charges. In contrast, Hypertext Transfer Protocol (HTTP) transmits
               data in cleartext.

               Almost all HTTPS transmissions use Transport Layer Security (TLS

               1.1) as the underlying encryption protocol. Secure Sockets Layer (SSL)
               was the precursor to TLS. Netscape created and released SSL in 1995.
               Later, the Internet Engineering Task Force (IETF) released TLS as a
               replacement. In 2014, Google discovered that SSL is susceptible to the
               POODLE attack (Padding Oracle On Downgraded Legacy Encryption).

               As a result, many organizations have disabled SSL in their
               applications.

               Organizations often enable remote access solutions such as virtual
               private networks (VPNs). VPNs allow employees to access the
               organization’s internal network from their home or while traveling.
               VPN traffic goes over a public network, such as the internet, so
               encryption is important. VPNs use encryption protocols such as TLS

               and Internet Protocol security (IPsec).

               IPsec is often combined with Layer 2 Tunneling Protocol (L2TP) for
               VPNs. L2TP transmits data in cleartext, but L2TP/IPsec encrypts data
               and sends it over the internet using Tunnel mode to protect it while in
               transit. IPsec includes an Authentication Header (AH), which provides
               authentication and integrity, and Encapsulating Security Payload
               (ESP) to provide confidentiality.

               It’s also appropriate to encrypt sensitive data before transmitting it on

               internal networks. IPsec and Secure Shell (SSH) are commonly used to
               protect data in transit on internal networks. SSH is a strong
               encryption protocol included with other protocols such as Secure Copy
               (SCP) and Secure File Transfer Protocol (SFTP). Both SCP and SFTP
               are secure protocols used to transfer encrypted files over a network.
               Protocols such as File Transfer Protocol (FTP) transmit data in

               cleartext and so are not appropriate for transmitting sensitive data
               over a network.

               Many administrators use SSH when administering remote servers.
               The clear benefit is that SSH encrypts all the traffic, including the
               administrator’s credentials. Historically, many administrators used
               Telnet to manage remote servers. However, Telnet sends traffic over a