Systems Security Certified Practitioner (SSCP) — Question 138

In what way could Java applets pose a security threat?

Answer options

• A. Their transport can interrupt the secure distribution of World Wide Web pages over the Internet by removing SSL and S-HTTP
• B. Java interpreters do not provide the ability to limit system access that an applet could have on a client system.
• C. Executables from the Internet may attempt an intentional attack when they are downloaded on a client system.
• D. Java does not check the bytecode at runtime or provide other safety mechanisms for program isolation from the client system.

Correct answer: C

Explanation

The correct answer is C because executables from the Internet can be malicious and may exploit vulnerabilities when run on a client system. Option A is incorrect as Java applets do not inherently disrupt secure distribution methods like SSL. Option B is misleading because while Java does allow some access control, the lack of restrictions can lead to security issues. Option D is also incorrect; Java does include some mechanisms for bytecode verification at runtime.