70-536 Important questions...

Q5: You are developing a class library. Portions of your code need to

access system environment variables.

You need to force a runtime SecurityException only when callers that are

higher in the call stack do not have the necessary permissions.

Which call method should you use?

 

A. set.Demand();

 

B. set.Assert();

 

C. set.PermitOnly();

 

D. set.Deny();

 

Answer: A

 

 

Q6: You are developing a method to hash data for later verification by

using the MD5 algorithm. The data is passed to your method as a byte array

named message. You need to compute the hash of the incoming parameter

by using MD5. You also need to place the result into a byte array.

Which code segment should you use?

 

A. HashAlgorithm algo = HashAlgorithm.Create(”MD5?);

byte[] hash = algo.ComputeHash(message);

 

B. HashAlgorithm algo = HashAlgorithm.Create(”MD5?);

byte[] hash = BitConverter.GetBytes(algo.GetHashCode());

 

C. HashAlgorithm algo;

algo = HashAlgorithm.Create(message.ToString());

byte[] hash = algo.Hash;

 

D. HashAlgorithm algo = HashAlgorithm.Create(”MD5?);

byte[] hash = null;

algo.TransformBlock(message, 0, message.Length, hash, 0);

 

 

Answer: A

 

Q7: You are changing the security settings of a file named MyData.xml.

You need to preserve the existing inherited access rules. You also need to

prevent the access rules from inheriting changes in the future.

Which code segment should you use?

 

A. FileSecurity security = new FileSecurity(”mydata.xml”, AccessControlSections.All);

security.SetAccessRuleProtection(true, true);

File.SetAccessControl(”mydata.xml”, security);

 

B. FileSecurity security = new FileSecurity();

security.SetAccessRuleProtection(true, true);

File.SetAccessControl(”mydata.xml”, security);

 

C. FileSecurity security = File.GetAccessControl(”mydata.xml”);

security.SetAccessRuleProtection(true, true);

 

D. FileSecurity security = File.GetAccessControl(”mydata.xml”);

security.SetAuditRuleProtection(true, true);

File.SetAccessControl(”mydata.xml”, security);

 

 

Answer: A

 

Q8: You are developing a server application that will transmit sensitive

information on a network. You create an X509Certificate object named

certificate and a TcpClient object named client. You need to create an

SslStream to communicate by using the Transport Layer Security 1.0

protocol. Which code segment should you use?

 

A. SslStream ssl = new SslStream(client.GetStream());

ssl.AuthenticateAsServer(certificate, false, SslProtocols.None, true);

 

B. SslStream ssl = new SslStream(client.GetStream());

ssl.AuthenticateAsServer(certificate, false, SslProtocols.Ssl3, true);

 

C. SslStream ssl = new slStream(client.GetStream());

ssl.AuthenticateAsServer(certificate, false, SslProtocols.Ssl2, true);

 

D. SslStream ssl = new SslStream(client.GetStream());

ssl.AuthenticateAsServer(certificate, false, SslProtocols.Tls, true);

 

 

Answer: D

 

Q9: You are developing a method to encrypt sensitive data with the Data

Encryption Standard (DES) algorithm. Your method accepts the following

parameters:

         The byte array to be encrypted, which is named message.

         An encryption key, which is named key

         An initialization vector, which is named iv

 

You need to encrypt the data. You also need to write the encrypted data to

a MemoryStream object. Which code segment should you use?

 

A. DES des = new DESCryptoServiceProvider();

des.BlockSize = message.Length;

ICryptoTransform crypto = des.CreateEncryptor(key, iv);

MemoryStream cipherStream = new MemoryStream();

CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);

cryptoStream.Write(message, 0, message.Length);

 

B. DES des = new DESCryptoServiceProvider();

ICryptoTransform crypto = des.CreateDecryptor(key, iv);

MemoryStream cipherStream = new MemoryStream();

CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);

cryptoStream.Write(message, 0, message.Length);

 

C. DES des = new DESCryptoServiceProvider();

ICryptoTransform crypto = des.CreateEncryptor();

MemoryStream cipherStream = new MemoryStream();

CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);

cryptoStream.Write(message, 0, message.Length);

 

D. DES des = new DESCryptoServiceProvider();

ICryptoTransform crypto = des.CreateEncryptor(key, iv);

MemoryStream cipherStream = new MemoryStream();

CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);

cryptoStream.Write(message, 0, message.Length);

 

 

Answer: D

 

Q10: You are creating a new security policy for an application domain.

You write the following lines of code.

 

PolicyLevel policy = PolicyLevel.CreateAppDomainLevel();

PolicyStatement noTrustStatement = new PolicyStatement(

policy.GetNamedPermissionSet(”Nothing”));

PolicyStatement fullTrustStatement = new PolicyStatement(

policy.GetNamedPermissionSet(”FullTrust”));

 

You need to arrange code groups for the policy so that loaded assemblies

default to the Nothing permission set. If the assembly originates from a

trusted zone, the security policy must grant the assembly the FullTrust

permission set. Which code segment should you use?

 

A. CodeGroup group1 = new FirstMatchCodeGroup(

new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);

CodeGroup group2 = new UnionCodegroup(new AllMembershipCondition(),

noTrustStatement);

group1.AddChild(group2);

 

B. CodeGroup group1 = new FirstMatchCodeGroup(new AllMembershipCondition(),

noTrustStatement);

CodeGroup group2 = new UnionCodeGroup(new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);

group1.AddChild(group2);

 

C. CodeGroup group = new UnionCodeGroup(new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);

 

D. CodeGroup group = new FirstMatchCodeGroup( new AllMembershipCondition(), noTrustStatement);

 

 

Answer: B


– Nikhil Kumar

For all questions just visit my blog and try to leave your precious comments on my blog ...
www.dotnetask.blog.co.in   

Ebook Download
View all
Learn
View all