CompTIA Security Plus Mock Test Q795

Which of the following MOST interferes with network-based detection techniques?

A. Mime-encoding
B. SSL
C. FTP
D. Anonymous email accounts


Correct Answer: B
Section: Application, Data and Host Security

Explanation:
Secure Sockets Layer (SSL) is used to establish secure TCP communication between two machines by encrypting the communication. Encrypted communications cannot easily be
inspected for anomalies by network-based intrusion detection systems (NIDS).

Incorrect Answers:
A: Multi-Purpose Internet Mail Extensions (MIME) encoding is used in email messages to allow messages to be sent in formats other than ASCII text. Email messages are handles by
host based intrusion detection systems (HIDS).
C: File Transfer Protocol (FTP) is an inherently insecure protocol that does not use any form of encryption making it easy to inspect for anomalies.
D: Email messages are handles by host based intrusion detection systems (HIDS).

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 268
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 8, 12-13