What Is File Transfer Protocol in Networking?
Also known as: File Transfer Protocol, FTP definition, FTP port 21, FTP vs SFTP, FTP mode active passive
This page mentions older exam versions. See the Current Exam Context and Legacy Exam Context sections below for the updated mapping.
On This Page
Quick Definition
File Transfer Protocol, or FTP, is a way to move files from one computer to another over the internet or a local network. It works like a digital courier service where you request a file from a server, and the server delivers it to your computer. FTP is commonly used by website developers to upload pages to a web server.
Must Know for Exams
FTP is a staple topic in both the CompTIA A+ and Network+ certification exams. In the CompTIA A+ exam (220-1101 and 220-1102), FTP appears primarily in the context of networking fundamentals and common protocols. The exam objectives specifically list FTP as a protocol you must know, along with its default port (21 for control, 20 for data).
You may be asked to identify which protocol is used for file transfers or to distinguish FTP from other file transfer protocols like SFTP, FTPS, and TFTP. A+ questions often focus on practical knowledge, such as what port FTP uses, or which mode (active vs passive) should be used when a firewall is present. In the CompTIA Network+ exam (N10-008), FTP is covered in more depth.
The exam objectives require you to explain the purposes and use cases of various network protocols, including FTP. You need to understand not only the ports but also how FTP operates, including the control and data connections, and the differences between active and passive modes. Network+ questions may present a scenario where a user cannot connect to an FTP server, and you must troubleshoot whether the firewall is blocking the data connection in active mode.
You will also need to know when to choose plain FTP versus secure alternatives, particularly in the context of network security. The exam may ask which protocol should be used to transfer sensitive files securely. Additionally, the Network+ exam covers FTP in the context of network services and application layer protocols.
You might be asked to match a protocol to its default port number in a multiple-choice question. For example, Which of the following protocols uses TCP port 21? FTP appears alongside HTTP, HTTPS, SMTP, and DNS in these questions.
For both exams, you should also be familiar with the concept of anonymous FTP and when it might be used. In summary, FTP appears in exam questions about ports, protocol functions, security, and troubleshooting. Knowing the specific details about control versus data connections, active versus passive mode, and the encryption status of FTP compared to SFTP and FTPS will help you answer these questions correctly.
The exam expects you to understand not just the definition, but the practical implications of using FTP in a networked environment.
Simple Meaning
File Transfer Protocol, commonly called FTP, is a set of rules that computers use to send and receive files over a network. Think of it like a postal service for digital files. When you want to send a letter, you put it in an envelope, write the address, and drop it in a mailbox.
FTP works in a similar way. Your computer, called the client, sends a request to another computer, called the server, asking for a specific file. The server then responds by sending that file over the network.
This process involves two main channels: one for giving commands (like asking for a file) and another for actually moving the file data. Imagine you are at a library. You go to the front desk (the command channel) and ask the librarian for a book (the file).
The librarian then walks to the shelf, picks the book, and hands it to you (the data channel). FTP uses this two-channel system to keep things organized. One channel, the control connection, handles your requests and the server's replies.
The other, the data connection, handles the actual file transfer. FTP can work in two modes: active and passive. In active mode, the server initiates the data connection back to your computer.
In passive mode, your computer initiates both connections, which is often necessary if your computer is behind a firewall. FTP is not encrypted by default, meaning anyone on the network could potentially see the files you are transferring. That is why secure alternatives like SFTP (SSH File Transfer Protocol) or FTPS (FTP over SSL) are often used for sensitive data.
For beginners, it is enough to know that FTP is a fundamental tool for moving files around, especially in web development and system administration. It is like having a reliable courier that can pick up and deliver packages between computers, as long as both computers agree on the rules of the protocol.
Full Technical Definition
File Transfer Protocol (FTP) is a standard network protocol defined in RFC 959 for transferring files between a client and a server over a TCP/IP network. It operates on the application layer of the OSI model and uses two separate connections for communication: the control connection and the data connection. The control connection uses TCP port 21 and is used for sending commands (such as USER, PASS, LIST, RETR, STOR) and receiving responses.
The data connection uses TCP port 20 by default in active mode, but can use a dynamically assigned port in passive mode. In active mode, the client opens a random port and sends the server a PORT command telling the server which port to connect to. The server then initiates the data connection from its port 20 to that client port.
This can cause issues when the client is behind a firewall or NAT, as the firewall may block the incoming connection from the server. In passive mode, the client sends a PASV command, and the server responds with an IP address and a random port number. The client then initiates the data connection to that port.
Passive mode is generally more firewall-friendly and is the default in most modern FTP clients. FTP supports two transfer modes: ASCII mode and binary mode. ASCII mode is used for text files and performs character conversion between different operating systems (for example, converting line endings).
Binary mode sends the file exactly as it is, byte for byte, and is used for non-text files such as images, executables, and compressed archives. FTP also supports authentication using a username and password, typically sent in cleartext. Anonymous FTP allows users to log in with a generic username (usually 'anonymous') and their email address as a password, providing public access to files.
FTP commands are sent over the control connection as plain ASCII text. Common commands include USER (username), PASS (password), CWD (change working directory), LIST (list files), RETR (retrieve a file), STOR (store a file), DELE (delete a file), and QUIT. Each command generates a three-digit response code, such as 230 for successful login or 550 for file not found.
Despite its age, FTP remains widely used due to its simplicity and broad support. However, its lack of encryption has led to the development of secure variants. FTPS (FTP over SSL/TLS) adds encryption to both control and data connections.
SFTP, despite its name, is a completely different protocol that runs over SSH and provides file transfer along with secure shell access. In modern IT environments, FTP is often used for automated file transfers between systems, for website content management, and for transferring large files where ease of use is more important than security.
Real-Life Example
Think of FTP like a secure mailroom in a large office building. Imagine you work on the 10th floor of a company that has a central mailroom on the ground floor. The mailroom (the server) holds all the packages and letters (files) for the entire building.
When you need to send a document to a colleague, you do not walk down 10 flights of stairs to the mailroom. Instead, you call the mailroom on an internal phone line (the control connection). You tell the mailroom clerk, I need to send the quarterly report to the branch office.
The clerk writes down your request and then asks, Where should I deliver it? and gives you a specific drop-off time. Now, here is the key part. In the active mode version of this system, the mailroom clerk then sends a messenger up to your desk to pick up the document.
You hand the document to the messenger, who takes it back to the mailroom and sends it out. This works fine as long as your office door is unlocked and you can receive visitors. But if your department has a security badge reader on the door (like a firewall), the messenger might not be able to get in.
In passive mode, instead of sending a messenger to you, the clerk says, You will need to bring the document down to the mailroom yourself. You then walk to the mailroom, hand over the document, and the clerk processes it. This way, your department's security does not block anything, because you are going out to the mailroom instead of the messenger coming in to you.
This is exactly how FTP works. Your computer (the client) calls the server on the control connection (like the phone call). Then, depending on the mode, either the server connects to your computer (active) or your computer connects to the server (passive) to actually transfer the file.
The mailroom floor plan also shows another layer. The mailroom has a general delivery slot for anonymous packages. Anyone can drop off a letter without an account. That is like anonymous FTP, where anyone can log in with the username anonymous and download public files.
But for sensitive documents, the mailroom requires a signed delivery slip with a specific employee number and password. That is the normal authenticated FTP, where you must provide a valid username and password before the server allows any file transfers.
Why This Term Matters
FTP matters because it remains one of the most common methods for transferring files over networks, especially in environments where simplicity and compatibility are critical. In real IT work, you will encounter FTP in several key areas. First, web development and hosting.
When you build a website, you need to upload the HTML, CSS, JavaScript, and image files to a web server. FTP is the standard tool for this. Many developers still use FTP clients to push their site updates live.
For system administrators, FTP is often used for transferring configuration files, log files, or backup data between servers. While more secure alternatives like SFTP are preferred today, many legacy systems and older devices only support plain FTP, so understanding it is essential for maintaining those systems. In cloud infrastructure, some services still offer FTP endpoints for bulk data uploads.
For example, an e-commerce company might use FTP to upload a nightly product catalog from their on-premises system to their cloud-hosted web store. Knowing how to configure FTP in both active and passive modes is crucial for getting these transfers to work through firewalls and NAT devices. FTP also matters because it teaches fundamental networking concepts.
Understanding the difference between control and data connections introduces you to the idea of out-of-band signaling, which appears in other protocols like SIP for VoIP. The active versus passive mode distinction is a real-world example of how firewalls and NAT affect network communications. Even if you never use plain FTP again, the concepts you learn from it apply directly to modern file transfer methods.
Finally, security professionals must understand FTP because it is a common attack vector. Since FTP transmits credentials and data in cleartext, an attacker on the same network can capture login details using a packet sniffer. This is why you must know when it is appropriate to use FTP and when you must use a secure alternative.
In summary, FTP is not just a legacy protocol. It is a foundational tool that every IT professional needs to understand, even if only to replace it with something better.
How It Appears in Exam Questions
FTP appears in certification exam questions in several distinct patterns. One common type is the port identification question. For example, a question might ask, Which of the following default port numbers is associated with FTP control traffic?
The answer choices would include 20, 21, 22, 23, and 443. You need to know that port 21 is for control and port 20 is for data. Another pattern is the protocol comparison question.
The exam might give you a scenario like, A network administrator needs to transfer large configuration files to a remote router. Which protocol should be used? Here you must distinguish between FTP, TFTP, SFTP, and SCP.
TFTP is simpler and uses UDP, but it is unsecured and cannot list directories. FTP is more functional but still unsecured. SFTP and SCP are secure. The correct answer depends on the need for security and functionality described in the scenario.
Troubleshooting questions are very common. A typical scenario: A user on an internal network is unable to download files from an external FTP server. The user can connect and log in successfully, but the file transfer fails.
The question asks what the most likely cause is. The answer often involves a firewall blocking the incoming data connection in active FTP mode. You would then need to recommend switching to passive mode or configuring the firewall to allow the data connection.
There are also configuration questions. For instance, a question might describe a web developer who needs to upload website files to a remote server. The developer is behind a corporate firewall that blocks inbound connections.
The question asks which FTP mode the developer should use. The correct answer is passive mode, because in passive mode the client initiates both the control and data connections, which is more likely to work through a firewall. Some questions test your knowledge of secure alternatives.
For example, An organization needs to transfer payroll files between two servers. Which protocol should be used to ensure confidentiality? The answer would be SFTP or FTPS, not plain FTP, because plain FTP sends data and credentials in cleartext.
Finally, there are questions about the protocol itself. A question might ask, Which protocol uses two separate connections for control and data? The answer is FTP. Or, Which protocol uses TCP port 20 for data transfer?
Again, FTP. In summary, expect to see FTP in questions about port numbers, protocol selection, troubleshooting connectivity issues, firewall configuration, and security best practices.
Practise File Transfer Protocol Questions
Test your understanding with exam-style practice questions.
Example Scenario
Jamie is a web developer for a small company. She has just finished building a new company website on her local computer. The website consists of HTML pages, CSS stylesheets, several images, and a JavaScript file.
Now she needs to put all these files on the company's web server so the public can access the website. Jamie opens an FTP client program on her computer. She enters the server's IP address, her username, and her password.
She also needs to choose a port. She leaves the default port 21 for the control connection. She clicks Connect. The FTP client sends a command over the control connection to the server, saying, Hello, I am Jamie.
Here is my username and password. The server checks the credentials and sends back a message: Login successful. Now Jamie sees a list of directories on the server, like the root folder of the website.
She navigates to the public_html folder. Then she selects all the website files on her local computer and drags them into the public_html folder on the server. This triggers the data connection.
Because Jamie is behind a corporate firewall that blocks incoming connections, her FTP client is set to use passive mode. So the server sends back an IP address and a random port number. Jamie's computer then opens a connection to that port on the server and starts uploading the files one by one.
As each file finishes, the server sends a confirmation message over the control connection. After all files are uploaded, Jamie disconnects. She then opens a web browser and types the company's domain name.
The website loads perfectly, showing all the new pages and images. In this scenario, FTP is the tool that allowed Jamie to move her files from her computer to the web server. The two connections (control and data) worked together to log her in and then transfer the files.
Passive mode ensured the transfer worked despite the firewall. This is exactly how FTP is used thousands of times every day by web developers around the world.
Common Mistakes
Thinking that FTP uses only one connection on port 21.
FTP actually uses two connections: a control connection on port 21 for commands and a data connection on port 20 (in active mode) or a random port (in passive mode) for the actual file data. Assuming only one connection leads to confusion when troubleshooting firewall issues.
Remember that FTP is a two-channel protocol. Control on 21, data on 20 (active) or a high port (passive). The control connection sends commands; the data connection sends the files.
Confusing FTP with SFTP or FTPS and believing all three work exactly the same way.
FTP, SFTP, and FTPS are different protocols. FTP is plain and unencrypted. FTPS is FTP with added SSL/TLS encryption. SFTP is a completely different protocol that runs over SSH. They are not interchangeable, and each uses different ports and security mechanisms.
Learn the key differences: FTP uses ports 20/21, no encryption. FTPS uses port 990 for implicit TLS or can use port 21 with explicit TLS. SFTP uses port 22 (same as SSH) and is a secure file transfer protocol built on the SSH protocol.
Believing that FTP always works without adjusting for firewalls.
Active mode FTP requires the server to initiate a connection back to the client on a random port. Many firewalls and NAT devices block this incoming connection by default, causing transfers to fail. Beginners often think the problem is with the server or the client software.
If you are having trouble transferring files, try switching your FTP client to passive mode. In passive mode, the client initiates both connections, which is much more likely to work through firewalls. This is why most modern FTP clients default to passive mode.
Assuming that FTP will always be the best choice for transferring files.
FTP sends all data, including your username and password, in plaintext. Anyone on the same network can capture this information using a packet sniffer. For sensitive or confidential data, plain FTP is a serious security risk.
Always evaluate the security requirements before choosing FTP. If you are transferring public files or non-sensitive data, plain FTP might be acceptable. For anything confidential, use SFTP, FTPS, or another encrypted transfer method.
Thinking that Anonymous FTP means no login is required.
Anonymous FTP still requires a login. The convention is to use the username anonymous and your email address as the password. The server then grants access to a public directory. It is not a completely open connection. Some servers also restrict what anonymous users can do, such as only allowing downloads and not uploads.
Understand that anonymous FTP is a specific type of authentication, not an absence of authentication. You still need to provide credentials (anonymous and an email) to the server.
Exam Trap — Don't Get Fooled
An exam question describes a user who can connect to an FTP server and log in successfully, but cannot download files. The question asks what the problem is, and one of the answer choices is 'The FTP server is down.' Always remember that FTP uses two separate connections.
A successful login only proves that the control connection on port 21 is working. The file transfer itself happens over a separate data connection. If that data connection is blocked by a firewall, NAT, or misconfiguration, the transfer will fail even though the login succeeded.
In troubleshooting, always check whether the data connection might be the issue, especially in active mode where the server initiates the connection back to the client.
Commonly Confused With
TFTP is a simpler, lighter version of FTP that uses UDP instead of TCP. It has no authentication or directory listing capabilities, and it is often used for transferring configuration files to network devices like routers and switches. FTP has robust features like authentication, directory navigation, and both ASCII and binary transfer modes.
A network administrator uses TFTP to back up a router's configuration file, typing a single command with no username or password. The same administrator uses FTP to upload an entire website, using a client with a login screen and the ability to browse folders.
SFTP is a secure file transfer protocol that runs over the SSH protocol (port 22). It provides encryption for both authentication and data transfer. Unlike FTP, it uses only one connection and is inherently secure. FTP has no encryption by default and uses two connections.
A system administrator uses SFTP to securely upload payroll files to a remote server because the data contains confidential salary information. The same administrator uses plain FTP to upload a company logo image to a public web server, knowing the file is not sensitive.
FTPS is FTP with an added layer of security using SSL/TLS encryption. It can use explicit TLS (where the client requests encryption on port 21) or implicit TLS (where the entire session is encrypted on port 990). FTP without encryption sends all data in plaintext. FTPS is more complex to configure due to certificate requirements.
A web developer uses FTPS to upload the login page of a banking website because the developer wants to ensure no one can intercept the uploaded code. For the public homepage with no sensitive code, the developer uses plain FTP for simplicity.
HTTP is designed for transferring web pages and their associated resources (images, scripts) from a web server to a browser. FTP is designed for general file transfer between any two systems, with more robust file management features like directory listing, renaming, and deleting files. HTTP is stateless, while FTP maintains a session state.
A user types a URL into a browser and retrieves a web page using HTTP. The same user uses an FTP client to upload a batch of 100 product images to the web server's image directory.
Step-by-Step Breakdown
Client initiates control connection
The FTP client software (like FileZilla or WinSCP) opens a TCP connection to the FTP server on port 21. This is the control connection, and it will be used to send all commands (like login, change directory, list files) and receive responses. This connection remains open for the entire session.
Server sends a banner and asks for login credentials
The server responds with a greeting message (usually a 220 code) indicating it is ready. Then it prompts the client for a username. The client sends the USER command with the username. The server then prompts for a password, and the client sends the PASS command. If the credentials are valid, the server responds with a 230 code, granting access.
Client navigates the file system
After login, the client can send commands like CWD (change working directory) to move to a different folder on the server, or LIST to get a listing of files and folders. The server returns the requested information over the control connection. This allows the user to find where they need to upload or download files.
Client requests a data transfer and negotiates the mode
When the user decides to download or upload a file, the client must establish a data connection. The client sends either a PORT command (for active mode) or a PASV command (for passive mode). In active mode, the client tells the server its own IP address and a random port to connect to. In passive mode, the server replies with its own IP address and a random port for the client to connect to.
Data connection is established and file is transferred
Once the mode is negotiated, a separate TCP connection is opened for the data transfer. The client sends a RETR command to download a file or a STOR command to upload a file. The actual file data is then transmitted over this data connection. For text files, ASCII mode may convert line endings. For binary files, the data is sent byte-for-byte. After the file transfer completes, the data connection is closed.
Session ends and control connection is closed
The user can continue to request more file transfers, each time opening a new data connection. When the user is finished, they send a QUIT command. The server responds with a goodbye message and closes the control connection. The entire session is now terminated.
Practical Mini-Lesson
Let us walk through how FTP works in practice and what you, as an IT professional, need to know to use it effectively. First, you need an FTP client and an FTP server. A client is the software you run on your local machine.
Common clients include FileZilla, WinSCP, and the command-line ftp utility built into most operating systems. The server is the remote computer that hosts the files. Examples include vsftpd on Linux, FileZilla Server on Windows, and the built-in IIS FTP server.
When you open your FTP client, you typically enter four things: the server's hostname or IP address, your username, your password, and the port number (usually 21). After connecting, the client sends a series of commands automatically to log you in. You will then see a split interface showing your local files on one side and the server files on the other.
To transfer a file, you simply drag it from one side to the other. But the real magic happens behind the scenes. The client and server must agree on a transfer mode. Most modern clients default to passive mode because it works through firewalls.
If you ever encounter a connection timeout or a failure to list directories after logging in, the first thing to check is the FTP mode. Switch to passive mode if you are on active, or try active if you are on passive. A common real-world task is uploading a website.
You connect to the web server, navigate to the public_html or www folder, and upload your HTML files. You must be careful to use binary mode for images and ASCII mode for text files, though most modern clients auto-detect this. Another task is downloading log files from a server for analysis.
You connect, navigate to the logs directory, and download the logs. In a corporate environment, you might automate FTP transfers using scripts. For example, a nightly backup script could use the command-line ftp to transfer a database dump from a web server to a backup server.
However, due to security concerns, many organizations now require SFTP or FTPS instead. To configure an FTP server, you need to set up user accounts, define home directories, and configure permissions. You also need to configure the firewall to allow both port 21 and the range of data ports used in passive mode.
This is often the trickiest part. If the firewall blocks the passive data ports, transfers will fail. The key takeaway is that FTP is simple to use but requires understanding of network fundamentals, especially firewalls and NAT, to troubleshoot effectively.
As an IT professional, you must also know when not to use FTP, opting instead for encrypted alternatives when security is a concern.
Memory Tip
To remember the FTP ports, think of a control tower and a delivery truck. The control tower is port 21, where all the talking (commands) happens. The delivery truck is port 20, where the actual goods (data) are loaded. Keep the control tower (21) separate from the delivery truck (20) in your mind.
Covered in These Exams
Current Exam Context
Current exam versions that test this topic — use these objectives when studying.
N10-009CompTIA Network+ →220-1101CompTIA A+ Core 1 →200-301Cisco CCNA →220-1101CompTIA A+ Core 1 →PCAGoogle PCA →Legacy Exam Context
Older materials may mention these exam versions, but learners should use the current objectives for their target exam.
N10-008N10-009(current version)Related Glossary Terms
802.1Q is the networking standard that allows multiple virtual LANs (VLANs) to share a single physical network link by tagging Ethernet frames with VLAN identification information.
802.1X is a network access control standard that authenticates devices before they are allowed to connect to a wired or wireless network.
5G is the fifth generation of cellular network technology, designed to deliver faster speeds, lower latency, and support for many more connected devices than previous generations.
An A record is a DNS record that maps a domain name to the IPv4 address of the server hosting that domain.
Frequently Asked Questions
What is the difference between port 20 and port 21 in FTP?
Port 21 is used for the control connection, where commands like login and file listing are sent. Port 20 is used for the data connection in active mode, where the actual file content is transferred.
Is FTP secure?
Standard FTP is not secure because it sends data and login credentials in plaintext. For secure file transfers, you should use SFTP or FTPS, which encrypt the connection.
What is passive mode in FTP?
In passive mode, the client initiates both the control and data connections. The server provides an IP address and port for the client to connect to for data transfer. This mode is more firewall-friendly than active mode.
Can I use FTP to transfer files between two computers on the same local network?
Yes, FTP works on local networks exactly the same way as over the internet. You just use the local IP address of the server instead of a public one.
What does Anonymous FTP mean?
Anonymous FTP is a way to allow public access to files on an FTP server. Users log in with the username 'anonymous' and typically their email address as the password. Access is often limited to specific public directories.
Why does my FTP transfer fail when I can log in successfully?
A successful login only means the control connection works. The failure is likely with the data connection. This is often caused by a firewall blocking the data port, especially in active mode. Switching to passive mode usually fixes the problem.
What is the difference between binary and ASCII transfer modes in FTP?
ASCII mode converts line endings between different operating systems, which is useful for text files. Binary mode sends the file byte for byte without any conversion, which is required for images, executables, and other non-text files to avoid corruption.
Summary
File Transfer Protocol (FTP) is a foundational networking protocol used to transfer files between a client and a server over a TCP/IP network. It operates on a two-channel system: a control connection on port 21 for sending commands and receiving responses, and a data connection on either port 20 (active mode) or a random port (passive mode) for transferring the actual file data. Understanding the difference between active and passive modes is critical, as passive mode is essential for working through firewalls and NAT.
FTP is straightforward to use but has a major security weakness: all data, including usernames and passwords, is sent in plaintext, making it vulnerable to interception. For exam purposes, remember that FTP appears in both CompTIA A+ and Network+ exams, focusing on port numbers, mode selection, and troubleshooting connectivity issues. It is often confused with TFTP, SFTP, and FTPS, so knowing the distinctions between these protocols is important.
In practice, FTP is still widely used for web development uploads, legacy system maintenance, and automated file transfers, but it should be replaced with secure alternatives when handling sensitive data. Mastering FTP helps you understand core networking concepts like TCP connections, firewalls, and application layer protocols.