|
Question 1.
You are an application developer for ITCertKeys .com. You develop library assemblies that are called by your main applications. These library assemblies access confidential data in the applications.
To ensure that this data is not accessed in an unauthorized and unsafe manner, users must not be allowed to call the library assemblies from their own applications. You apply a strong name to all assemblies to support versioning.
You need to prevent users from writing managed applications that make calls to your library assemblies.
You need to achieve this goal while minimizing the impact on response times for applications.
What should you do?
A. Use the internal access modifier to declare all classes and structures in each library.
B. Use the protected internal access modifier to declare all classes and structures in each library.
C. Add the following attribute to each class and structure in each library assembly:
D. Add the following attribute to each class and structure in each library assembly:
Answer: C
Explanation:
StrongNameIdentityPermission Class
Defines the identity permission for strong names. This class cannot be inherited.
For a list of all members of this type, see StrongNameIdentityPermission Members.
System. Object
System. Security. Code Access Permission
System Security Permissions Strong Name Identity Permission
Not Inheritable Public Class StrongNameIdentityPermission
Inherits Code Access Permission
Remarks
Use Strong Name Identity Permission to achieve versioning and naming protection by confirming
that the calling code is in a particular strong-named code assembly.
A strong name identity is based on a cryptographic public key called a blob optionally combined
with the name and version of a specific assembly. The key defines a unique namespace and
provides strong verification that the name is genuine, because the definition of the name must be
in an assembly signed by the corresponding private key.
Note that the validity of the strong name key is not dependent on a trust relationship or any
certificate necessarily being issued for the key.
Note Full demands for StrongNameIdentityPermission succeed only if all the assemblies in the
stack have the correct evidence to satisfy the demand. Link demands using
Strong Name Identity Permission Attribute succeed if only the immediate caller has the correct
evidence.
Demands
You can use the security demand call declaratively or imperatively to specify the permissions that direct or indirect callers must have to access your library. Direct callers explicitly call static or instance methods of your library, while indirect callers call static or instance methods of another library that calls your library. When you use a demand, any application that includes your code will execute only if all direct and indirect callers have the permissions that the demand specifies. Demands are particularly useful in situations in which your class library uses protected resources that you do not want to be accessed by un trusted code. Demands can be placed in code using either imperative or declarative syntax.
Note that most classes in the .NET Framework already have demands associated with them, so
you do not need to make an additional demand whenever you use a class that accesses a
protected resource.
Link Demands
A link demand causes a security check during just-in-time compilation and checks only the immediate caller of your code. Linking occurs when your code is bound to a type reference, including function pointer references and method calls. If the caller does not have sufficient permission to link to your code, the link is not allowed and a runtime exception is thrown when the code is loaded and run. Link demands can be overridden in classes that inherit from your code.
Just-in-Time compilation
Languages in the .NET Framework compile to Microsoft Intermediate Language (IL) ready for the JiT (Just-in-Time) compiler to turn them into native code when the program is installed or first run. The runtime engine pulls in un compiled functions for compilation on the fly as required.
The following example shows how to demand that the calling code has StrongNameIdentityPermission at link time. Code will only execute if signed with a strong name
using the private key counterpart of the specified public key
Public Class Sample Class Restrict
Unauthorized Code
By using .NET Framework code access security - specifically, code identity demands - you can limit the assemblies that can access your data access classes and methods.
For example, if you only want code written by your company or a specific development organization to be able to use your data access components, use a Strong Name Identity Permission and demand that calling assemblies have a strong name with a specified public key, as shown in the following code fragment: using system. security permission;
. . .
[StrongNameIdentityPermission(Security Action. Link Demand,
PublicKey="002...4c6")]
public void Get Customer Info(int CustId)
{}
To extract a text representation of the public key for a given assembly, use the following
command:
sn -Tp assembly.dll
Note Use an uppercase "T" in the -Tp switch.
Because Web application assemblies are dynamically compiled, you cannot use strong names for these assemblies. This makes it difficult to restrict the use of a data access assembly to a specific Web application. The best approach is to develop a custom permission and demand that permission from the data access component. Full trust Web applications (or any fully trusted code) can call your component. Partial trust code, however, can call your data access component only if it has been granted the custom permission.
When You Should Use Demands? Your code is always subject to permission demand checks from the .NET Frame work class library, but if your code uses explicit permission demands, check that this is done appropriately. Search your code for the ".Demand" string to identity declarative and imperative permission demands, and then review the following questions:
* Do you cache data?
If so, check whether or not the code issues an appropriate permission demand prior to accessing the cached data. For example, if the data is obtained from a file, and you want to ensure that the calling code is authorized to access the file from where you populated the cache, demand a File
IO Permission prior to accessing the cached data.
* Do you expose custom resources or privileged operations?
If your code exposes a custom resource or privileged operation through unmanaged code, check
that it issues an appropriate permission demand, which might be a built-in permission type or a
custom permission type depending on the nature of the resource.
* Do you demand soon enough?
Check that you issue a permission demand prior to accessing the resource or performing the
privileged operation. Do not access the resource and then authorize the caller.
* Do you issue redundant demands?
Code that uses the .NET Framework class libraries is subject to permission demands. Your code
does not need to issue the same demand. This results in a duplicated and wasteful stack walk.
When to Use Link Demands? Link demands, unlike regular demands, only check the immediate caller. They do not perform a full stack walk, and as a result, code that uses link demands is subject to luring attacks. For information on Luring Attacks, see "Link Demands" in Chapter 8, "Code Access Security in Practice."
Search your code for the ".Link Demand" string to identify where link demands are used. They can only be used declaratively. An example is shown in the following code fragment:
[StrongNameIdentityPermission(Security Action. Link Demand,
PublicKey="00240000048...97e85d098615")]public static void Some Operation() {}* Why are
you using a link demand?
A defensive approach is to avoid link demands as far as possible. Do not use them just to improve performance and to eliminate full stack walks. Compared to the costs of other Web application performance issues such as network latency and database access, the cost of the stack walk is small. Link demands are only safe if you know and can limit which code can call your code.
* Do you trust your callers?
When you use a link demand, you rely on the caller to prevent a luring attack. Link demands are
safe only if you know and can limit the exact set of direct callers into your code, and you can trust those callers to authorize their callers.
* Do you call code that is protected with link demands?
If so, does your code provide authorization by demanding a security permission from the callers of your code? Can the arguments passed to your methods pass through to the code that you call?
If so, can they maliciously influence the code you call?
* Have you used link demands at the method and class level?
When you add link demands to a method, it overrides the link demand on the class. Check
that the method also includes class-level link demands.
* Do you use link demands on classes that are not sealed?
Link demands are not inherited by derived types and are not used when an overridden method is
called on the derived type. If you override a method that needs to be protected with a link
demand, apply the link demand to the overridden method.
* Do you use a link demand to protect a structure?
Link demands do not prevent the construction of a structure by an un trusted caller. This is because default constructors are not automatically generated for structures, and therefore the structure level link demand only applies if you use an explicit constructor.
* Do you use explicit interfaces?
Search for the Interface keyword to find out. If so, check if the method implementations are marked with link demands. If they are, check that the interface definitions contain the same link demands. Otherwise, it is possible for a caller to bypass the link demand.
The allowed access modifiers in .NET are public, private, protected, internal, and protected internal. These keywords control the visibility of class members (and other things), defining the circumstances under which a member may be accessed-hence their collective name as access modifiers. With the exception of the last, protected internal, it's illegal to combine two access modifiers.
Public means just that: public and visible to everyone and everything. A public member can be accessed using an instance of a class, by a class's internal code, and by any descendants of a class.
Private is also intuitively understood, meaning hidden and usable only by the class itself. No code using a class instance can successfully access a private member and neither can a descendant class.
Protected members are similar to private ones in that they are accessible only by the containing class. However, protected members also may be used by a descendant class. So members that are likely to be needed by a descendant class should be marked protected.
Members marked as internal are public to the entire application but private to any outside applications. Internal is useful when you want to allow a class to be used by other applications but reserve special functionality for the application that contains the class.
Finally, we have the only compound access modifier allowed in .NET, protected internal.
Members marked as protected internal may be accessed only by a descendant class that's contained in the same application as its base class. You use protected internal in situations where you want to deny access to parts of a class' functionality to any descendant classes found in other applications.
Not limited to controlling class access
As mentioned before, access modifiers aren't limited to use on class members but can be applied to a few other code constructs. The rules defining when modifiers may be legally assigned to a construct are dependant on the construct's container:
1. Interface and enumeration members are always public and no access modifiers are needed (or allowed).
2. Classes in namespaces are internal by default and may be either internal or public, while namespaces themselves are always public.
3. Members of a struct are private by default and may be given public, internal, or private access
modifiers.
Question 2.
You are an application developer for ITCertKeys .com. You are developing an application that can be extended by using custom components. The application uses reflection to dynamically load and invoke these custom components. In some cases, custom components will originate from a source that is not fully trusted, such as the Internet.
You need to programmatically restrict the code access security policy under which custom components run so that custom components do not run with an elevated permission grant.
What are two possible ways to achieve this goal?
(Each correct answer presents a complete solution. Choose two)
A. Create a new application domain and set the security policy level.
Run custom components in this application domain.
B. Use permission class operations to modify the security policy.
C. Implement custom permission classes to protect custom component resources.
D. Programmatically modify the machine-level security policy file after loading a custom
component.
Answer: B, C
Explanation:
All permission objects must implement the IPermission interface. Inheriting from the Code Access Permission class is the easiest way to create a custom permission because Code Access Permission implements IPermission and provides most of the methods required for a permission.
Additionally, you must implement the Unrestricted Permission interface for all custom code access permissions. The custom permission class is required for both imperative and declarative security support, so you should create it even if you plan to use only declarative security.
Defining the Permission Class To derive from the Code Access Permission class, you must override the following five key methods and provide your own implementation:
* Copy creates a duplicate of the current permission object.
* Intersect returns the intersection of allowed permissions of the current class and a passed class.
* Is Subset of returns true if a passed permission includes everything allowed by the current
permission.
* From Xml decodes an XML representation of your custom permission.
* To Xml encodes an XML representation of your custom permission.
The Unrestricted Permission interface requires you to override and implement a single method called Is Unrestricted Permission. In order to support the Unrestricted Permission interface, you must implement some system, such as a Boolean value that represents the state of restriction in the current object, to define whether the current instance of the permission is unrestricted.
Note:
Custom permissions should either be marked as sealed (Not Inheritable in Visual Basic) or have an inheritance demand placed on them. Otherwise, malicious callers are able to derive from your permission, potentially causing security vulnerabilities.
Default security policy does not know about the existence of any custom permission. For example, the Everything named permission set contains all the built-in code access permissions that the runtime provides, but it does not include any custom permissions. To update security policy so that it knows about your custom permission, you must do three things:
* Make policy aware of your custom permission.
* Add the assembly to the list of trusted assemblies.
* Tell security policy what code should be granted to your custom permission.
Making Policy Aware of Your Custom Permission To make policy aware of your custom
permission, you must:
* Create a new named-permission set that includes your custom permission. (You can modify an
existing named-permission set instead of creating a new one.)
* Give the permission set a name.
* Tell security policy that the named-permission set exists.
For more information, see Code Access Security Policy Tool (Caspol.exe) or .NET Framework Configuration Tool (Mscorcfg.msc). You can add a new permission set in one of several ways.
Using the Code Access Security Policy tool (Caspol.exe), you can create an .xml file that contains an XML representation of a custom permission set and then add this file to the security policy on the computer where the code is to run. Using the .NET Framework Configuration tool (Mscorcfg.msc), you can copy an existing permission set and add an XML representation of a permission to the new permission set.
To guarantee that your XML representation is valid and correctly represents your permission, you can generate it using code similar to the example that follows. Notice that this code creates a custom permission called My Custom Permission, initialized to the unrestricted state. If your
custom permission does not implement IUnrestricted Permission, or if you do not want to set policy to grant your permission in an unrestricted state, use the constructor to initialize your permission to the state you want it to have.
Application domains provide a more secure and versatile unit of processing that the common language runtime can use to provide isolation between applications. Application domains are typically created by runtime hosts, which are responsible for bootstrapping the common language runtime before an application is run.
You can run several application domains in a single process with the same level of isolation that would exist in separate processes, but without incurring the additional overhead of making cross-process calls or switching between processes. The ability to run multiple applications within a single process dramatically increases server scalability.
Isolating applications is also important for application security. For example, you can run controls from several Web applications in a single browser process in such a way that the controls cannot access each other's data and resources.
The isolation provided by application domains has the following benefits:
* Faults in one application cannot affect other applications. Because type-safe code cannot cause memory faults, using application domains ensures that code running in one domain cannot affect other applications in the process.
* Individual applications can be stopped without stopping the entire process. Using application domains enables you to unload the code running in a single application.
Note You cannot unload individual assemblies or types. Only a complete domain can be unloaded.
* Code running in one application cannot directly access code or resources from another application. The common language runtime enforces this isolation by preventing direct calls between objects in different application domains. Objects that pass between domains are either copied or accessed by proxy. If the object is copied, the call to the object is local.
That is, both the caller and the object being referenced are in the same application domain.
If the object is accessed through a proxy, the call to the object is remote. In this case, the caller and the object being referenced are in different application domains. Cross-domain calls use the same remote call infrastructure as calls between two processes or between two machines. As such, the metadata for the object being referenced must be available to both application domains to allow the method call to be JIT-compiled properly. If the calling domain does not have access to the metadata for the object being called, the compilation might fail with an exception of type System.IO.File Not Found. See Accessing Objects in Other Application Domains Using .NET Remoting for more details. The mechanism for determining how objects can be accessed across domains is determined by the object. For more information, see Marshal By Ref Object Class.
* The behavior of code is scoped by the application in which it runs. In other words, the application domain provides configuration settings such as application version policies, the location of any remote assemblies it accesses, and information about where to locate assemblies that are loaded into the domain.
* Permissions granted to code can be controlled by the application domain in which the code is
running.
Question 3.
You are an application developer for ITCertKeys .com. You are developing an application that salespeople in ITCertKeys will use to process customer orders. This application includes a library assembly that implements a serviced component named Order. This serviced component adds roles named ITCertKeys Manager and SalesPerson to the COM+ application that hosts it.
To promote customer satisfaction, salespeople are allowed to apply discounts to orders if the order was erroneously delayed. However, only ITCertKeys Managers are allowed to apply discounts greater than 10 percent. The application includes the following method to apply the discount.
Public Function Apply Discount (ByVal discountPct As Integer) As Boolean
This method will return a value of False when the current user is not a member of the ITCertKeys Manager role and the value of the discountPct parameter exceeds the maximum that other salespeople are allowed to apply.
You need to add the code that will verify the role membership requirement when the value of discountPct is greater than 10.
Which code segment should you use?
A. If discountPct > 10 And_
Thread.CurrentPrincipal.IsInRole(" ITCertKeys Manager") = False Then
Return False
End If
B. If discountPct > 10 Then
Dim p As PrincipalPermission = New PrincipalPermission(Nothing,
" ITCertKeys Manager")
If Security ITCertKeys Manager.IsGranted(p) = False Then
Return False
End If
End if
C. If discountPct > 10 Then
Dim p As PrincipalPermission = New PrincipalPermission(Nothing,
" ITCertKeys Manager")
Try
p.Demand()
Catch e As SecurityException
Return False
End Try
End If
D. If discountPct > 10 And _
SecurityCallContext.CurrentCall.IsCallerInRole(" ITCertKeys Manager") _
= False Then
Return False
End if
Answer: A
Explanation
The Security Call Context class provides the method Is Caller In Role, which you can use to determine whether the identity of the calling process matches a specified role. (The Context Util class also supplies Is Caller In Role as a static method). The IsUserInRole method allows you to
specify an account name and a role and determines whether that account name is assigned to the role.
Security Call Context. Is Caller In Role Method
Verifies that the direct caller is a member of the specified role.
Public Function IsCallerInRole( _ By Val role As String _) As Boolean Parameters role
The specified role.
Return Value true if the direct caller is a member of the specified role; otherwise false.
RequirementsPlatforms:Windows2000, Windows XP Home Edition, Windows XP Professional,
WindowsServer2003family.NET Framework Security:
* Full trust for the immediate caller. This member cannot be used by partially trusted code. For
more information, see Using Libraries From Partially Trusted Code .NET Serviced Components
http://www.ondotnet.com/pub/a/dotnet/excerpt/com_dotnet_ch10/?page=9
Verifying Caller's Role Membership Sometimes it is useful to verify programmatically the caller's role membership before granting it access. Your serviced components can do that just as easily as configured COM components. .NET provides you the helper class Security Call Context that gives you access to the security parameters of the current call. Security Call Context encapsulates the COM+ call-object's implementation of Security Call Context. The class Security Call Context has a public static property called Current Call. Current Call is a read-only property of type Security Call Context (it returns an instance of the same type). You use the Security Call Context object returned from Current Call to access the current call. Example 10-14 demonstrates the use of the security call context to verify a caller's role membership.
Example 10-14: Verifying the caller's role membership using the Security Call Context class Public class Bank :Serviced Component, Accounts Manager {void Transfer Money (int sum,
lung account src, ulong account dest) {bool caller Role =false; caller Role=security call context. Current call is call Role("Customer");if(caller Role)//the caller is a customer{if(sum > 5000)throw(new Unauthorized Access Exception (@"Caller does not have sufficient credentials to transfer this sum"));}Do Transfer(sum, account Src, account Dest);Helper method } //Other methods}You should use the Boolean property Is Security Enable dof Security Call Context to verify that security is enabled before accessing the IsCallerInRole() method:
bool security Enable=security call context current call is security Enable; if (security Enable){
//the rest of the verification process}
Question 4.
You are an application developer for ITCertKeys .com. You develop an application that receives data from a remote component.
You are developing a method to detect any corrupted incoming data and log information to a file for analysis.
You plan to use two functions. A function named ITCertKeys Data will be called by the remote component. The second function will be called by the local application to verify that the data was not corrupted during transmission.
You need to ensure that corrupted data can be identified.
Which code segment should you use?
A. Public Function ITCertKeys Data(ByVal Data As Byte()= As Byte()
Dim Ms As New MemoryStream
Ms.Write(Data, 0, Data.Lenght)
Ms.Write(Data, 0, Data.Lenght)
Return Ms.ToArray()
End Function
B. Public Function ITCertKeys Data(ByVal Data As Byte()) As Byte()
Dim Md5 As MD5 = New MD5CryptoServiceProvider
Dim Ms As New MemoryStream
Ms.Write(Md5.ComputeHash(Data), 0, Md5.HashSize)
Ms.Write(Data, 0, Data.Lenght)
Return Ms.ToArray()
End Function
C. Public Function ITCertKeys Data(ByVal Data As Byte()) As Byte()
Dim Des As DES = New DESCryptoServiceProvider
Dim Ms As New MemoryStream
Ms.Write(Des.Key, 0, Des.Key.Length)
Ms.Write(Des.IV, 0, Des.IV.Length)
Dim Cs As New CryptoStream(Ms, Des.CreateEncryptor(),
CryptoStreamMode.Write)
Cs.Write(Data, 0, Data.Length)
Cs.FlushFinalBlock()
Return Ms.ToArray()
End Function
D. Public Function ITCertKeys Data (ByVal Data As Byte()) As Byte()
Dim Ms As New MemoryStream
Dim Sw As New StreamWriter(Ms, Encoding.UTF8=
Sw.Write(Encoding.UTF8.GetString(Data))
Return Ms.ToArray()
Answer: B
Explanation:
Hash functions map binary strings of an arbitrary length to small binary strings of a fixed length. A cryptographic hash function has the property that it is computationally infeasible to find two distinct input that hash to the same value; hashes of two sets of data should match if the corresponding data also matches. Small changes to the data result in large unpredictable changes in the hash.
Example The following example computes the MD5 hash for data and stores it in result. This example assumes that there is a predefined constant DATA_SIZE.
Dim data(DATA_SIZE) As Byte' This is one implementation of the abstract class MD5.Dim md5 As New MD5CryptoServiceProvider()Dim result As Byte() = md5.ComputeHash(data)It is easy to generate and compare hash values using the cryptographic resources contained in the System. Security. Cryptography namespace. Because all hash functions take input of type Byte[], it might be necessary to convert the source into a byte array before it is hashed. To create a hash for a string value, follow these steps:
1. Open Visual Studio .NET.
2. Create a new Console Application in Visual Basic .NET. Visual Studio .NET creates a
Module for you along with an empty Main() procedure.
3. Make sure that the project references the System and System. Security namespaces.
4. Use the Imports statement on the System, System. Security, System. Security. Cryptographic,
and System. Text namespaces so that you are not required to qualify declarations from these namespaces later in your code. These statements must be used prior to any other declarations.
5. Imports System6. Imports System Security7. Imports System Security.Cryptography8.
Imports System.Text9. Declare a string variable to hold your source data, and two byte arrays (of undefined size) to hold the source bytes and the resulting hash value.
10. Dims Source Data As String11. Dim tmp Source () As
Byte12. Dim tmp Hash () As Byte13. Use the Get Bytes () function, which is part
of the System. Text. ASCIIEn coding. ASCII class, to convert your source string into an array of
bytes (required as input to the hashing function).
14. sSource Data = "MySourceData"15. 'Create a byte array
from source data.16. tmp Source =
ASCII Encoding. ASCII. Get Bytes (sSource Data)17. Compute the MD5 hash for your source data by calling Compute Hash on an instance of the MD5CryptoServiceProvider class. Note that to compute another hash value, you will need to create another instance of the class.
18. 'Compute hash based on source data.19. tmp Hash = New
MD5CryptoServiceProvider().Compute Hash (tmp Source) 20. The tmp Hash byte array now holds the computed hash value (128-bit value=16 bytes) for your source data. It is often useful to display or store a value like this as a hexadecimal string, which the following code accomplishes:
21. Console Write Line (Byte Array To String (tmp Hash))22. 23.
Private Function Byte Array To String (By Val arr Input() As Byte) As String24.
Dim i As Integer25. Dim sOutput As New
String Builder (arr Input. Length) 26. For i = 0 To arr Input Length - 127.
sOutput. Append (arr Input (i).To String("X2"))28. Next29.
Returns Output. To String()30. End Function31. Save and then run your code
to see the resulting hexadecimal string for the source value.
Question 5.
You are an application developer for your company, which is named ITCertKeys .com. You are developing an ASP.NET Web application that users in the accounting department will use to process payroll reports and view payroll reports. The application will use Integrated Windows authentication to authenticate all users.
Because payroll data is confidential only users in the accounting department will be granted access to the application. All employees in the accounting department belong to a specific Active Directory group.
However, users in the IT department can add themselves to various Active Directory groups in order to troubleshoot resource access problems. These IT department users must not be granted access to the ASP.NET Web application.
The following rules can be used to distinguish between users in the accounting department and users in the IT department:
• All users in the accounting department are members of a group named ITCertKeys \Accounting.
• Some users in the IT department are members of the ITCertKeys \Accounting group.
• All users in the IT department are members of a group named ITCertKeys \Domain Admin.
• No users in the accounting department are members of the ITCertKeys \Domain Admin group.
You need to configure URL authorization for the application by adding an element to the Web.config file in the application root.
Which element should you use?
A.
B.
C.
D.
Answer: A
Explanation:
Element
Configures ASP.NET authorization support. The tag controls client access to URL resources. This element can be declared at any level (machine, site, application,
subdirectory, or page).
Subtag Description
Allows access to a resource based on the following:
users: A comma-separated list of user names that are granted access to the resource. A question mark (?) allows anonymous user; an asterisk(*)allows all users.
roles: A comma-separated list of roles that are granted access to the resource.
verbs: A comma-separated list of HTTP transmission methods that are granted access to the resource. Verbs registered to ASP.NET are GET, HEAD, POST, and DEBUG.
Denies access to a resource based on the following:
users: A comma-separated list of user names that are denied access to the
resource. A question mark (?) indicates that anonymous user are denied access;
an asterisk (*) indicates that all users are denied access.
roles: A comma-separated list of roles that are denied access to the resource.
verbs: A comma-separated list of HTTP transmission methods that are denied
access to the resource. Verbs registered to ASP.NET are GET, HEAD, POST, and
DEBUG.
Remarks At run time, the authorization module iterates through the and tags until it finds the first access rule that fits a particular user. It then grants or denies access to a URL resource depending on whether the first access rule found is an or a rule. The default authorization rule in the Machine. config file is
Question 6.
You are an application developer for ITCertKeys .com. Your team is developing a Windows Forms application. Users will have access to different functionality depending on their roles in ITCertKeys . The application includes the following method.
Private Shared Function AuthenticateUser (ByVal user As String, _ByVal password As String. ByRef roles As String()) As Boolean This method authenticates the user against a third-party data store. When authentication is successfully, this method returns a value of True, and the string array named roles is updated to contain the user's roles.
You need to write the code that associates an authenticated user and the user's roles with the current security context.
Which code segment should you use?
A. ' p is initialized above as a PrincipalPermission
If AuthenticateUser (name, password, roles) = True Then
Dim r As String
For Each r In Roles
Dim ppTemp As PrincipalPermission = New
PrincipalPermission(name, r
p.Union(ppTemp)
Next
End If
p.IsUnrestricted()
B. ' p is initialized above as a PrincipalPermission
If AuthenticateUser (name, password, roles) = True Then
Dim r As String
For Each r In roles
Dim ppTemp As PrincipalPermission = New PrincipalPermission(name, r)
Next
End If
p.IsUnrestricted()
C. If AuthenticateUser(name, password, roles) = True Then
Dim r As String
For Each r In roles
Thread.CurrentPrincipal.IsInRole(r)
Next
End If
D. If AuthenticateUser(name, password, roles) = True Then
Thread.CurrentPrincipal = New GenericPrincipal(New
GenericIdentity(name), roles)
End If
Answer: D
Explanation:
Difference Between Declarative and Imperative Security There are two main differences between the use of declarative security and imperative security. In declarative security, the roles are essentially hard coded at design time, while in imperative security, these can be read from an external source such as a database or a config file. While config files can be used for prototypes or very simple applications, databases should be the repository of choice for roles. Further, with declarative security, the granularity of the access check is a method, while with imperative security, the granularity is controlled by the developer.
The following code illustrates how a caller of such a component can communicate the roles it belongs to. This is shown below:
private void Setup Principal (){string lUser Name = cb User Name. Selected Item. To String 0;Genericldentity ldentity =new Generic ldentity (IUser Name);string[] IDM Roles={"Distric Managers"};string[] IRM Roles= {"Regional Manager"};Generic Principal IP Principal ; if (IUser Name. Equals("Alex DM") IP Principal=new Generic Principal II ldentity, IDM Roles);if (lUser Name. Equals ("Tony RM")) lPrincipal = new Generic Principal (lIdentity, IRM Roles); Thread. Current Principal=1 Principal;} We first create the identity for the user, and then, based on the user name, associate the user name and a role to create a principal. This principal is then attached to the current thread object so that this can be accessed by all downstream components.
Creating Generic Principal and Generic Identity Objects
You can use the Generic Identity class in conjunction with the Generic Principal class to create an authorization scheme that exists independent of a Windows NT or Windows 2000 domain. Perform the following tasks to create an instance of the Generic Principal class.
1. Create a new instance of the identity class and initialize it with the name you want it to hold.
The following code creates a new Generic Identity object and initializes it with the name My User.
2. [C#]3. Generic Identity My Identity = new
Generic ldentity ("My Usr");4 Dirn My ldentity As New
Generic Identity("My User")5. Next, create a new instance of the Generic Principal class and initialize it with the previously created Generic Identity object and an array of strings that represent the roles that you want associated with this principal. The following code example specifies an array of strings that represent an administrator role and a user role. The Generic Principal is then initialized with the previous Generic Identity and the string array.
6. [C#] 7. String[]My string Arry={"Manager "Teller"};8
Generic Principal My Principal=new Generic Principal (My ldentity my string Array);9 10. Dim My String Array As String() = {"Manager", "Teller"}Dim My Principal As New Generic Principal (My Identity, My String Array)11. Finally, use the following code to attach the principal to the current thread. This is valuable in situations where the principal must be validated several times, it must be validated by other code running in your application, or it must be validated by a Principal Permission object. You can still perform role-based validation on the principal object without attaching it to the thread. For more information, see Replacing a Principal Object.
12.[C#] 13. Thread Current Principal=MYPrincipal;14 Thread. Current Principal = My Principal
The following code example demonstrates how to create an instance of a Generic Principal and a Generic Identity. This code displays the values of these classes to the console.
[C#]Using system; Using system security Principal Using system Threading; public class
Class1 { public static int Main(string[] args) { //Create generic identity. Generic Identity
My ldentity= new Generic ldentity("My ldentity");//create Generic Principal. string[] My string Arry={"Manager "Teller"};Generic Principal My Principal=new Generic Principal ("My ldentity, My string Arry);\\attach the Principal to the current V.\\the is not required unless repeated validation must occur, //other code in your application must Validate or the \\Principal permisson object is used. Thread current Principal=My Principal;
//print value to the consol .string Name=My Principal identy .Name; bool Auth=
My Principal identy is Authenticated; bool is in Role= My Principal is in Role("Manager"); Consol write line ("The Name is:{0}",Name); Consol write line("The is Authenticated is:{0}",Auth ;Consol write line("is this Manager? {0}",is in Role;return0;}}imports system imports system .security. Principal imports System. Th reading Public Class Class1Public Shared Sub Main() 'Create generic identity. Dim My Identity As New Generic Identity("My Identity")'Create generic principal. Dim My String Array As String() = {"Manager", "Teller"} Dim My Principal As New Generic Principal (My Identity, My String Array)'Attach the principal to the current thread. 'This is not required unless repeated validation must occur, 'other code in your application must validate, or the' Principal Permisson object is used. Thread. Current Principal = My Principal 'Print values to the console. Dim Name As String = My Principal. Identity. Name Dim Auth As Boolean = My Principal. Identity. Is Authenticated Dim Is In Role As Boolean = My Principal. Is In Role("Manager") Console. Write Line("The Name is: {0}", Name) Console. Write Line("The Is Authenticated is: {0}", Auth) Console. Write Line("Is this a Manager? {0}", Is In Role)End Sub End Class When executed, the application displays output similar to the following.
The Name is: My Identity The Is Authenticated is: True Is this a Manager? True
Question 7.
You are an application developer for ITCertKeys .com. You are developing a three-tier Windows Forms application that will be used to manage confidential records. The business layer includes a remote object that is installed on an application server. The remote object is hosted in ASP.NET on the application server.
IIS is configured to use Integrated Windows authentication, and ASP.NET is configured to use Windows authentication. All client computers and servers on the network support Kerberos authentication. The Windows Forms application communicates with the remote object by using a remoting proxy named ITCertKeys Proxy.
The remote object accessed a Microsoft SQL Server database. Permissions to database objects are granted based on the identity of the user. The remote object needs to run under the security context of the user.
Which code segment should you use?
A. Dim channel Properties As IDictionary
channel Properties =
ChannelServices.GetChannelSinkProperties( ITCertKeys Proxy)
channel Properties("credentials") =
CredenticalCache.DefaultCredentials
B. Dim channel Properties As IDictionary
Dim cred As NetworkCredential = New Network Credential(_User Name,
_psswd)
channel Properties =
ChannelServices.GetChannelSinkProperties( ITCertKeys Proxy)
channel Properties("credentials") = cred
C. Dim channel Properties As IDictionary
channel Properties =
ChannelServices.GetChannelSinkProperties( ITCertKeys Proxy)
channel Properties("credentials") = Thread.CurrentPrincipal
D. Dim channel Properties As Idictionary
channel Properties =
ChannelServices.GetChannelSinkProperties( ITCertKeys Proxy)
channel Properties("credentials") = Thread.CurrentPrincipal.Identity
Answer: A
Explanation:
Configure Client Credentials To successfully communicate with a remote component that is configured for Windows authentication, the client must configure the remoting proxy with the credentials to use for authentication. Failure to do so results in an access denied error.
You can configure the use of default credentials to use the client's current thread or process token, or you can set explicit credentials.
Using Default Credentials To use the client's process token (or thread token if the client thread is
currently impersonating), set the use Default Credentials property of the client proxy to true. This
results in the use of Credentials Cache. Default Credentials when the client receives an authentication challenge from the server. You can configure the proxy either by using the configuration file or programmatically in code. To configure the proxy externally, use the following element in the client configuration file:
element might already be there. Creating Connection Strings When you create a connection string to access SQL Server, you must include attributes that tell SQL Server that you are using Windows integrated security. To configure connection strings for Windows integrated security:
In any connection string for SQL Server, include the Trusted_Connection=Yes attribute and remove the User Name and password attributes. The following shows a typical connection string configured for Windows integrated security:
"data source=sql01;initial catalog= north wide; integrated security =SSPI; persist security info=false; trusted_connection=yes"
Sample C# code for connecting SQL server from ASP.Net
application using windows authentication:
private void databank (){sql connection = sql connection = ("data source=bond gula; initial catalog north wide integrated security SSPI; persist security info=false; Trusted_connection =yes");sql connection .open(); sql Data adapter=new sql Data adapter=new( "Select employee ID, first name ,last name ,title From Employees ",sql connection); data set= new data set (); sql Data adapter. fill (data set, "Employees");data gride1.data source= data set. Table [Employees].Default view; data grid1.data bind();}important settings in the web. config file are as follows:
_
Sub Main()
' ...
End Sub
D.
Answer: A
Explanation:
Try...Catch...Finally Statements
Provides a way to handle some or all possible errors that may occur in a given block of code,
while still running code.
Try [ try Statements ] [ Catch [ exception [ As type ] ] [ When expression ][ catch Statements ] ][
Exit Try ]...[ Finally [ finally Statements ] ]End Try Parts try Statements
Optional. Statement(s) where an error can occur. Can be a compound statement.
Catch
Optional. Multiple Catch blocks permitted. If an exception occurs while processing the Try
block, each Catch statement is examined in textual order to determine if it handles the exception.
Exception represents the exception that has been thrown.
exception
Optional. Any variable name. The initial value of exception is the value of the thrown error.
Used with Catch to specify the error caught.
type
Optional. Specifies the type of class filter. If the value of exception is of the type specified by
type or of a derived type, the identifier becomes bound to the exception object.
When
Optional. A Catch statement with a When clause will only catch exceptions when expression
evaluates to True. A When clause is only applied after checking the type of the exception, and
expression may refer to the identifier representing the exception.
expression
Optional. Must be implicitly convertible to Boolean. Any expression that describes a generic filter. Typically used to filter by error number. Used with When keyword to specify circumstances under which the error is caught.
Catch Statements
Optional. Statement(s) to handle errors occurring in the associated
Try block. Can be a compound statement.
Exit Try
Optional. Keyword that breaks out of the Try...Catch...Finally structure. Execution resumes with the Finally block if present, otherwise with the code immediately following the End Try
statement. Not allowed in Finally blocks.
Finally
Optional. A Finally block is always executed when execution leaves any part of the Try statement.
Finally Statements
Optional. Statement(s) that are executed after all other error processing has occurred.
End Try
Terminates the Try...Catch...Finally structure.
Remarks Local variables from a Try block are not available in a Catch block because they are separate blocks. If you want to use a variable in more than one block, declare the variable outside the Try...Catch...Finally structure.
If errors occur that the programmer has not handled, Visual Studio for Applications simply provides its normal error message to a user, as if there was no error handling.
The Try block contains code where an error can occur, while the Catch block contains code to handle any error that does occur. If an error occurs in the Try block, program control is passed to the appropriate Catch statement for disposition. The exception argument is an instance of the Exception class or an instance of a class that derives from the Exception class corresponding to the error that occurred in the Try block. The Exception class instance contains information about the error including, among other things, its number and message.
In partial trust situations, such as an application hosted on a network share, Try...Catch...Finally will not catch security exceptions that occur before the method containing the call is invoked.
Environment Permission Access Enumeration
Specifies access to environment variables.
This enumeration has a Flags Attribute that allows a bitwise combination of its member values.
[Visual Basic]
Public Enum Environment Permission Access
[C#]
[Flags]
[Serializable]
public enum Environment Permission Access
Remarks
This enumeration is used by Environment Permission.
Note Although No Access and All Access appear in Environment Permission Access, they are not
valid for use as the parameter for Get Path List because they describe no environment variable access types or all environment variable access types, respectively, and Get Path List expects a single environment variable access type.
Members
Member name Description Value
All Access Read and Write access to 3
environment variables.
All Access represents
multiple
Environment Permission Access
values and causes an
Argument Exception when
used as the flag parameter
for the Get Path List method,
which expects a single
value.
No Access No access to environment 0
variables. No Access
represents no valid
Environment Permission Access
values and causes an
Argument Exception when
used as the parameter for
Get Path List, which expects
a single value.
Read Only read access to 1
environment variables is
specified. Changing,
deleting and creating
environment variables is
not included in this access
level.
Write Only write access to 2
environment variables is
specified. Write access
includes creating and
deleting environment
variables as well as
changing existing values.
Reading environment
variables is not included in
this access level.
Security Permission Flag. Unmanaged Code Field
Unmanaged Code=0x2:
Specifies the ability to call unmanaged code.
[Note: Because unmanaged code potentially allows other permissions to be bypassed, this permission should be used with caution. It is used for applications calling native code using Pin voke.] Not putting Request Minimum on the assembly will not provide the necessary security. All it will
ensure is that the assembly will not load unless it is granted Unmanaged Code permission. It does not put any limitations on what code can call into this assembly. Now, if the assembly is strong name signed and does not have APTCA (Allow Partially Trusted Callers Attribute), all public methods effectively have an implicit Link Demand for Full Trust, so this should be safe. If there is APTCA on the assembly, then the only remedy (apart from completely changing the design) is putting a Link Demand (or a Demand) on it and making sure only the right code (for example, signed by the relevant company) can call it
|
Question 1. When a phone needs a conference resource, which of the following Cisco CallManager objects is queried first? A. media resource device list B. media resource group list C. media resource group D. media resource pool Answer: B Question 2. Which two of these tools can be used to reestablish a Cisco CallManager cluster SQL subscription? (Choose two.) A. DNA B. SQL Server Service Manager C. RTMT D. DBLHelper E. SQL Server Enterprise Manager Answer: D, E Question 3. Which of these options will prevent a device from being able to initiate conferences? A. Place all conference media resources in MRGs and exclude these MRGs from the MRGL. B. Exclude the conference media resources from all MRGs. C. Exclude the conference media resource partitions from the CSS. D. Remove the default MRGL from the device pool. Answer: A Question 4. A user reports poor quality on voice calls and is instructed to select the QRT softkey. How can you access the information generated by this call? A. use the QRT plug-in on the PC of an administrator B. use Tools\QRT Viewer under the CiscoCallManager Serviceability page C. use the System\Real-time Monitor Tool under CiscoCallManager Administration D. use theperfmon counter application under Administrative Tools Answer: B Question 5. DRAG DROP Drag drop Answer: Question 6. How is a backup target changed to a backup server? A. Modify the BARS service parameter from Target to Server. B. Use BARSadministration to change from Target to Server. C. Use BARSadministration to delete the destination target. D. Uninstall BARS and reinstall as a backup server. Answer: D Question 7. What are Cisco CallManager Locations used for? A. Specify the bandwidth used for audio and video calls. B. Define the time zones for devices connected to the CiscoCallManager. C. Implement call admission control in a centralized call processing deployment. D. Provide alternate call routing when the primary call path is unavailable. E. Assign directory numbers to devices as they connect to the IP telephony network. Answer: C Question 8. Based on the following dial-plan rules, what is the minimum number of partitions that must be defined? All employees can call local and service numbers. Managers can call long distance and international numbers. Executives can call all numbers. Only administrative assistants can call executives. Incoming calls can only be routed to IP phones. A. 6 B. 4 C. 5 D. 3 Answer: B Question 9. What will happen if Option 150 is not configured on the DHCP server? A. CiscoCallManager will be unable to replicate its database to the subscribers. B. IP Phones will not be able to load their configuration files. C. CiscoCallManager will be unable to access the TFTP server. D. IP Phones will not be able to receive VLAN information. E. CiscoCallManager will be unable to register IP Phones. F. The DHCP server will not be able to answer requests from IP Phones. Answer: B Question 10. Which four characteristics would typically be used to define a device pool? (Choose four.) A. geographic proximity B. common calling search spaces for auto-registration C. common device type D. common use ofcodecs E. common MOH source F. common class of service Answer: A, B, D, E Question 11. An auto parts retailer would like their service counter representatives to be able to assist both walk-up customers and telephone customers. Each store has six service counter representatives. Which call distribution algorithm will allow each service counter representative to provide the best customer service? A. Circular B. Top Down C. Longest Idle Time D. Broadcast Answer: D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.