Which two best practices would help mitigate FTP server abuse and attacks? (Choose two.)

Which two best practices would help mitigate FTP server abuse and attacks? (Choose two.)

• limit anonymous logins to a select group of people
• edit the hosts file to limit the number of authorized DNS servers
• use encryption at rest
• consolidate all back-end databases on the FTP server
• require re-authentication of inactive sessions

Explanation: The following are several additional best practices for mitigating FTP server abuse and attacks:

- Use strong passwords and multifactor authentication. A best practice is to use good credential management and strong passwords. When possible, use two-factor authentication for any critical service or server.
- Implement file and folder security, making sure that users have access to only the files they are entitled to access.
- Use encryption at rest—encrypt all files stored in the FTP server.
- Lock down administration accounts. You should restrict administrator privileges to a limited number of users and require them to use multifactor authentication. In addition, do not use common administrator usernames such as root or admin.
- Keep the FTPS or SFTP server software up-to-date.
- Use the U.S. government FIPS 140-2 validated encryption ciphers for general guidance on what encryption algorithms to use.
- Keep any back-end databases on a different server than the FTP server.
- Require re-authentication of inactive sessions.
- Disable anonymous logins.

Exam with this question: 5.3.3 Quiz - Exploiting Wired and Wireless Networks Answers