Your network contains an FTP server that runs Windows Server 2008 R2. You need to configure SSL
security for the FTP connections. The solution must meet the following requirements:
• All user names and passwords must be encrypted.
• The anonymous user identity must be allowed to establish a connection without requiring
encryption. What should you configure?
A.
the Control Channel setting to Allow
B.
the Control Channel setting to Require only for credentials
C.
the Data Channel setting to Allow
D.
the Data Channel setting to Require
Explanation:
Configure the FTP SSL Encryption Policy for the Control Channel and Data Channel Configure a
custom SSL encryption policy when you want to specify an SSL encryption policy for the control
channel and data channel separately. For example, you might encrypt the control channel to avoid
passing user credentials in cleartext. Or you might encrypt the data channel to protect sensitive
information from being disclosed or changed.
To configure the SSL encryption policy for the control channel and data channel
1. Open IIS Manager.
2. In the Connections pane, select the server node.
3. In Features View, double-click FTP SSL Settings.
4. Under SSL Policy, select Custom and then click Advanced.
5. In the Advanced SSL Policy dialog box, under Control Channel select one of the following options
for SSL encryption over the control channel:
Allow: Requires SSL encryption for all users, but gives the anonymous user identity the ability to
establish a connection without encryption.
Require: Requires SSL encryption for all users, including the anonymous user identity. Require only
for credentials: Requires SSL encryption for all users, but does not allow the anonymous user identity
to establish an encrypted connection.
6. Under Data Channel, select one of the following options for SSL encryption over the data channel:
Allow: When an encrypted connection is established, data transfer is encrypted but requests for
metadata (using the DIR command) return a non-encrypted reply. Require: Requires SSL encryption
over the data channel.
Deny: Denies SSL encryption over the data channel.
7. Click OK.
8. In the Actions pane, click Apply.Source: http://technet.microsoft.com/en-us/library/dd463988.aspx