Oracle Exam 1Z0-820 Topic 2 Question 71 Discussion

Actual exam question for Oracle's 1Z0-820 exam

Question #: 71
Topic #: 2

United States of America export laws include restrictions on cryptography.

Identify the two methods with which these restrictions are accommodated in the Oracle Solaris 11 Cryptographic Framework.

ACorporations must utilize signed X.509 v3 certificates.

BA third-party provider object must be signed with a certificate issued by Oracle.

CLoadable kernel software modules must register using the Cryptographic Framework SPI.

DThird-party providers must utilize X.509 v3 certificates signed by trusted Root Certification Authorities.

ESystems destined for embargoed countries utilize loadable kernel software modules that restrict encryption to 64 bit keys.

Show Suggested Answer

Suggested Answer: C

by Jade at Mar 02, 2023, 01:36 PM

Limited Time Offer

25%

Off

Get Premium 1Z0-820 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Vivan

1 months ago

Wait, so they're saying I need to get my encryption modules signed by Oracle? That sounds like a hassle. Can't I just use a nice, trustworthy 3rd-party provider instead?

upvoted 0 times

Lorrine

3 days ago

User 2: I think using a trusted 3rd-party provider is also an option.

upvoted 0 times

...

Bea

9 days ago

User 1: Yeah, it seems like Oracle wants everything signed with their certificate.

upvoted 0 times

...

Dahlia

2 months ago

This is a tricky one. I'd go with C and D, but I'm curious to see if there's some obscure rule about signed X.509 certs that I'm missing.

upvoted 0 times

Katie

16 days ago

User3: I'm not sure, but I think we should also consider A and B just to be safe.

upvoted 0 times

...

Tayna

1 months ago

User2: I agree, those seem like the most logical choices.

upvoted 0 times

...

Maurine

1 months ago

User1: I think C and D are the correct methods.

upvoted 0 times

...

Dominic

2 months ago

Haha, imagine if they made you use a 64-bit key for systems going to embargoed countries. Might as well just use a paperclip for encryption!

upvoted 0 times

Emile

18 hours ago

User 2: I know right, a paperclip would probably be more secure.

upvoted 0 times

...

India

2 days ago

User 1: Yeah, that would be pretty weak encryption.

upvoted 0 times

...

Gertude

4 days ago

Rosendo: Probably not very secure at all.

upvoted 0 times

...

Catarina

8 days ago

User 3: I wonder how effective that really is in practice.

upvoted 0 times

...

Rosendo

20 days ago

User 2: I know right, it's like using a toy lock on a safe.

upvoted 0 times

...

Gary

2 months ago

User 1: Yeah, that would be pretty weak encryption.

upvoted 0 times

...

Taryn

2 months ago

Hmm, that makes sense too. Let's wait for more opinions before deciding.

upvoted 0 times

...

Alishia

2 months ago

I disagree, I believe the correct answer is C, as it involves registering with the Cryptographic Framework SPI.

upvoted 0 times

...

Graciela

2 months ago

I'm not sure about the specifics, but I know the U.S. has strict export laws on cryptography. Option E sounds a bit too specific, though.

upvoted 0 times

Willard

1 months ago

User 2: I agree, option D seems to be the most relevant in this case.

upvoted 0 times

...

Malcolm

2 months ago

User 1: I think option D is correct, third-party providers need to use trusted certificates.

upvoted 0 times

...

Nicholle

2 months ago

Options C and D seem to be the correct answer. The Cryptographic Framework requires kernel modules to register, and third-party providers must use trusted X.509 certs.

upvoted 0 times