| Braindumps
of 70-330
Implementing Security for Applications with
Microsoft Visual Basic .NET
Exam Questions, Answers,
Braindumps (70-330)
Thanx to www.exams.ws for
providing dumps.
QUESTION 1
You are an application developer for Abc .com. You
develop library assemblies that are called by your
main applications. These library assemblies access
confidential data in the applications. To ensure that
this data is not accessed in an unauthorized and unsafe
manner, users must not be allowed to call the library
assemblies from their own applications. You apply
a strong name to all assemblies to support versioning.
You need to prevent users from writing managed applications
that make calls to your library assemblies. You need
to achieve this goal while minimizing the impact on
response times for applications. What should you do?
A. Use the internal access modifier to declare all
classes and structures in each library.
B. Use the protected internal access modifier to declare
all classes and structures in each library.
C. Add the following attribute to each class and structure
in each library assembly:
<StrongNameIdentityPermission(SecurityAction.Demand,
PublicKey:="002400..bda4")>
D. Add the following attribute to each class and structure
in each library assembly:
<StrongNameIdentityPermission(SecurityAction.LinkDemand,
PublicKey:="002400..bda4")>
Answer:
QUESTION 2
You are an application developer for Abc .com. You
are developing an application that can be extended
by using custom components. The application uses reflection
to dynamically load and invoke these custom components.
In some cases, custom components will originate from
a source that is not fully trusted, such as the Internet.
You need to programmatically restrict the code access
security policy under which custom components run
so that custom components do not run with an elevated
permission grant. What are two possible ways to achieve
this goal? (Each correct answer presents a complete
solution. Choose two)
A. Create a new application domain and set the security
policy level.
Run custom components in this application domain.
B. Use permission class operations to modify the security
policy.
C. Implement custom permission classes to protect
custom component resources.
D. Programmatically modify the machine-level security
policy file after loading a custom component.
Answer:
QUESTION 3
You are an application developer for Abc .com. You
are developing an application that salespeople in
Abc will use to process customer orders. This application
includes a library assembly that implements a serviced
component named Order. This serviced component adds
roles named Abc Manager and SalesPerson to the COM+
application that hosts it.
To promote customer satisfaction, salespeople are
allowed to apply discounts to orders if the order
was erroneously delayed. However, only Abc Managers
are allowed to apply discounts greater than 10 percent.
The application includes the following method to apply
the discount. Public Function Apply Discount (ByVal
discountPct As Integer) As Boolean This method will
return a value of False when the current user is not
a member of the Abc Manager role and the value of
the discountPct parameter exceeds the maximum that
other salespeople are allowed to apply. You need to
add the code that will verify the role membership
requirement when the value of discountPct is greater
than 10. Which code segment should you use?
A. If discountPct > 10 And_
Thread.CurrentPrincipal.IsInRole(" Abc Manager")
= False Then
Return False
End If
B. If discountPct > 10 Then
Dim p As PrincipalPermission = New PrincipalPermission(Nothing,
" Abc Manager")
If Security Abc Manager.IsGranted(p) = False Then
Return False
End If
End if
C. If discountPct > 10 Then
Dim p As PrincipalPermission = New PrincipalPermission(Nothing,
" Abc Manager")
Try
p.Demand()
Catch e As SecurityException
Return False
End Try
End If
D. If discountPct > 10 And _
SecurityCallContext.CurrentCall.IsCallerInRole("
Abc Manager") _
= False Then
Return False
End if
Answer:
QUESTION 4
You are an application developer for Abc .com. You
develop an application that receives data from a remote
component. You are developing a method to detect any
corrupted incoming data and log information to a file
for analysis. You plan to use two functions. A function
named Abc Data will be called by the remote component.
The second function will be called by the local application
to verify that the data was not corrupted during transmission.
You need to ensure that corrupted data can be identified.
Which code segment should you use?
A. Public Function Abc Data(ByVal Data As Byte()=
As Byte()
Dim Ms As New MemoryStream
Ms.Write(Data, 0, Data.Lenght)
Ms.Write(Data, 0, Data.Lenght)
Return Ms.ToArray()
End Function
B. Public Function Abc Data(ByVal Data As Byte())
As Byte()
Dim Md5 As MD5 = New MD5CryptoServiceProvider
Dim Ms As New MemoryStream
Ms.Write(Md5.ComputeHash(Data), 0, Md5.HashSize)
Ms.Write(Data, 0, Data.Lenght)
Return Ms.ToArray()
End Function
C. Public Function Abc Data(ByVal Data As Byte())
As Byte()
Dim Des As DES = New DESCryptoServiceProvider
Dim Ms As New MemoryStream
Ms.Write(Des.Key, 0, Des.Key.Length)
Ms.Write(Des.IV, 0, Des.IV.Length)
Dim Cs As New CryptoStream(Ms, Des.CreateEncryptor(),
CryptoStreamMode.Write)
Cs.Write(Data, 0, Data.Length)
Cs.FlushFinalBlock()
Return Ms.ToArray()
End Function
D. Public Function Abc Data (ByVal Data As Byte())
As Byte()
Dim Ms As New MemoryStream
Dim Sw As New StreamWriter(Ms, Encoding.UTF8=
Sw.Write(Encoding.UTF8.GetString(Data))
Return Ms.ToArray()
Answer:
QUESTION 5
You are an application developer for your company,
which is named Abc .com. You are developing an ASP.NET
Web application that users in the accounting department
will use to process payroll reports and view payroll
reports. The application will use Integrated Windows
authentication to authenticate all users. Because
payroll data is confidential only users in the accounting
department will be granted access to the application.
All employees in the accounting department belong
to a specific Active Directory group. However, users
in the IT department can add themselves to various
Active Directory groups in order to troubleshoot resource
access problems. These IT department users must not
be granted access to the ASP.NET Web application.
The following rules can be used to distinguish between
users in the accounting department and users in the
IT department:
• All users in the accounting department are
members of a group named Abc \Accounting.
• Some users in the IT department are members
of the Abc \Accounting group.
• All users in the IT department are members
of a group named Abc \Domain Admin.
• No users in the accounting department are
members of the Abc \Domain Admin group.
You need to configure URL authorization for the application
by adding an <authorization> element to the
Web.config file in the application root. Which element
should you use?
A. <authorization>
<deny roles=" Abc \Domain Admin"/>
<allow roles=" Abc \Accounting"/>
<deny users="*"/>
</authorization>
B. <authorization>
<allow roles=" Abc \Accounting"/>
<deny roles=" Abc \Domain Admin"/>
<dent users="?"/>
<authorization>
C. <authorization>
<deny roles="Domain Admin"/>
<allow roles="Accounting"/>
<deny users="*"/>
</authorization>
D. <authorization>
<allow roles="Accounting"/>
<deny roles="Domain Admin"/>
<deny users="?"/>
</authorization>
Answer:
QUESTION 6
You are an application developer for Abc .com. Your
team is developing a Windows Forms application. Users
will have access to different functionality depending
on their roles in Abc . The application includes the
following method. Private Shared Function AuthenticateUser
(ByVal user As String, _ ByVal password As String.
ByRef roles As String()) As Boolean This method authenticates
the user against a third-party data store. When authentication
is successfully, this method returns a value of True,
and the string array named roles is updated to contain
the user's roles. You need to write the code that
associates an authenticated user and the user's roles
with the current security context. Which code segment
should you use?
A. ' p is initialized above as a PrincipalPermission.
If AuthenticateUser (name, password, roles) = True
Then
Dim r As String
For Each r In Roles
Dim ppTemp As PrincipalPermission = New
PrincipalPermission(name, r
p.Union(ppTemp)
Next
End If
p.IsUnrestricted()
B. ' p is initialized above as a PrincipalPermission
If AuthenticateUser (name, password, roles) = True
Then
Dim r As String
For Each r In roles
Dim ppTemp As PrincipalPermission = New PrincipalPermission(name,
r)
Next
End If
p.IsUnrestricted()
C. If AuthenticateUser(name, password, roles) = True
Then
Dim r As String
For Each r In roles
Thread.CurrentPrincipal.IsInRole(r)
Next
End If
D. If AuthenticateUser(name, password, roles) = True
Then
Thread.CurrentPrincipal = New GenericPrincipal(New
GenericIdentity(name), roles)
End If
Answer:
QUESTION 7
You are an application developer for Abc .com. You
are developing a three-tier Windows Forms application
that will be used to manage confidential records.
The business layer includes a remote object that is
installed on an application server. The remote object
is hosted in ASP.NET on the application server. IIS
is configured to use Integrated Windows authentication,
and ASP.NET is configured to use Windows authentication.
All client computers and servers on the network support
Kerberos authentication. The Windows Forms application
communicates with the remote object by using a remoting
proxy named Abc Proxy. The remote object accessed
a Microsoft SQL Server database. Permissions to database
objects are granted based on the identity of the user.
The remote object needs to run under the security
context of the user. Which code segment should you
use?
A. Dim channel Properties As IDictionary
channel Properties =.
ChannelServices.GetChannelSinkProperties( Abc Proxy)
channel Properties("credentials") =
CredenticalCache.DefaultCredentials
B. Dim channel Properties As IDictionary
Dim cred As NetworkCredential = New NetworkCredential(_userName,
_psswd)
channel Properties =
ChannelServices.GetChannelSinkProperties( Abc Proxy)
channel Properties("credentials") = cred
C. Dim channel Properties As IDictionary
channel Properties =
ChannelServices.GetChannelSinkProperties( Abc Proxy)
channel Properties("credentials") = Thread.CurrentPrincipal
D. Dim channel Properties As Idictionary
channel Properties =
ChannelServices.GetChannelSinkProperties( Abc Proxy)
channel Properties("credentials") = Thread.CurrentPrincipal.Identity
Answer:
QUESTION 8
You are an application developer for Abc .com. You
develop an ASP.NET Web application for Abc 's intranet.
The application accesses data that is stored in a
Microsoft SQL Server database. The application authenticates
users by using Windows authentication, and it has
impersonation enabled. You configure database object
permissions based on the identity of the user of the
application. You need to provide the user's identity
to the SQL Server database. What should you do?
A. Connect to the database by using the following
connection string
"Persists Security Info=False;Integrated Security=SSPI;
database=ApplicationDB;server=DataServer;"
B. Connect to the database by using the following
connection string
"User ID=ASPNET;Persist Security Info=False;Integrated
Security=False;
database=ApplicationDB;server=DataServer;"
C. Develop a serviced component that wraps all database
operations.
Use COM+ role-based security to restrict access to
database operations based on user identity.
D. Disable impersonation.
Answer:
70-330
|
