File transfer: FTP MCQs Quiz | Class 10
This quiz covers Class X Computer Applications (Code 165), Unit 1: Networking, focusing on Multiple Choice Questions (MCQs) about File Transfer Protocol (FTP). It explores classic file transfer methods and highlights the inherently insecure nature of FTP. Test your knowledge by attempting all 10 questions, then submit your answers to view your score and download a detailed answer PDF.
Understanding File Transfer Protocol (FTP)
File Transfer Protocol (FTP) is one of the oldest and most fundamental protocols used on the internet for transferring files between a client and a server. Developed in the early days of networking, it allows users to upload, download, and manage files on a remote server. While still in use, its design reflects an era when network security was not a primary concern, leading to significant vulnerabilities.
Classic File Transfer Explained
In a typical FTP session, a client initiates a connection to an FTP server. The client might be a dedicated FTP program, a web browser, or a command-line utility. The server listens on a specific port (usually port 21 for command control) for incoming connections. Once a connection is established, the user provides credentials (username and password) to log in. FTP operates using two channels:
- Control Channel (Port 21): Used for sending commands (e.g., login, list directory, change directory, delete file) and receiving responses from the server. This channel remains active throughout the session.
- Data Channel (Port 20 or dynamic): Used for transferring the actual file data. A new data channel is established for each file transfer, and it can operate in either active or passive mode.
Common FTP commands include GET (download), PUT (upload), LS (list files), CD (change directory), DELETE, and QUIT.
The Insecure Concept of FTP
The primary security concern with classic FTP is its use of plain text for transmitting sensitive information, most notably usernames and passwords. When a user logs into an FTP server, their credentials are sent across the network without any encryption. This means that anyone with access to network traffic (e.g., using a packet sniffer) can easily intercept and read these credentials, leading to:
- Credential Theft: Attackers can gain access to user accounts and potentially other systems if the user reuses passwords.
- Man-in-the-Middle Attacks: Attackers can intercept, read, and even modify files being transferred.
- Data Exposure: The files themselves are also transferred without encryption, making their content vulnerable to interception and exposure.
Due to these inherent security flaws, standard FTP is generally not recommended for transferring sensitive data over public networks like the internet. More secure alternatives have been developed to address these issues.
Secure Alternatives to FTP
To overcome the security limitations of FTP, several protocols and methods offer encrypted file transfers:
| Protocol | Description | Key Benefit |
|---|---|---|
| SFTP (SSH File Transfer Protocol) | File transfer over Secure Shell (SSH) protocol. | Encrypts both commands and data. Highly secure. |
| FTPS (FTP Secure) | FTP with SSL/TLS encryption. | Adds an encryption layer to traditional FTP. Can be explicit or implicit. |
| HTTPS (HTTP Secure) | Web-based file transfer using HTTP over SSL/TLS. | Common for web downloads/uploads. Encrypted. |
These alternatives ensure that data and credentials are encrypted during transmission, significantly reducing the risk of interception and unauthorized access.
Quick Revision Points
- FTP is a protocol for transferring files over a network.
- It uses separate control (Port 21) and data channels.
- Classic FTP transmits usernames, passwords, and data in plain text.
- Plain text transmission makes FTP highly insecure against eavesdropping.
- SFTP, FTPS, and HTTPS are secure alternatives that use encryption.
- Active and Passive modes refer to how the data connection is established.
- FTP clients are software used to connect to FTP servers.
Practice Questions
- Which port is typically used by the FTP control channel?
- What is the main vulnerability of using classic FTP for sensitive data?
- Name two secure alternatives to FTP for file transfer.
- Explain the difference between active and passive FTP data connections.
- What does SFTP stand for and what protocol does it rely on for security?
Content created and reviewed by the CBSE Quiz Editorial Team based on the latest NCERT textbooks and CBSE syllabus. Our goal is to help students practice concepts clearly, confidently, and exam-ready through well-structured MCQs and revision content.