File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes Question on security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "Question on security" Watch "Question on security" New topic

Question on security

savita jadhav
Ranch Hand

Joined: Mar 05, 2001
Posts: 62
I found this question in mock test

Acme bank has developed asophisticated banking sysytem which allows the customer to login and perform online transactions.Due to sensitive nature of data the bank wants to ensure taht any data that is transfered between the customer and the banks server has to be encrypted.choose the best authentication type that will match the above requirement.


I thought the anwser would be DIGEST as the data has to be encrypted.
but the answer is CLIENT-CERT.For Client-cert the users must have certificates and they have not mentioned anything about that.

Can anyone give any clarification about how Client -cert is the correct answer?

Another question is can anyone tell me which exam simulator is good JWebPlus or whizLabs?

Gaurav Gambhir
Ranch Hand

Joined: Mar 04, 2006
Posts: 256
Answer to 1st Question

BASIC authentication transmits the login information in an encoded(not encrypted) form , so providing weak security --> So not the solution

DIGEST authentication transmits the login information in a more secure way, but the encryption mechanism isn�t widely used, not supported all all IE---- So is the reason not the solution

CLIENT-CERT authentication transmits the login information in an extremely secure form using Public Key Certificates (PKS), the downside to this mechanism is that client need to have a certificate before they can login

It is most secure of all the four types

-----So is the reason its the solution
savita jadhav
Ranch Hand

Joined: Mar 05, 2001
Posts: 62
Thank you
subject: Question on security
It's not a secret anymore!