What outdated protocol may be disabled on web servers due to its security vulnerabilities?

The correct answer is SSL 3.0. SSL (Secure Sockets Layer) 3.0 is an outdated protocol that was widely used to secure communications over a computer network. However, it has significant security vulnerabilities, notably the POODLE attack, which compromises its encryption capabilities. This has led to its deprecation in favor of more secure protocols like TLS (Transport Layer Security).

While TLS 1.1, as mentioned in your choice, has also seen criticism due to security weaknesses and is being phased out in favor of TLS 1.2 and TLS 1.3, SSL 3.0 is specifically known for its critical vulnerabilities that are deemed unacceptable in modern web security practices. Therefore, it is often disabled on web servers to protect against potential attacks.

HTTP/1.1 is an application layer protocol used for transmitting hypertext over the Internet and does not inherently carry the same security risks associated with outdated encryption protocols. FTP, while also considered outdated for secure file transfer, doesn't directly relate to web server security in the same context as SSL, which specifically addresses secure communication.