FTP servers on the device must be disabled.
FTP server is not disabled
The additional services enabled on a router increases the risk for an attack since the router will listen for these services. In addition, these services provide an unsecured method for an attacker to gain access to the router.
Disable FTP server services on the device.
Review the device configuration to determine if the device has been setup to be an FTP server. If the device has been configured to be an FTP server, this is a finding.
Information Assurance Officer