• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

Question about CONFIDENTIAL and INTEGRAL transport-guarantee

 
Ranch Hand
Posts: 40
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi folks,

below is the content of a question on one of the mock exams I have been taking:

Select all that are true:
A. Confidentiality can be defined as information is not made available or
disclosed to unauthorized persons or processes
B. The use of JSP pages ensures data confidentiality by default
C. Confidentiality can be ensured by the use of the SSL protocol
D. Confidentiality can be ensured by the use of the SHTTP protocol
E. Data integrity means that data is unchanged from its source and has
not been accidentally or maliciously modified

I answered: A, C, D, and E; however, the exam claims that the correct answers are only C and E.

My reasoning for the wrong answer is:
A: Confidentiality means the data is encryted; therefore even if intercepted, could not be "disclosed to
unauthorised persons or processes".
D: SHTTP is http over SSL.

Is my reasoning flawed or is the exam wrong?

thanks in advance,

 
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
A,C and E seems correct answers amongst the options.
 
Rancher
Posts: 43028
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

SHTTP is http over SSL.


HTTPS is HTTP over SSL. There was a protocol named SHTTP for much the same purpose, but it died more than 10 years ago.
 
Ranch Hand
Posts: 437
Oracle Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi, Tyler.

A: Confidentiality means the data is encryted; therefore even if intercepted, could not be "disclosed to
unauthorised persons or processes".



The hackers can get the encrypted information, they may not decrypt(if most powerful cryptographic algorithms are used) but they can see the packets headers and can find, to which servers the most frequent packets are going. They can find the most bussiest servers in the network. They can identify the vulnerable points in the network. They can act upon the points and can make maximum possible damage .
 
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I also chose option A:

confidentiality means not allowing others to see like credit card numbers etc .
integrity is not allowing others to change or tamper on the way request passes.
 
pie. tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic