Professional Documents
Culture Documents
PUBLIC
ADMINISTRATION
EMAIL: treymaxsikanyi@gmail.com
a) Discuss the practical and security issues associated with transfer of the data in this scenario
using the following three mechanisms:
i. FTP
FTP (File Transfer Protocol) is a network protocol for transmitting files between computers
over Transmission Control Protocol/Internet Protocol (TCP/IP) connections. Within the
TCP/IP suite, FTP is considered an application layer protocol.
✓ One of the biggest advantages of ftp is the security to access the ftp server, we need to login
with the username and password. Therefore, we can say that FTP is more secure,
✓ Speed is also one of the biggest advantages of FTP is speed. The FTP is one of the fastest
way to transfer the files from one computer to another computer.
✓ The disadvantages are that Passwords and file contents are sent in clear text that allows
unwanted eavesdropping. So, it is quite possible that attackers can carry out the brute force
attack by trying to guess the FTP password.
✓ It is not compatible with every system.
Secure Shell or Secure Socket Shell. It is a cryptographic network protocol that allows two
computers to communicate and share the data over an insecure network such as the internet.
It is used to login to a remote server to execute commands and data transfer from one
machine to another machine and it uses three different encryption techniques which are
symmetric, asymmetric and Hashing.
A virtual private network, or VPN, is an encrypted connection over the Internet from a
device to a network. The encrypted connection helps ensure that sensitive data is safely
transmitted. It prevents unauthorized people from eavesdropping on the traffic and allows the
user to conduct work remotely. The VPN security model provides:
✓ Confidentiality such that even if the network traffic is sniffed at the packet level an attacker
would see only encrypted data
✓ Sender authentication to prevent unauthorized users from accessing the VPN
✓ message integrity to detect any instances of tampering with transmitted messages.
b) For EACH of the above, describe a mechanism for automating the transfer without
the need to use a password.
i. Write the script such that it reads a configuration file for its username and password. Keep
the config file in a secure location that can only be accessed by trusted administrators and the
script itself. I tend to use YAML for this, as the format is straightforward and Ruby has
native support for it. Not sure about PHP.
ii. SSH key pairs are only one way to automate authentication without passwords. Using the
Generic Security Service Application Program Interface authentication is also common when
trying to reduce the use of passwords on a network with centralized user management. SSH
key pairs are the easier option to implement when single sign-on (SSO) is not already
available.
C) Make a recommendation for the easiest and most secure mechanism of data transfer,
describing briefly how the mechanism will be implemented
I recommend the FTP because it easy and faster is the most and Security: To access the
FTP server, we need to login with the username and password. Therefore, we can say that
FTP is more secure.
QUESTION TWO