AP Cybersecurity Unit 3 Lesson 6 Exercise 2
Unit 3 • 3.6 • Exercise 2
Exercise 2 — Protocol Migration Planning
3 parts, 24 points — Plan secure protocol upgrades for NovaTech Solutions
Score: 0 / 24Complete all 3 parts to see your final score
Client Organization
NovaTech Solutions
NovaTech’s security audit identified three insecure protocol deployments that must be remediated before the next compliance review. For each finding, you will classify the risk, recommend a secure replacement, and explain the migration impact.
Part 1
Finding: Customer Data Transfers via FTP
NovaTech’s enterprise clients upload data files via FTP (port 21) to a staging server. Files contain customer PII including names, email addresses, and account numbers. The FTP server uses username/password authentication. Twelve enterprise clients connect daily.
8 points
1a. Identify two specific risks of using FTP for this data transfer.
Key terms: plaintext, credentials, intercept, sniff, PII, unencrypted, password, exposed, capture, transit
1b. Recommend a secure replacement protocol and explain what it adds that FTP lacks.
Key terms: encrypt, SSH, TLS, session, key exchange, authentication, tunnel, protect, transit, integrity
Model Response: Risk 1: FTP transmits all file contents in plaintext — customer PII (names, emails, account numbers) can be captured by anyone who intercepts the network traffic. Risk 2: FTP credentials (username/password) are also sent in plaintext, allowing an attacker to steal login credentials and gain persistent unauthorized access to the staging server.
SFTP is the recommended replacement. SFTP runs over an SSH tunnel, encrypting both the authentication credentials and the file data in transit. Unlike FTP, SFTP supports key-based authentication (eliminating password transmission entirely) and verifies data integrity through cryptographic hashing.
SFTP is the recommended replacement. SFTP runs over an SSH tunnel, encrypting both the authentication credentials and the file data in transit. Unlike FTP, SFTP supports key-based authentication (eliminating password transmission entirely) and verifies data integrity through cryptographic hashing.
Part 2
Finding: Server Management via Telnet
NovaTech’s operations team uses Telnet (port 23) to remotely manage 40 production Linux servers. Engineers connect from the corporate office and from home via VPN. Telnet sessions include root-level commands that modify server configurations, deploy code, and restart services.
8 points
2a. Explain why Telnet for root-level server management is especially dangerous compared to Telnet for lower-privilege tasks.
Key terms: root, admin, full control, plaintext, password, command, intercept, compromise, entire server, privilege
2b. Describe two specific features of SSH that make it more secure than Telnet for this use case.
Key terms: encrypt, key-based, public key, no password, session, tunnel, host verification, fingerprint, known hosts
Model Response: Root-level Telnet is especially dangerous because an attacker who intercepts the session captures root credentials — granting them complete, unrestricted control over 40 production servers. With root access, the attacker can modify configurations, steal data, install backdoors, delete logs, and take servers offline. The plaintext transmission of the most privileged credentials creates maximum blast radius from a single interception.
SSH feature 1: Full session encryption — all commands, output, and credentials are encrypted end-to-end, preventing interception even on compromised networks. SSH feature 2: Key-based authentication — SSH supports public/private key pairs that eliminate password transmission entirely. Even if the network is monitored, there is no password to capture.
SSH feature 1: Full session encryption — all commands, output, and credentials are encrypted end-to-end, preventing interception even on compromised networks. SSH feature 2: Key-based authentication — SSH supports public/private key pairs that eliminate password transmission entirely. Even if the network is monitored, there is no password to capture.
Part 3
Finding: Expired TLS Certificates on Customer APIs
Three of NovaTech’s customer-facing API endpoints have TLS certificates that expired 2 weeks ago. Customers connecting to these APIs receive browser/client warnings, and some automated integrations have stopped working because their HTTP clients reject expired certificates. NovaTech’s monitoring system did not alert on the expiration.
8 points
3a. Explain the security risk of operating with expired certificates, beyond just customer-facing warnings.
Key terms: identity, verify, trust, MitM, intercept, impersonate, cannot confirm, attacker, substitute, chain
3b. Recommend a certificate lifecycle management process to prevent this from happening again. Include at least two specific practices.
Key terms: automate, renewal, monitor, alert, 30 days, inventory, track, expiration, Let's Encrypt, ACME, schedule, audit
Model Response: Security risk: Expired certificates break the trust verification chain. Clients can no longer confirm that they are communicating with the real NovaTech server. An attacker could perform a MitM attack by presenting their own certificate — and if clients have been conditioned to click through warnings (because the real cert is expired), they may accept the attacker’s certificate without suspicion. Additionally, automated systems that enforce certificate validation will refuse to connect, creating availability failures.
Practice 1: Implement automated certificate renewal using ACME protocol (e.g., Let’s Encrypt or similar CA) so certificates renew before expiration without manual intervention. Practice 2: Deploy certificate monitoring that alerts the security team 30 and 7 days before any certificate in the inventory expires, with an escalation path if renewal does not occur.
Practice 1: Implement automated certificate renewal using ACME protocol (e.g., Let’s Encrypt or similar CA) so certificates renew before expiration without manual intervention. Practice 2: Deploy certificate monitoring that alerts the security team 30 and 7 days before any certificate in the inventory expires, with an escalation path if renewal does not occur.
AP Cybersecurity 3.6 Exercise 2 | APCSExamPrep.com | Built by Tanner Crow, AP CS Teacher (11+ years)
AP® is a registered trademark of the College Board, which was not involved in the production of this content.
AP® is a registered trademark of the College Board, which was not involved in the production of this content.
Get in Touch
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Typically responds within 24 hours
✓
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.
Prefer email? Reach me directly at [email protected]