Refer to the exhibit. Which of the following best describes the effective permissions granted to the application?
Both permissions are granted by the policy.
Why this answer
The exhibit shows a Java security policy granting the application `java.net.SocketPermission` with `connect,resolve` actions and `java.io.FilePermission` with `read,write` actions on `/data/-`. This means the application can connect to any socket (since the target name is `*`) and read/write any file under `/data/`. Option B correctly captures both permissions.
Exam trap
Oracle often tests the distinction between file permission actions (read vs. write) and the wildcard syntax (`-` for recursive, `*` for all files in a directory), leading candidates to misread the granted actions or scope.
How to eliminate wrong answers
Option A is wrong because it omits the file permissions granted under `/data/`, which include both read and write access. Option C is wrong because it incorrectly restricts file access to read-only, while the policy explicitly grants `read,write`. Option D is wrong because it ignores the socket permission that allows connecting to any socket.