needed to protect the sensitive, financial data in transit. Which of the following would be the most appropriate for the company to use?

Rationale

SSH tunneling is the most appropriate compensating control for protecting sensitive financial data in transit.

SSH tunneling establishes a secure, encrypted connection over an unsecured network, effectively safeguarding the data being transferred. This method is particularly useful for legacy systems that do not support more modern secure protocols, ensuring that sensitive information remains confidential during transmission.

A (Tether connection) YOUR ANSWER

A tether connection refers to sharing a mobile device's internet connection with another device. This method does not inherently provide encryption or secure data transfer, making it unsuitable as a compensating control for sensitive financial data. Tethering primarily focuses on connectivity rather than securing data in transit.

B (SSH tunneling) CORRECT

SSH tunneling creates a secure pathway for data transmission, encrypting the traffic between the sender and receiver. This method is effective in protecting sensitive information, particularly when used with legacy systems that lack built-in security protocols like SFTP. By employing SSH tunneling, the company can ensure that the financial data remains confidential and secure during transit.

C (Patch installation) YOUR ANSWER

Patch installation involves updating software to fix vulnerabilities and improve security. While this is crucial for overall system security, it does not directly protect data in transit. Since the legacy FTP server does not support SFTP, simply patching the system will not address the immediate need for secure transmission of sensitive information.

D (Full disk encryption) YOUR ANSWER

Full disk encryption secures data stored on a device by encrypting the entire disk. However, this does not protect data while it is being transmitted over a network. Therefore, while it is an essential security measure for data at rest, it fails to address the needs of protecting data in transit, which is the primary concern in this scenario.

Conclusion

In situations where a legacy FTP server is used for transferring sensitive financial data, SSH tunneling emerges as the most fitting compensating control. While other options like patch installation and full disk encryption have their roles in overall security, they do not provide the necessary protection for data in transit. SSH tunneling offers the required encryption to ensure confidentiality and integrity of the financial data being exchanged.

A company is using a legacy FTP server to transfer financial data to a third party. The legacy system does not support SFTP, so a compensating control is needed to protect the sensitive, financial data in transit. Which of the following would be the most appropriate for the company to use?

SSH tunneling is the most appropriate compensating control for protecting sensitive financial data in transit.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test