The correct answer is D. IPsec (Internet Protocol Security). The question specifically asks for a Layer 3 protocol that can provide end-to-end encryption for FTP traffic. IPsec operates at the Network Layer (Layer 3) of the OSI model and secures IP communications by providing confidentiality, integrity, authentication, and anti-replay protection.
Since standard FTP transmits usernames, passwords, and data in plaintext, it is vulnerable to packet sniffing and man-in-the-middle attacks. By implementing IPsec, all IP packets exchanged between the client and server can be encrypted regardless of the application being used. This means FTP traffic can be protected without modifying the FTP application itself.
Option A (FTPS) uses SSL/TLS to secure FTP but operates at higher layers. Option B (SFTP) is a secure file transfer protocol that runs over SSH and is considered an application-layer solution rather than a Layer 3 protocol. Option C (SSL) provides transport/session-layer encryption and is not a Layer 3 protocol.
CEH Exam Tip:
IPsec = Layer 3 (Network Layer) Encryption
SSL/TLS = Higher-layer Encryption
SFTP = SSH-based Secure File Transfer
FTPS = FTP over SSL/TLS
Therefore, the best answer is D. IPsec.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit