Q5: You are developing a class library. Portions of your code need to
access system environment variables.
You need to force a runtime SecurityException only when callers that are
higher in the call stack do not have the necessary permissions.
Which call method should you use?
A. set.Demand();
B. set.Assert();
C. set.PermitOnly();
D. set.Deny();
Answer: A
Q6: You are developing a method to hash data for later verification by
using the MD5 algorithm. The data is passed to your method as a byte array
named message. You need to compute the hash of the incoming parameter
by using MD5. You also need to place the result into a byte array.
Which code segment should you use?
A. HashAlgorithm algo = HashAlgorithm.Create(”MD5?);
byte[] hash = algo.ComputeHash(message);
B. HashAlgorithm algo = HashAlgorithm.Create(”MD5?);
byte[] hash = BitConverter.GetBytes(algo.GetHashCode());
C. HashAlgorithm algo;
algo = HashAlgorithm.Create(message.ToString());
byte[] hash = algo.Hash;
D. HashAlgorithm algo = HashAlgorithm.Create(”MD5?);
byte[] hash = null;
algo.TransformBlock(message, 0, message.Length, hash, 0);
Answer: A
Q7: You are changing the security settings of a file named MyData.xml.
You need to preserve the existing inherited access rules. You also need to
prevent the access rules from inheriting changes in the future.
Which code segment should you use?
A. FileSecurity security = new FileSecurity(”mydata.xml”, AccessControlSections.All);
security.SetAccessRuleProtection(true, true);
File.SetAccessControl(”mydata.xml”, security);
B. FileSecurity security = new FileSecurity();
security.SetAccessRuleProtection(true, true);
File.SetAccessControl(”mydata.xml”, security);
C. FileSecurity security = File.GetAccessControl(”mydata.xml”);
security.SetAccessRuleProtection(true, true);
D. FileSecurity security = File.GetAccessControl(”mydata.xml”);
security.SetAuditRuleProtection(true, true);
File.SetAccessControl(”mydata.xml”, security);
Answer: A
Q8: You are developing a server application that will transmit sensitive
information on a network. You create an X509Certificate object named
certificate and a TcpClient object named client. You need to create an
SslStream to communicate by using the Transport Layer Security 1.0
protocol. Which code segment should you use?
A. SslStream ssl = new SslStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.None, true);
B. SslStream ssl = new SslStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.Ssl3, true);
C. SslStream ssl = new slStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.Ssl2, true);
D. SslStream ssl = new SslStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.Tls, true);
Answer: D
Q9: You are developing a method to encrypt sensitive data with the Data
Encryption Standard (DES) algorithm. Your method accepts the following
parameters:
• The byte array to be encrypted, which is named message.
• An encryption key, which is named key
• An initialization vector, which is named iv
You need to encrypt the data. You also need to write the encrypted data to
a MemoryStream object. Which code segment should you use?
A. DES des = new DESCryptoServiceProvider();
des.BlockSize = message.Length;
ICryptoTransform crypto = des.CreateEncryptor(key, iv);
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);
B. DES des = new DESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateDecryptor(key, iv);
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);
C. DES des = new DESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateEncryptor();
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);
D. DES des = new DESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateEncryptor(key, iv);
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);
Answer: D
Q10: You are creating a new security policy for an application domain.
You write the following lines of code.
PolicyLevel policy = PolicyLevel.CreateAppDomainLevel();
PolicyStatement noTrustStatement = new PolicyStatement(
policy.GetNamedPermissionSet(”Nothing”));
PolicyStatement fullTrustStatement = new PolicyStatement(
policy.GetNamedPermissionSet(”FullTrust”));
You need to arrange code groups for the policy so that loaded assemblies
default to the Nothing permission set. If the assembly originates from a
trusted zone, the security policy must grant the assembly the FullTrust
permission set. Which code segment should you use?
A. CodeGroup group1 = new FirstMatchCodeGroup(
new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);
CodeGroup group2 = new UnionCodegroup(new AllMembershipCondition(),
noTrustStatement);
group1.AddChild(group2);
B. CodeGroup group1 = new FirstMatchCodeGroup(new AllMembershipCondition(),
noTrustStatement);
CodeGroup group2 = new UnionCodeGroup(new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);
group1.AddChild(group2);
C. CodeGroup group = new UnionCodeGroup(new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);
D. CodeGroup group = new FirstMatchCodeGroup( new AllMembershipCondition(), noTrustStatement);
Answer: B
– Nikhil Kumar
For all questions just visit my blog and try to leave your precious comments on my blog ...
www.dotnetask.blog.co.in