Wireshark Traffic Analysis Practice Exam

Credentials traveling in the clear is a security pitfall, and FTP is the classic example. In the original FTP protocol, authentication happens over the control channel with the USER and PASS commands, and both the username and password are sent as plain ASCII without encryption. That means anyone sniffing network traffic can read the credentials directly. To avoid this, FTP should be replaced by secure variants like FTPS (FTP over TLS) or SFTP (SSH-based). While HTTP, SMTP, and IMAP can also send credentials without encryption if not secured (e.g., plain HTTP or unencrypted SMTP/IMAP), they’re not the standard teaching example the way FTP is, and in practice they’re often protected with TLS/SSL.