Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Exam 70-340 preparation questions

Exam 70-340 preparation questions

Ratings: (0)|Views: 18 |Likes:
Published by Mitchell Johnson
Exam 70-340 study material -Made available by Examsking for Exam 70-340 such as Exam 70-340 preparation questions in 70-340 pdf formats, 70-340 study guides, 70-340 practice exams and other self-paced Exam and 70-340 training kits.
Exam 70-340 study material -Made available by Examsking for Exam 70-340 such as Exam 70-340 preparation questions in 70-340 pdf formats, 70-340 study guides, 70-340 practice exams and other self-paced Exam and 70-340 training kits.

More info:

Published by: Mitchell Johnson on Sep 01, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

05/11/2014

pdf

text

original

 
Exam70-340 study materialMade available by ExamsKing.com Free70-340 Exam PreparationQuestions
Implementing Security for Applications with Microsoft Visual C# .NET
For Latest 70-340 Exam Questions and study guides- visit- http://www.examsking.com/70-340.html
 
Questino: 1
You are an application developer for Company.com. You develop library assemblies that are called byyour main applications. These library assemblies access confidential data in the applications. To ensurethat this data is not accessed in an unauthorized and unsafe manner, users must not be allowed to callthe library assemblies from their own applications. You apply a strong name to all assemblies tosupport versioning.You need to prevent users from writing managed applications that make calls to your library assemblies.You need to achieve this goal while minimizing the impact on response times for applications.What should you do?A. Use the internal access modifier to declare all classes and structures in each library.B. Use the protected internal access modifier to declare all classes and structures in each library.C. Add the following attribute to each class and structure in each library assembly:<StrongNameIdentityPermission(SecurityAction.Demand, PublicKey:=”002400..bda4”)>D. Add the following attribute to each class and structure in each library assembly:<StrongNameIdentityPermission(SecurityAction.LinkDemand, PublicKey:=”002400..bda4”)>
Answer: CExplanation:StrongNameIdentityPermission Class
Defines the identity permission for strong names. This class cannot be inherited. For alist of all members of this type, see StrongNameIdentityPermission Members.System.Object System.Security.CodeAccessPermissionSystem.Security.Permissions.StrongNameIdentityPermission <Serializable>NotInheritable Public Class StrongNameIdentityPermission InheritsCodeAccessPermission Remarks Use StrongNameIdentityPermission to achieveversioning and naming protection by confirming that the calling code is in a particular strong-named code assembly. A strong name identity is based on a cryptographicpublic key called a blob optionally combined with the name and version of a specificassembly. The key defines a unique namespace and provides strong verification thatthe name is genuine, because the definition of the name must be in an assemblysigned by the corresponding private key. Note that the validity of the strong name keyis not dependent on a trust relationship or any certificate necessarily being issued for the key. Note Full demands for StrongNameIdentityPermission succeed only if all theassemblies in the stack have the correct evidence to satisfy the demand. Linkdemands using StrongNameIdentityPermissionAttribute succeed if only the immediatecaller has the correct evidence.
Question: 2
You are an application developer for your company. You are developing an application that can beextended by using custom components. The application uses reflection to In some cases, customcomponents will originate from a source that is not fully trusted, such as the Internet. You need toprogrammatically restrict the code access security policy under which custom components run so thatcustom components do not run with an elevated permission grant.What are two possible ways to achieve this goal? (Each correct answer presents a completesolution. Choose two.)A. Create a new application domain and set the security policy level. Run custom components in thisapplication domain.B. Use permission class operations to modify the security policy.C. Implement custom permission classes to protect custom component resources.D. Programmatically modify the machine-level security policy file after loading a custom
For Latest 70-340 Exam Questions and study guides- visit- http://www.examsking.com/70-340.html
 
component.
Answer: A, BQuestion: 3
You are an application developer for your company, which is named Company.com. You are developingan ASP.NET Web application that users in the accounting department will use to process payroll reportsand view payroll reports. The application will use Integrated Windows authentication to authenticate allusers. Because payroll data is confidential only users in the accounting department will be grantedaccess to the application. All employees in the accounting department belong to a specific ActiveDirectory group. However, users in the IT department can add themselves to various Active Directorygroups in order to troubleshoot resource access problems. These IT department users must not begranted access to the ASP.NET Web application. The following rules can be used to distinguishbetween users in the accounting department and users in the IT department:All users in the accounting department are members of a group named Company\Accounting.Some users in the IT department are members of the Company\Accounting group.All users in the IT department are members of a group named Company\Domain Admin.No users in the accounting department are members of the Company\Domain Admin group.You need to configure URL authorization for the application by adding an <authorization>element to the Web.config file in the application root.Which element should you use?A. <authorization><deny roles=”Company\Domain Admin”/> <allow roles=”Company\Accounting”/><denyusers=”*”/></authorization>B. <authorization> <allow roles=”Company\Accounting”/> <deny roles=”Company\Domain Admin”/><dent users=”?”/> <authorization>C. <authorization> <deny roles=”DomainAdmin”/> <allow roles=”Accounting”/><deny users=”*”/> </authorization>D. <authorization> <allowroles=”Accounting”/> <denyroles=”Domain Admin”/> <denyusers=”?”/> </authorization>
Answer: A
For Latest 70-340 Exam Questions and study guides- visit- http://www.examsking.com/70-340.html

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->