×
Detail Form
We will send your result on your email id and phone no. please fill detail
1.
You are an application developer for your company. You are developing a Windows Forms application. You
deploy a supporting assembly named MyAssembly.dll to the global assembly cache. During testing, you
discover that the application is prevented from accessing MyAssembly.dll.
You need to ensure that the application can access MyAssembly.dll.
What should you do?
2.
You are an application developer for your company. You develop an application that uses an external class
library. You run the Permissions View tool on the class library and receive the following output.
Microsoft (R) .NET Framework Permission Request Viewer. Version 1.1.4322.573
Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
minimal permission set:
optional permission set:
3.
You are an application developer for your company. You create a Web application that is used by all users in
the company. The application is hosted on the intranet Web server, which is named WebServer. WebServer
has IIS 5.0 installed. The Web application is configured to use Integrated Windows authentication. The
Web.config file specifies that the authentication mode is set to Windows.
The application connects to a Microsoft SQL Server database named DataStore. The database is located on
WebServer. The SQL Server computer is configured with SQL Server logins disabled. The database
connection code is shown in the following code segment.
string myConnStr;
myConnStr = @"Initial Catalog=""DataStore"";";
myConnStr = myConnStr + "Data Source=localhost;Integrated Security=SSPI;";
SqlConnection myConn = new SqlConnection(myConnStr);
string myInsert;
myInsert = "INSERT INTO Customer (CustomerID, Name) Values('123', 'John Doe')";
SqlCommand myCmd = new SqlCommand(myInsert);
myCmd.Connection = myConn;
myConn.Open();
myCmd.ExecuteNonQuery();
myCmd.Connection.Close();
When you run the application by using Microsoft Internet Explorer, you receive an error message that reads in
part: "Login failed for user WebServer\ASPNET."
You need to ensure that the application can run successfully without prompting the user for a user name and
password.
What should you do?
4.
You are an application developer for your company. You create a serviced component named RecordsAdmin.
RecordsAdmin exposes administrative methods for a records management application. The declaration for
RecordsAdmin includes the following code segment.
[assembly: ApplicationAccessControl(true)]
[ComponentAccessControl(true),
SecurityRole("Admin")]
public class RecordsAdmin : ServicedComponent {
}
You install RecordsAdmin on a test computer. You use a test application that runs on the test computer under a
local computer account named Tester. The Tester account is a member of the Users group and the Debugger
Users group. When the test application calls RecordsAdmin, you receive the following error message: "Access
is denied."
You want the test application to have access to RecordsAdmin. You want to achieve this goal without granting
unnecessary permissions to the Tester account.
What should you do?
5.
You are an application developer for your company. Part of an application that you are developing accepts user
input from a TextBox control. The information entered by the user must be alphanumeric only, and it must
contain no symbols or punctuation.
You need to ensure that the user's input contains only the appropriate data before using the input elsewhere in
the application. Your solution must not require users of the application to take additional steps when entering
data.
What should you do?
6.
You are an application developer for your company. You are developing a
Windows-based payroll application that will be used by all payroll administrators in the company. The
application has a single executable file that uses a separate assembly to modify payroll data.
You need to design security for your application to ensure that the assembly cannot be called by
unauthenticated and unauthorized users.
What should you do?
7.
You are an application developer for your company. You are using the Microsoft .NET Framework to develop
an application that uses a Web service. The Web service is provided by a vendor and is accessed over the
Internet.
Your application retrieves string data from the Web service and stores it in a variable named webdata. The
application also defines a SqlCommand object named sqlcmd. The application contains the following code
segment.
string myquery;
myquery = "INSERT INTO WebTable (WebData) VALUES(";
myquery += webdata + ")";
sqlcmd.CommandText = myquery;
sqlcmd.ExecuteNonQuery();
You need to improve the security of this code segment while maintaining its functionality.
What should you do?
8.
You are an application developer for your company. You are developing an ASP.NET Web application. All
users in the company use Microsoft Internet Explorer 6.0. A group of users is testing the application. The users
report that when an exception occurs, the full exception information is displayed in their Web browsers.
You need to ensure that the full exception information is not displayed when an exception occurs.
What should you do?
9.
You are an application developer for your company. You are developing an application that will be used by all
company users. You log on to your development computer by using a user account that has local Administrator
permissions. However, most company users log on to their client computers by using an account that has only
local User permissions.
You need to ensure that your testing activities accurately reflect the production environment in which the
application will run.
How should you test the application?
10.
You are an application developer for your company. You are developing a Windows-based application that
stores user configuration information for the application. The information is stored in a file named
Application.config.
You need to ensure that only users in the Administrators group can make changes to the configuration of the
application.
What should you do?