CompTIA CySA+CS0-002 – Question175

A company uses an FTP server to support its critical business functions. The FTP server is configured as follows:
The FTP service is running with the data directory configured in /opt/ftp/data.
The FTP server hosts employees' home directories in /home.
Employees may store sensitive information in their home directories.
An IoC revealed that an FTP directory traversal attack resulted in sensitive data loss. Which of the following should a server administrator implement to reduce the risk of current and future directory traversal attacks targeted at the FTP server?

A.
Implement file-level encryption of sensitive files.
B. Reconfigure the FTP server to support FTPS.
C. Run the FTP server in a chroot environment.
D. Upgrade the FTP server to the latest version.

Correct Answer: A