You are creating an XML Web service named ViewOrders that is available to customers over the Internet. ViewOrders exposes a Web method named ViewShippingDetail that requires additional security. You decide to use generic role-based security to secure ViewShippingDetail.You need to write code to ensure that once the caller is authenticated, a user identity named Generic is created. This user identity has membership in a group named Shipping to allow access to ViewShippingDetail .Which code segment should you use?
A.Dim myldentity As IIdentity = New GenericIdentity("Generic”, "Custom")Dim Roles As String() = {"Shipping"}Dim myPrincipal = New GenericPrincipal(myldentity, Roles)ir.yldentity = Windowsldentity. Get Current
B.Dim myldentity As Genericldentity = New_Genericldentity("Generic", "Custom")Dim Roles As String () = {"Shipping"}Dim myPrincipal = New GenericPrincipal(myldentity,_ Roles) Thread.CurrentPrincipal = myPrincipal
C.Dim myldentity As Ildentity = New_Genericldentity("Generic", "Shipping")Dim myPrincipal As 工Principal = New_WindowsPrincipal(myldentity)Threa
D.CurrentPrincipal = myPrincipalD.Dim myGenericIdentity As Ildentity = New_Genericldentity(”Generic", "Custom")Dim myldentity As Windowsldentity = myGenericIdentity Dim Roles As String() = {"Shipping"}Dim myPrincipal = New GenericPrincipal(myldentity,_Roles)Windowsldentity.Impersonate(myldentity.Token)
试卷相关题目
- 1You create an assembly that contains a collection of serviced components. You want to secure these components by using a collection of COM+ roles. Different group of roles will secure different components.You need to ensure that role-based security is enforced in the assembly. You want to accomplish this goal by adding an attribute to the project source code.Which attribute should you use?
A.〈assembly: SecurityRole("Assembly", true)>
B.〈assembly:SecurityPermission(SecurityAction.RequestOptional)>
C.〈assembly:ApplicationActivation(ActivationOption.Server)>
D.〈assembly:AppiicationAccessControl(AccessChecksLevel = AccessChecksLevelOption.ApplicationComponent)>
开始考试点击查看答案 - 2You are developing an application by using Visual C# .NET and Visual Basic .NET. The application will use functions form a DLL written in unmanaged code.One function requires the calling application to allocate unmanaged memory, fill it with data, and pass the address of the memory to the function . On returning from the function, the calling application must deallocate the unmanaged memory.You need to decide how your application will handle unmanaged memory.What should you do?
A.Use a byte array
B.Use the methods of the Marshal class
C.Use the methods of the MemoryStream class
D.Derive a new class from the Stream class, and override the allocation methods
开始考试点击查看答案 - 3You are creating an XML Web service named YourWebService. Callers must be authenticated by using credentials passed in the SOAP header of each Web service call. You want to use role-based security to secure each method on YourWebService. The roles that users are assigned are stored in a custom database table.You need to write code that will allow you to dynamically change which roles can execute specific methods at run time.What should you do?
A.Create a Windowsldenti ty object and a Windows Principal Object. Then implement declarative role-based security
B.Create a Windowsldenti ty object and a Windows Principal object. Then implement imperative role-based security
C.Create a Gene riel dentity object and a GenericPrincipal object. Then implement declarative role-based security
D.Create a Genericldentity object and a GenericPrincipal object. Then implement imperative role-based security
开始考试点击查看答案 - 4You create an XML Web service named ReportService for an application on your company's intranet. You configure Internet Information Services(IIS) and ReportService to use Integrated Windows authentication .You configure the Access Control List (ACL) for ReportService to allow access to only members of a Windows group named FieldAgents. You test and confirm that only members of the FieldAgents group can use ReportService.ReportService includes a method named Submit Surveillance that calls a serviced component named ReportDat
A.ReportData uses COM+role- bases security to restrict component access to members of the COM+ Agents role. The COM+ Agents role is configured to include the FieldAgents group.You call SubmitSurveillance. However, when the call to ReportData is attempted, an exception is thrown indicating that access is denied. You need to correct this problem.What should you do?A.In IIS, enable Anonymous access
B.In the
section of the Web.config file, add the following line of code:〈identity impersonate^"true”/> C.In the〈system.web> section of the Web.config file, add the following line of code:〈identity impersonate^"false"/〉
D.In the
开始考试点击查看答案section of the Web.config file, add the following line of code:〈authentication mode="None"/> - 5You create a serviced component named StockQuote that implements the IStockQuote interface. The StockQuote class includes the following code segment:Public Class StockQuoteInherits ServicedComponent Implements IStockQuote Public Function GetQuote(stock as Ticker) as Price Implements IStockQuote.GetQuote 'Implementation code goes here.End Function End ClassYou want to secure StockQuote so that it can only be accessed by users in the Customers and Managers roles.Which actions should you take?(Each correct answer presents part of the solution. Choose two)
A.To the StockQuote class, add the following attribute:
B.To the StockQuote class, add the following attribute: 〈Transaction(TransactionOption.Required)>
C.Implement the ISecurityCallContext COM interface in the StockQuote class. Implement the IsCallerlnRole method for the Customers and Managers roles
D.To the StockQuote class, add the following attributes:
E.To the beginning of the GetQuote method, add the following code segment:If Not ContextUtil.IsCallerlnRole("Managers,Customers")_Then Throw New SecurityException("Access is denies.”)End If
开始考试点击查看答案 - 6You are creating a serviced component named Itemlnventory. An online catalog application will use Itemlnventory to display the availability of products in inventory.Additional serviced components written by other developers will continuously update the inventory data as orders are placed.The Item Inventory class includes the following code segment: <Transaction(TransactionOption.Required)>Public Class Itemlnventory Inherits ServicedComponent 'Method code goes here.End ClassItemlnventory is configured to require transactions. You want Item Inventory to respond to requests as quickly as possible, even if that means displaying inventory values that are not up to date with the most recent orders.What should you do?
A.To the Itemlnventory class, add the following attribute:
B.To all methods of the Itemlnventory class, add the following attribute:
C.Modify the Transaction attribute of the Itemlnventory class to be the following attribute:
D.Modify the Transaction attribute of the Itemlnventory class to be the following attribute:〈Transaction(TransactionOption.Required, __IsolationLevel:» TransactionlsolationLevel.ReadOncoromitted)>
开始考试点击查看答案 - 7As a developer at your company, you are creating a serviced component that will perform several distributed transactions across different databases. The serviced component will be called from managed and unmanaged client applications.You create a new class library project. You write code in the class modules to implement the logic.You want to detect and correct any registration errors before any client applications use the component.What should you do next?
A.Assign a strong name to the assembly. Compile the assembly. Run the .NET Services Installation tool (Regsvcs.exe) to add the component to Component Services
B.Run the Type Library Exporter (Tlbexp.exe) to export the definition for the assembly
C.Assign a strong name for the assembly. Compile the assembly. Run the Global Assembly Cache tool (Gacutil.exe) to add the component to the global assembly cache
D.Use the Assembly Registration tool(Regasm.exe) to create entries in the registry that describe the assembly
开始考试点击查看答案