Mikalai Zaikin wrote:
Elizaba Thomas wrote:Thanks for the prompt reply Mikalai ... I did the production one ...
Let me also add, There was one question regarding message level security ... It goes like this
Q- Which two statements are true about security strategies at the message level?
A. Messages are secured during transport and after arrival at their destination
B. Each portion of a compound message is secured.
C. SSL is required to ensure authenticity, integrity, and confidentiality.
D. Message attachments are secured without the need for a dedicated API.
E. Security is dependent on the application environment or the transport protocol.
I got the question from one of the mock exams i found online (after I attempted the exam ! ) They have answered C,E (I know for sure E is not an answer !! )
I answered, A and C - And I am pretty much sure the answer is correct
My exam results details that I had answered the one of message level security wrongly !!!
I realize most of the exams published online give wrong answers!
I am wondering if Oracle accepts re-evaluation !
Hello,
I would answer the same:
A (Messages are secured during transport and after arrival at their destination)
C (SSL is required to ensure authenticity, integrity, and confidentiality.)
It explained in Java EE 6 tutorial here: http://docs.oracle.com/cd/E19798-01/821-1841/bnbxd/index.html
A – true (Security stays with the message over all hops and after the message arrives at its destination.)
B – false (For example, a portion of the message may be signed by a sender and encrypted for a particular receiver.)
C – true
D – false (Security can be selectively applied to different portions of a message and, if using XML Web Services Security, to attachments.)
E – false (Message security is independent of the application environment or transport protocol.)
So, I believe you answered this question correctly
Best regards,
MZ
P.S. Note, the online sample tests may be totally wrong, so take those questions and answers with caution.