Cleartext Protocols — CompTIA Security+ (SY0-701) Practice Questions
Cleartext protocols transmit data, including usernames, passwords, and session content, without encryption, making them trivially readable by anyone with access to the network path. SY0-701 tests candidates on common cleartext protocols such as Telnet, FTP, HTTP, SMTP without TLS, and SNMPv1/v2, and their encrypted replacements such as SSH, SFTP, HTTPS, and SNMPv3. The exam emphasizes why using cleartext protocols is a significant risk on both internal and external networks, particularly in environments where network sniffing or man-in-the-middle attacks are feasible. Replacing or wrapping cleartext protocols with encrypted alternatives is a core hardening practice tested across multiple SY0-701 objectives.
Free questions on cleartext protocols
A penetration tester uses a tool to capture and analyze unencrypted authentication traffic on a network. What vulnerability is being exploited?
Free question · medium · full answer + explanation