Microsoft Certified Solutions Developer (MCSD).NET 70 330 Interview Questions

 
1.
Suppose You develop an ASP.NET Web application
for Company?s intranet. The application accesses data that is stored in a Microsoft SQL Server
database. The application authenticates users by using Windows authentication, and it has
impersonation enabled. You configure database object permissions based on the identity of the
user of the application. You need to provide the user?s identity to the SQL Server database. What
should you do?
A. Connect to the database by using the following connection string
?Persists Security Info=False;Integrated Security=SSPI;
database=ApplicationDB;server=DataServer;?
B. Connect to the database by using the following connection string
?User ID=ASPNET;Persist Security Info=False;Integrated Security=False;
database=ApplicationDB;server=DataServer;?
C. Develop a serviced component that wraps all database operations.
Use COM+ role-based security to restrict access to database operations based on user
identity.
D. Disable impersonation.
2.
Suppose You are an application developer for your company. You develop library assemblies that are
called by your main applications. These library assemblies access confidential data in the
applications. To ensure that this data is not accessed in an unauthorized and unsafe manner,
users must not be allowed to call the library assemblies from their own applications. You apply a
strong name to all assemblies to support versioning. You need to prevent users from writing
managed applications that make calls to your library assemblies. You need to achieve this goal
while minimizing the impact on response times for applications. What should you do?
A. Use the internal access modifier to declare all classes and structs in each library.
B. Use the protected internal access modifier to declare all classes and structs in each library.
C. Add the following attribute to each class and struct in each library assembly.

D. Add the following attribute to each class and struct in each library assembly.
3.
Suppose You are an application developer for Company.com. You are developing an application that can
be extended by using custom components. The application uses reflection to dynamically load
and invoke these custom components. In some cases, custom components will originate from a
source that is not fully trusted, such as the Internet.
You need to programmatically restrict the code access security policy under which custom
components run so that custom components do not run with an elevated permission grant.
What are two possible ways to achieve this goal? (Each correct answer presents a complete
solution. Choose two)
A. Create a new application domain and set the security policy level. Run custom components in
this application domain.
B. Use permission class operations to modify the security policy.
C. Implement custom permission classes to protect custom component resources.
D. Programmatically modify the machine-level security policy file after loading a custom
component.
4.
Suppose You are
developing an ASP.NET Web application that users in the accounting department will use to
process payroll reports and view payroll reports. The application will use Integrated Windows
authentication to authenticate all users. Because payroll data is confidential only users in the
accounting department will be granted access to the application. All employees in the accounting
department belong to a specific Active Directory group. However, users in the IT department can
add themselves to various Active Directory groups in order to troubleshoot resource access
problems. These IT department users must not be granted access to the ASP.NET Web
application. The following rules can be used to distinguish between users in the accounting
department and users in the IT department:
? All users in the accounting department are members of a group named CompanyAccounting.
? Some users in the IT department are members of the CompanyAccounting group.
All users in the IT department are members of a group named CompanyDomain Admin.
?
? No users in the accounting department are members of the CompanyDomain Admin group.
You need to configure URL authorization for the application by adding an
element to the Web.config file in the application root. Which element should you use?
A.




B.




C.




D.



5.
Suppose You develop an ASP.NET Web application
that writes to an event log named EventLog1. All managers in Company will run this application.
During a exam on a manager?s client computer, the application fails in the following code
segment. (Line numbers are includes for reference only.)
1. Dim EventLog1 As New EventLog
2. If Not EventLog.SourceExists(?CompanyWebApp?) Then
3. EventLog.CreateEventSource(?CompanyWebApp?, ?Application?)
4. End If
5. EventLog1.Source = ?CompanyWebApp?
6. EventLog1.WriteEntry(?The event occurred.?)
You need to ensure that event data is written to EventLog1. You want to achieve this goal without
granting unnecessary permissions.
What should you do?
A. Insert the following code into the application.
Dim eventLogDir As String
eventLogDir = ?C:%windir?system32configAppEvent.Evt?
Dim FilePermission As _
New FileOPermission(FileIOPermissionAccess.AllAcces, eventLogDir)
FilePermission.Assert()
B. Replace line 6 of the code segment with the following line of code.
EventLog1.WriteEntry(?The event occurred?,?EventLogWriter?)
C. Grant the managers the Full Control permission for the event log file.
D. Add the aspnet_wp account to the Administrators group.
E. Create the event log source in the installer class of the application.
6.
Suppose You create an ASP.NET Web application
that all authenticated network users will access. The authentication mode in the Web.config file is
currently set to None. Due to recent security threats, the network administrator requires that all
connections to the application?s Web server use the network credentials of the authenticated
user. You need to configure the application to use the network credentials of the authenticated
user as HTTPContext.Current.User. Which action or actions should you perform? (Choose all that
apply)
A. Ask the network administrator to configure the IIS directory security to Anonymous
authentication.
B. Ask the network administrator to configure the IIS directory security to Integrated Windows
authentication.
C. Set the authentication mode in the Web.config file to Forms.
D. Set the authentication mode in the Web.config file to Windows.
E. Set the impersonation attribute of the identity element in the Web.config file to true.
7.
Users who are temporary employees are
members of a group named TemporaryEmployees. You develop a serviced component named
CompanyComponent. CompanyComponent is part of a COM+ application named MyApplication.
CompanyComponent is secured by using the SecurityRole attribute for the Employees role. You
need to ensure that members of the TemporaryEmployees group are assigned to the Employees
role. You decide to add the TemporaryEmployees group to the existing Employees role. Which
tool should you use?
A. The code Access Security Policy tool.
B. The Permission View tool.
C. The Component Services tool.
D. The Secutil tool.
E. The Microsoft .NET Framework Configuration tool.
8.
Suppose You develop a Windows Forms application
that connects to a local Microsoft SQL Server database by using the Microsoft .NET Framework
Data Provider for SQL Server. The application currently connects to the database by using an
account that is a member of the System Administrator role in SQL Server. You need to ensure
that the application can connect to the database by using the user account of the interactive user
without providing additional permissions. What should you do?
A. Modify the application to activate a SQL Server application role.
B. Modify the application to use SQL Server integrated security.
C. Modify the application to send a security token that contains the authentication information in a
Kerberos ticket.
D. Modify the application to use a COM+ security roles.
9.
Suppose You are developing an application that will
be used both by company users and by contractors. Contractors will install the application on
their own portable computers. A written company policy prohibits contractors from easily
accessing or reviewing the source code of company applications. The file servers that contain the
source code for the application are configured so that only company software developers have
access. You need to ensure that the contractors cannot easily access the application source
code. What should you do?
A. Run Dotfuctaor Community Edition on each of the application assemblies.
B. Apply a strong name to each of the application assemblies.
C. Run the Code Access Security Policy tool for each of the application assemblies before
distributing the application.
D. Use Encrypting File System (EFS) to encrypt the compiled application assemblies.
10.
Suppose You develop an ASP.NET Web application
for Company?s intranet. The application accesses data that is stored in a Microsoft SQL Server
database. The application authenticates users by using Windows authentication, and it has
impersonation enabled. You configure database object permissions based on the identity of the
user of the application. You need to provide the user?s identity to the SQL Server database. What
should you do?
A. Connect to the database by using the following connection string
?Persists Security Info=False;Integrated Security=SSPI;
database=ApplicationDB;server=DataServer;?
B. Connect to the database by using the following connection string
?User ID=ASPNET;Persist Security Info=False;Integrated Security=False;
database=ApplicationDB;server=DataServer;?
C. Develop a serviced component that wraps all database operations.
Use COM+ role-based security to restrict access to database operations based on user
identity.
D. Disable impersonation.
11.
Suppose You are an application developer for your company. You develop library assemblies that are
called by your main applications. These library assemblies access confidential data in the
applications. To ensure that this data is not accessed in an unauthorized and unsafe manner,
users must not be allowed to call the library assemblies from their own applications. You apply a
strong name to all assemblies to support versioning. You need to prevent users from writing
managed applications that make calls to your library assemblies. You need to achieve this goal
while minimizing the impact on response times for applications. What should you do?
A. Use the internal access modifier to declare all classes and structs in each library.
B. Use the protected internal access modifier to declare all classes and structs in each library.
C. Add the following attribute to each class and struct in each library assembly.

D. Add the following attribute to each class and struct in each library assembly.
12.
Suppose You are an application developer for Company.com. You are developing an application that can
be extended by using custom components. The application uses reflection to dynamically load
and invoke these custom components. In some cases, custom components will originate from a
source that is not fully trusted, such as the Internet.
You need to programmatically restrict the code access security policy under which custom
components run so that custom components do not run with an elevated permission grant.
What are two possible ways to achieve this goal? (Each correct answer presents a complete
solution. Choose two)
A. Create a new application domain and set the security policy level. Run custom components in
this application domain.
B. Use permission class operations to modify the security policy.
C. Implement custom permission classes to protect custom component resources.
D. Programmatically modify the machine-level security policy file after loading a custom
component.
13.
Suppose You are
developing an ASP.NET Web application that users in the accounting department will use to
process payroll reports and view payroll reports. The application will use Integrated Windows
authentication to authenticate all users. Because payroll data is confidential only users in the
accounting department will be granted access to the application. All employees in the accounting
department belong to a specific Active Directory group. However, users in the IT department can
add themselves to various Active Directory groups in order to troubleshoot resource access
problems. These IT department users must not be granted access to the ASP.NET Web
application. The following rules can be used to distinguish between users in the accounting
department and users in the IT department:
? All users in the accounting department are members of a group named CompanyAccounting.
? Some users in the IT department are members of the CompanyAccounting group.
All users in the IT department are members of a group named CompanyDomain Admin.
?
? No users in the accounting department are members of the CompanyDomain Admin group.
You need to configure URL authorization for the application by adding an
element to the Web.config file in the application root. Which element should you use?
A.




B.




C.




D.



14.
Suppose You develop an ASP.NET Web application
that writes to an event log named EventLog1. All managers in Company will run this application.
During a exam on a manager?s client computer, the application fails in the following code
segment. (Line numbers are includes for reference only.)
1. Dim EventLog1 As New EventLog
2. If Not EventLog.SourceExists(?CompanyWebApp?) Then
3. EventLog.CreateEventSource(?CompanyWebApp?, ?Application?)
4. End If
5. EventLog1.Source = ?CompanyWebApp?
6. EventLog1.WriteEntry(?The event occurred.?)
You need to ensure that event data is written to EventLog1. You want to achieve this goal without
granting unnecessary permissions.
What should you do?
A. Insert the following code into the application.
Dim eventLogDir As String
eventLogDir = ?C:%windir?system32configAppEvent.Evt?
Dim FilePermission As _
New FileOPermission(FileIOPermissionAccess.AllAcces, eventLogDir)
FilePermission.Assert()
B. Replace line 6 of the code segment with the following line of code.
EventLog1.WriteEntry(?The event occurred?,?EventLogWriter?)
C. Grant the managers the Full Control permission for the event log file.
D. Add the aspnet_wp account to the Administrators group.
E. Create the event log source in the installer class of the application.
15.
Suppose You create an ASP.NET Web application
that all authenticated network users will access. The authentication mode in the Web.config file is
currently set to None. Due to recent security threats, the network administrator requires that all
connections to the application?s Web server use the network credentials of the authenticated
user. You need to configure the application to use the network credentials of the authenticated
user as HTTPContext.Current.User. Which action or actions should you perform? (Choose all that
apply)
A. Ask the network administrator to configure the IIS directory security to Anonymous
authentication.
B. Ask the network administrator to configure the IIS directory security to Integrated Windows
authentication.
C. Set the authentication mode in the Web.config file to Forms.
D. Set the authentication mode in the Web.config file to Windows.
E. Set the impersonation attribute of the identity element in the Web.config file to true.
16.
Users who are temporary employees are
members of a group named TemporaryEmployees. You develop a serviced component named
CompanyComponent. CompanyComponent is part of a COM+ application named MyApplication.
CompanyComponent is secured by using the SecurityRole attribute for the Employees role. You
need to ensure that members of the TemporaryEmployees group are assigned to the Employees
role. You decide to add the TemporaryEmployees group to the existing Employees role. Which
tool should you use?
A. The code Access Security Policy tool.
B. The Permission View tool.
C. The Component Services tool.
D. The Secutil tool.
E. The Microsoft .NET Framework Configuration tool.
17.
Suppose You develop a Windows Forms application
that connects to a local Microsoft SQL Server database by using the Microsoft .NET Framework
Data Provider for SQL Server. The application currently connects to the database by using an
account that is a member of the System Administrator role in SQL Server. You need to ensure
that the application can connect to the database by using the user account of the interactive user
without providing additional permissions. What should you do?
A. Modify the application to activate a SQL Server application role.
B. Modify the application to use SQL Server integrated security.
C. Modify the application to send a security token that contains the authentication information in a
Kerberos ticket.
D. Modify the application to use a COM+ security roles.
18.
Suppose You are developing an application that will
be used both by company users and by contractors. Contractors will install the application on
their own portable computers. A written company policy prohibits contractors from easily
accessing or reviewing the source code of company applications. The file servers that contain the
source code for the application are configured so that only company software developers have
access. You need to ensure that the contractors cannot easily access the application source
code. What should you do?
A. Run Dotfuctaor Community Edition on each of the application assemblies.
B. Apply a strong name to each of the application assemblies.
C. Run the Code Access Security Policy tool for each of the application assemblies before
distributing the application.
D. Use Encrypting File System (EFS) to encrypt the compiled application assemblies.
19.
Suppose You develop an ASP.NET Web application
for Company?s intranet. The application accesses data that is stored in a Microsoft SQL Server
database. The application authenticates users by using Windows authentication, and it has
impersonation enabled. You configure database object permissions based on the identity of the
user of the application. You need to provide the user?s identity to the SQL Server database. What
should you do?
A. Connect to the database by using the following connection string
?Persists Security Info=False;Integrated Security=SSPI;
database=ApplicationDB;server=DataServer;?
B. Connect to the database by using the following connection string
?User ID=ASPNET;Persist Security Info=False;Integrated Security=False;
database=ApplicationDB;server=DataServer;?
C. Develop a serviced component that wraps all database operations.
Use COM+ role-based security to restrict access to database operations based on user
identity.
D. Disable impersonation.
20.
Suppose You are an application developer for your company. You develop library assemblies that are
called by your main applications. These library assemblies access confidential data in the
applications. To ensure that this data is not accessed in an unauthorized and unsafe manner,
users must not be allowed to call the library assemblies from their own applications. You apply a
strong name to all assemblies to support versioning. You need to prevent users from writing
managed applications that make calls to your library assemblies. You need to achieve this goal
while minimizing the impact on response times for applications. What should you do?
A. Use the internal access modifier to declare all classes and structs in each library.
B. Use the protected internal access modifier to declare all classes and structs in each library.
C. Add the following attribute to each class and struct in each library assembly.

D. Add the following attribute to each class and struct in each library assembly.
21.
Suppose You are an application developer for Company.com. You are developing an application that can
be extended by using custom components. The application uses reflection to dynamically load
and invoke these custom components. In some cases, custom components will originate from a
source that is not fully trusted, such as the Internet.
You need to programmatically restrict the code access security policy under which custom
components run so that custom components do not run with an elevated permission grant.
What are two possible ways to achieve this goal? (Each correct answer presents a complete
solution. Choose two)
A. Create a new application domain and set the security policy level. Run custom components in
this application domain.
B. Use permission class operations to modify the security policy.
C. Implement custom permission classes to protect custom component resources.
D. Programmatically modify the machine-level security policy file after loading a custom
component.
22.
Suppose You are
developing an ASP.NET Web application that users in the accounting department will use to
process payroll reports and view payroll reports. The application will use Integrated Windows
authentication to authenticate all users. Because payroll data is confidential only users in the
accounting department will be granted access to the application. All employees in the accounting
department belong to a specific Active Directory group. However, users in the IT department can
add themselves to various Active Directory groups in order to troubleshoot resource access
problems. These IT department users must not be granted access to the ASP.NET Web
application. The following rules can be used to distinguish between users in the accounting
department and users in the IT department:
? All users in the accounting department are members of a group named CompanyAccounting.
? Some users in the IT department are members of the CompanyAccounting group.
All users in the IT department are members of a group named CompanyDomain Admin.
?
? No users in the accounting department are members of the CompanyDomain Admin group.
You need to configure URL authorization for the application by adding an
element to the Web.config file in the application root. Which element should you use?
A.




B.




C.




D.



23.
Suppose You develop an ASP.NET Web application
that writes to an event log named EventLog1. All managers in Company will run this application.
During a exam on a manager?s client computer, the application fails in the following code
segment. (Line numbers are includes for reference only.)
1. Dim EventLog1 As New EventLog
2. If Not EventLog.SourceExists(?CompanyWebApp?) Then
3. EventLog.CreateEventSource(?CompanyWebApp?, ?Application?)
4. End If
5. EventLog1.Source = ?CompanyWebApp?
6. EventLog1.WriteEntry(?The event occurred.?)
You need to ensure that event data is written to EventLog1. You want to achieve this goal without
granting unnecessary permissions.
What should you do?
A. Insert the following code into the application.
Dim eventLogDir As String
eventLogDir = ?C:%windir?system32configAppEvent.Evt?
Dim FilePermission As _
New FileOPermission(FileIOPermissionAccess.AllAcces, eventLogDir)
FilePermission.Assert()
B. Replace line 6 of the code segment with the following line of code.
EventLog1.WriteEntry(?The event occurred?,?EventLogWriter?)
C. Grant the managers the Full Control permission for the event log file.
D. Add the aspnet_wp account to the Administrators group.
E. Create the event log source in the installer class of the application.
24.
Suppose You create an ASP.NET Web application
that all authenticated network users will access. The authentication mode in the Web.config file is
currently set to None. Due to recent security threats, the network administrator requires that all
connections to the application?s Web server use the network credentials of the authenticated
user. You need to configure the application to use the network credentials of the authenticated
user as HTTPContext.Current.User. Which action or actions should you perform? (Choose all that
apply)
A. Ask the network administrator to configure the IIS directory security to Anonymous
authentication.
B. Ask the network administrator to configure the IIS directory security to Integrated Windows
authentication.
C. Set the authentication mode in the Web.config file to Forms.
D. Set the authentication mode in the Web.config file to Windows.
E. Set the impersonation attribute of the identity element in the Web.config file to true.
25.
Users who are temporary employees are
members of a group named TemporaryEmployees. You develop a serviced component named
CompanyComponent. CompanyComponent is part of a COM+ application named MyApplication.
CompanyComponent is secured by using the SecurityRole attribute for the Employees role. You
need to ensure that members of the TemporaryEmployees group are assigned to the Employees
role. You decide to add the TemporaryEmployees group to the existing Employees role. Which
tool should you use?
A. The code Access Security Policy tool.
B. The Permission View tool.
C. The Component Services tool.
D. The Secutil tool.
E. The Microsoft .NET Framework Configuration tool.
26.
Suppose You develop a Windows Forms application
that connects to a local Microsoft SQL Server database by using the Microsoft .NET Framework
Data Provider for SQL Server. The application currently connects to the database by using an
account that is a member of the System Administrator role in SQL Server. You need to ensure
that the application can connect to the database by using the user account of the interactive user
without providing additional permissions. What should you do?
A. Modify the application to activate a SQL Server application role.
B. Modify the application to use SQL Server integrated security.
C. Modify the application to send a security token that contains the authentication information in a
Kerberos ticket.
D. Modify the application to use a COM+ security roles.
27.
Suppose You are developing an application that will
be used both by company users and by contractors. Contractors will install the application on
their own portable computers. A written company policy prohibits contractors from easily
accessing or reviewing the source code of company applications. The file servers that contain the
source code for the application are configured so that only company software developers have
access. You need to ensure that the contractors cannot easily access the application source
code. What should you do?
A. Run Dotfuctaor Community Edition on each of the application assemblies.
B. Apply a strong name to each of the application assemblies.
C. Run the Code Access Security Policy tool for each of the application assemblies before
distributing the application.
D. Use Encrypting File System (EFS) to encrypt the compiled application assemblies.