This webdemo is just a demo data, only for reference and learning, there is no other purposes.
1.You are an application developer for your company. You develop a
Windows Forms application that connects to a local Microsoft SQL Server
database by using the Microsoft .NET Framework Data Provider for SQL
Server. The application currently connects to the database by using an
account that is a member of the System Administrator role in SQL Server.
You need to ensure that the application can connect to the database by
using the user account of the interactive user without providing
additional permissions.
What should you do?
A. Modify the application to activate a SQL Server application role.
B. Modify the application to use SQL Server integrated security.
C. Modify the application to send a security token that contains the authentication information in a Kerberos ticket.
D. Modify the application to use COM+ security roles.
Answer: B
3. You are an application developer for your company. You are
developing a forms-based application that reads files that are named by
users of the application. The application contains the following method.
bool approveFileName(string fileName) {
string docRoot=@"C:MyAppDocuments";
// Your code goes here... Throw an exception if you meet an error.
return true;
}
Users of the application must not be allowed to access files that are
stored in any location other than the C:MyAppDocuments folder.
You need to add code to the method to achieve this goal.
Which code segment or code segments should you use? (Choose all that apply.)
A. fileName=Path.GetFullPath(fileName);
B. fileName=fileName.ToUpper();
C. fileName=fileName.ToLower();
D. docRoot=docRoot.ToLower();
E. fileName=docRoot+fileName;
F. if (!fileName.StartsWith(docRoot))
throw new ApplicationException (
"User asked for file in wrong directory");
Answer: ACDF
4. You are an application developer for your company. You develop an
application that uses an external class library. You run the
Permissions View tool on the class library and receive the following
outpu
Microsoft (R) .NET Framework Permission Request Viewer. Version 1.1.4322.573
Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
minimal permission set:
<PermissionSet class="System.Security.PermissionSet" version="1">
<IPermission class="System.Security.Permissions.ReflectionPermission,
mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Flags="ReflectionEmit"/>
<IPermission class="System.Security.Permissions.SecurityPermission,
mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Flags="SerializationFormatter"/>
</PermissionSet>
optional permission set:
<PermissionSet class="System.Security.PermissionSet"
version="1" Unrestricted="true"/>
refused permission set:
Not specified
You need to add corresponding attributes in your application.
Which code segment should you use?
A. [assembly: ReflectionPermission(SecurityAction.RequestRefuse, ReflectionEmit=false)]
[assembly: SecurityPermission(SecurityAction.RequestRefuse,
SerializationFormatter=false)]
[assembly: PermissionSetAttribute(SecurityAction.RequestOptional, Unrestricted=true)]
B. [assembly: ReflectionPermission(SecurityAction.RequestMinimum, ReflectionEmit=false)]
[assembly: SecurityPermission(SecurityAction.RequestRefuse,
SerializationFormatter=false)]
[assembly: PermissionSetAttribute(SecurityAction.RequestRefuse, Unrestricted=true)]
C. [assembly: ReflectionPermission(SecurityAction.RequestMinimum, ReflectionEmit=false)]
[assembly: SecurityPermission(SecurityAction.RequestMinimum,
SerializationFormatter=false)]
[assembly: PermissionSetAttribute(SecurityAction.RequestOptional, Unrestricted=true)]
D. [assembly: ReflectionPermission(SecurityAction.RequestMinimum, ReflectionEmit=true)]
[assembly: SecurityPermission(SecurityAction.RequestMinimum,
SerializationFormatter=true)]
[assembly: PermissionSetAttribute(SecurityAction.RequestOptional, Unrestricted=true)]
Answer: D
5. You are an application developer for your company. You are
developing a Windows Forms application. You deploy a supporting
assembly named MyAssembly.dll to the global assembly cache. During
testing, you discover that the application is prevented from accessing
MyAssembly.dll.
You need to ensure that the application can access MyAssembly.dll.
What should you do?
A. Digitally sign the application by using a digital certificate.
B. Run the caspol.exe -s on command from the command line.
C. Run the Assembly Linker to link MyAssembly.dll to the application.
D. Modify the security policy to grant the application the FullTrust permission.
Answer: D
6. You are an application developer for your company. You are
developing a Windows-based payroll application that will be used by all
payroll administrators in the company. The application has a single
executable file that uses a separate assembly to modify payroll data.
You need to design security for your application to ensure that the
assembly cannot be called by unauthenticated and unauthorized users.
What should you do?
A. Run the application by using a user account that has access to the application directory.
B. Modify the application to validate all user-entered data.
C. Modify the application to authenticate and authorize user access within each assembly as it is called.
D. Modify the application to authenticate and authorize user access when each user runs the executable file.
E. Set the folder-level permissions to the executable file by using directory security
Answer: C
7. You are an application developer for your company. You create a Web
application that is used by all users in the company. The application
is hosted on the intranet Web server, which is named WebServer.
WebServer has IIS 5.0 installed. The Web application is configured to
use Integrated Windows authentication. The Web.config file specifies
that the authentication mode is set to Windows.
The application connects to a Microsoft SQL Server database named
DataStore. The database is located on WebServer. The SQL Server
computer is configured with SQL Server logins disabled. The database
connection code is shown in the following code segment.
string myConnStr;
myConnStr = @"Initial Catalog=""DataStore"";";
myConnStr = myConnStr + "Data Source=localhost;Integrated Security=SSPI;";
SqlConnection myConn = new SqlConnection(myConnStr);
string myInsert;
myInsert = "INSERT INTO Customer (CustomerID, Name) Values('123', 'John Doe')";
SqlCommand myCmd = new SqlCommand(myInsert);
myCmd.Connection = myConn;
myConn.Open();
myCmd.ExecuteNonQuery();
myCmd.Connection.Close();
When you run the application by using Microsoft Internet Explorer, you
receive an error message that reads in part: "Login failed for user
WebServerASPNET."
You need to ensure that the application can run successfully without prompting the user for a user name and password.
What should you do?
A. Change the authentication mode in IIS to basic authentication. Update the connection string.
B. Change the authentication mode in IIS to Anonymous and supply a
login ID and password for a SQL Server login account that has access to
the database. Update the connection string.
C. Enable Integrated Windows authentication in Internet Explorer.
D. Enable impersonation in the Web.config file.
Answer: D
8. You are an application developer for your company. Part of an
application that you are developing accepts user input from a TextBox
control. The information entered by the user must be alphanumeric only,
and it must contain no symbols or punctuation.
You need to ensure that the user's input contains only the appropriate
data before using the input elsewhere in the application. Your solution
must not require users of the application to take additional steps when
entering data.
What should you do?
A. Modify the TextChanged event handler of the TextBox control so that
the Text property of the text box is cleared whenever a
non-alphanumeric character is detected.
B. Use the following regular expression to modify the user's input.
[^w.@-]
C. Store the user's input in a variable named userinput. Use the following expression to modify the user's input.
userinput.Replace("@-]","")
D. Convert the user's input to all lowercase characters.
Answer: B
2. You are an application developer for your company. You create a
serviced component named RecordsAdmin. RecordsAdmin exposes
administrative methods for a records management application. The
declaration for RecordsAdmin includes the following code segment.
[assembly: ApplicationAccessControl(true)]
[ComponentAccessControl(true),
SecurityRole("Admin")]
public class RecordsAdmin : ServicedComponent {
}
You install RecordsAdmin on a test computer. You use a test application
that runs on the test computer under a local computer account named
Tester. The Tester account is a member of the Users group and the
Debugger Users group. When the test application calls RecordsAdmin, you
receive the following error message: "Access is denied."
You want the test application to have access to RecordsAdmin. You want
to achieve this goal without granting unnecessary permissions to the
Tester account.
What should you do?
A. Add the Tester account to the local Administrators group.
B. Add the Tester account to the Admin role of RecordsAdmin by using the Component Services tool.
C. Add a role named TesterRole to RecordsAdmin. Add the Tester account
to the TesterRole role by using the Component Services tool.
D. To the beginning of each method exposed by RecordsAdmin, add the following code segment.
if (ContextUtil.IsCallerInRole("Admin")) {
// Method body here
}
E. To the beginning of each method exposed by RecordsAdmin, add the following code segment.
SecurityCallContext context;
context = SecurityCallContext.CurrentCall;
if (context.IsUserInRole("Admin", "Tester")) {
// Method body here
}
Answer: C
당신의 제품을 사용하여 통과 할수 있을까요?
제품을 다운로드하는 방법은?
당신의 제품의 형식은 무엇입니까?
패스워드를 잊었나요?
어떻게 할인을받을 수 있습니까?
내가 실패하면 어떻게됩니까?
내가 도움이 필요하면?
1. 추가 장바구니에
2. 로그 인 CramBible
3. 지불
4. 다운로드
당신의 다음 단계는 관련 인증 경로가 뭔지 알아.
기타 유망 자격증이 인증을 발전하고 향상시킬 수
USA
UK
JP
KR
DE
RU
FR
TW
HK
CN
Mobile