This week's book giveaway is in the OCP forum.
We're giving away four copies of OCP Oracle Certified Professional Java SE 11 Developer Practice Tests and have Scott Selikoff and Jeanne Boyarsky on-line!
See this thread for details.
Win a copy of OCP Oracle Certified Professional Java SE 11 Developer Practice Tests this week in the OCP forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Jeanne Boyarsky
  • Ron McLeod
  • Tim Cooke
Sheriffs:
  • Devaka Cooray
  • paul wheaton
  • Mark Herschberg
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Frits Walraven
  • Jj Roberts
Bartenders:
  • Carey Brown
  • salvin francis
  • Piet Souris

SSL and Security basic questions

 
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Here is my understanding
1. Confidentialy/EavesDropping - Data is not read during transmission between sender and receiver. This is taken care by Encrption and Decrption � Symmetric cryptography.
correct?
2. Data Integrity/Tampering - Data is not modified during transmission between sender and receiver. This is taken care by public key crptography
correct?
so if I use just SSL and not using any certificate or digital signature, is it correct to say that i have taken care of point 1 but not point 2.
3. to vouch for public key, I need to use trusted CA like Verisign etc
correct?
4.im referring to figure 3 of following link:
http://developer.netscape.com/docs/manuals/security/pkin/contents.htm#1051918
From this diagram, Im assuming that original data is encrpted using symetric algo and transmitted via ssl along with digital signature.
correct?
 
Ranch Hand
Posts: 1325
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I dont think u need know all those details, I didnt encounter any of those kind of questions in SCEA part1, the questions in the exam were more relevant to jdk and applet securities.
 
sowmya thiru
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
umm surprised.... in many of SCEA notes, i have seen mentioning on cryptography, digest, pki, digital certificates apart from jdk security and applet security.
can anybody confirm that therei s not need to study on pki, certificate, digital signature.
what is the scope in security section?
applet security and jdk 1.1 , 2 security model?
question on applet security
in jdk1.1, a signed jar gets full access to system resources correct?
if a jar is signed..is it also trusted?
if above is not correct..how to make applet trusted apart from it is signed
 
Billy Tsai
Ranch Hand
Posts: 1325
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
there are only 2 questions on the security part of the exam
 
Grow your own food... or this tiny ad:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic