FTP Protocol and Other File Transfer Protocols – Long Answer Questions
Medium Level (Application & Explanation)
Q1. Explain how FTP works between a client and a server for uploading and downloading files.
Answer:
FTP (File Transfer Protocol) is a standard way to move files over the Internet using TCP/IP. It follows a client–server model: the FTP client initiates the connection and the FTP server responds.
The server acts like a library storing files; the client is the visitor who requests to borrow or submit files. You can upload (send from your computer to the server) or download (receive from server to your computer).
To connect, you enter the server’s FTP address (for example, ftp://ftp.example.com/) and usually provide username and password. Some servers allow anonymous (guest) access.
Once connected, you can browse folders, copy, rename, delete, and organize files, depending on your permissions.
FTP is reliable but not secure by default (data goes in plain text). For sensitive data, use SFTP or SCP which encrypt transfers.
Q2. Describe the step-by-step process of uploading and downloading files using FTP in Windows Explorer.
Answer:
To practice simple transfers, you can use Windows Explorer as a basic FTP client.
Steps:
Open Windows Explorer and ensure you are connected to the Internet.
In the address bar, type the FTP address (example: ftp://ftp.freestone.net/) and press Enter.
The server’s folder structure appears if access is allowed. If needed, provide credentials (username/password).
To upload, copy a file from your computer and paste it into a target folder in the FTP window.
To download, copy a file from the server window and paste it into a folder on your computer.
Close the window when finished.
Observations:
Transfers depend on internet speed and server permissions.
If you lack write permissions, uploads or deletions may be blocked.
Use a dedicated client like FileZilla for more features and better control.
Q3. What are the requirements to connect to an FTP server, and how do public and private FTP access differ?
Answer:
To connect, you need:
An FTP client (e.g., FileZilla, WinSCP, Cyberduck, or Windows Explorer).
The server’s FTP address (like ftp://ftp.heanet.ie/).
Often username and password; sometimes anonymous access is allowed.
Public FTP servers provide open access for downloads (and occasionally uploads) without strict credentials. They are used for sharing common resources such as research data or software.
Private FTP servers require user authentication and restrict actions based on permissions. They are used by schools, companies, and teams for controlled sharing.
Considerations:
Ensure correct credentials and folder permissions.
Choose the right client software for your OS (Windows, Mac, Linux).
For sensitive content, prefer SFTP/SCP over plain FTP to protect data.
Q4. Explain SSH, SFTP, and SCP. When should each be used for secure file operations?
Answer:
SSH (Secure Shell) builds a secure, encrypted channel over an insecure network. It provides remote login, command execution, and serves as a secure base for file transfers.
SFTP (SSH File Transfer Protocol) runs over SSH, encrypting both commands and data. It supports resuming, listing, permissions, and file management, making it ideal for routine, interactive file work.
SCP (Secure Copy Protocol) also uses SSH encryption, focusing on fast, point-to-point copying. It is best for quick, scripted transfers without complex file operations.
Use cases:
Use SSH for secure remote administration.
Use SFTP for regular uploads/downloads, managing folders, and handling sensitive files.
Use SCP for simple, secure copies (e.g., moving a backup file).
All three ensure confidentiality and authentication, unlike plain FTP.
Q5. Differentiate between SMTP/ESMTP and POP3 in the context of email sending and receiving.
Answer:
SMTP (Simple Mail Transfer Protocol) is used to send emails from a client to a mail server and between servers. By default, SMTP handles text messages. It does not retrieve emails.
ESMTP (Extended SMTP) enhances SMTP, allowing attachments (pictures, audio, documents) and extra features—making it suitable for modern, rich emails.
POP3 (Post Office Protocol v3) is used by email clients to retrieve messages from a server and store them locally, enabling offline reading. POP3 does not send emails.
Flow example:
A teacher composes an email; SMTP/ESMTP sends it out (with attachments via ESMTP).
Students’ email clients use POP3 to download and read the emails even without internet later.
In short: SMTP/ESMTP = sending (with attachments); POP3 = receiving and offline storage.
High Complexity (Analytical & Scenario-Based)
Q6. Your school wants to share study materials and collect assignments. Should it use public FTP or SFTP? Justify your choice and outline the process.
Answer:
Choose SFTP over public FTP. Public FTP is convenient for distributing open resources but is insecure and unsuitable for submissions (privacy risks). SFTP, running over SSH, encrypts both commands and file data, protecting student identities and content.
Plan:
Create an SFTP server with individual user accounts and folder permissions (read-only “Materials” folder; write-only “Submissions” folder).
Share server address, username/password, and simple client instructions (e.g., using WinSCP or FileZilla in SFTP mode).
Students download study materials securely and upload assignments to their assigned folders.
Teachers verify timestamps, maintain organized folders, and enforce access control.
Benefits: Confidentiality, integrity, and accountability—all essential in an academic environment.
Q7. You can connect to an FTP server but cannot upload files. Analyze possible causes and propose solutions.
Answer:
Likely causes:
Insufficient permissions (read-only access or no write rights for your account or folder).
Trying to upload to a restricted directory that blocks modifications.
Using anonymous (guest) access, which usually disables uploads.
Incorrect credentials or expired password causing limited session capabilities.
Server policy disallowing uploads to public areas for security.
Solutions:
Confirm your username has write permissions; request access from the server administrator.
Switch to a designated upload folder (e.g., “/incoming”).
If files are sensitive, use SFTP instead of plain FTP to protect data and align with server policies.
Retry with a full-featured client (FileZilla/WinSCP) to see clear error messages and logs.
Verify enough storage space and that file names meet server rules.
Q8. A hospital needs to move confidential patient files between two computers. Should it choose SCP or SFTP? Provide reasons and a safe workflow.
Answer:
Both SCP and SFTP encrypt data via SSH, but the better choice depends on workflow:
Choose SFTP if staff need to browse folders, resume transfers, and manage files with fine control (rename, delete, set permissions). It’s user-friendly with GUI tools.
Choose SCP for simple, scripted, one-time or scheduled transfers where speed and simplicity matter.
Recommended safe workflow (SFTP):
Create user accounts with strong passwords and minimal folder access.
Use a trusted SFTP client (e.g., WinSCP), connect with the server’s address and credentials, and verify the server identity.
Upload files to a secure directory with controlled read/write access.
Maintain audit logs and periodic checks to ensure compliance.
Outcome: Preserves confidentiality, integrity, and traceability for sensitive medical data.
Q9. Telnet is available on campus systems for remote access. Evaluate the risks and propose a migration plan to SSH.
Answer:
Risks of Telnet:
Sends usernames, passwords, and commands in plain text, enabling eavesdropping.
Lacks encryption and robust authentication, making it unsafe on modern networks.
Migration plan to SSH:
Install and configure an SSH server; disable Telnet services after staged testing.
Provide SSH client options (OpenSSH, PuTTY, terminal apps) for Windows, Mac, and Linux.
Educate users on secure login, handling of credentials, and basic SFTP/SCP for file transfer.
Set user permissions, enforce strong passwords, and maintain logs.
Update documentation and provide support during transition.
Benefits:
Encrypted sessions, integrity protection, and mutual authentication.
Unified secure platform for remote commands and file transfer via SFTP/SCP.
Q10. A research team shares open datasets publicly and private drafts internally. Design a protocol mix and justify each choice.
Answer:
Protocol mix:
Use public FTP for open datasets: easy access via a simple FTP address, no heavy setup for recipients, and suitable where security is not critical.
Use SFTP for private drafts and internal documents: encrypted transfers, protected logins, and rich file management features.
Use ESMTP to send emails with attachments (figures, documents) to collaborators when needed.
Team members use POP3 to retrieve emails for offline reading of notifications and updates.
