Exam Prep Questions

Previous page
Table of content
Next page
Question 1

You are adding a section to the machine.config file on your ASP.NET Web server. You want to ensure that this section cannot be defined in any other configuration file. Which declaration should you use?

  • A. 

     <section name="customSection"   type="CustomConfiguration Handler" allowDefinition="MachineToApplication"/>

  • B. 

     <section name="customSection"  type="CustomConfiguration Handler"  allowLocation="false"/>

  • C. 

     <section name="customSection"  type="CustomConfiguration Handler" />

  • D. 

     <section name="customSection"  type="CustomConfiguration Handler"  allowOverride="false"/>
A1:

The correct answer is B. The allowLocation attribute lets you specify that this section should not appear beneath the file where it is defined. Answer A is incorrect because the allowDefinition attribute being set to MachineToApplication allows this section to be defined on the application level. Answer C is incorrect because omitting all the attributes allows a section to be defined everywhere. Answer D is incorrect because the allowOverride attribute applies to actual configuration data, not to section declarations.

Question 2

You have adjusted a setting in one of your ASP.NET application's configuration files by editing the file with Notepad. What must you do to have the new setting take effect?

  • A. Restart the Web server.

  • B. Reboot the computer that hosts the Web server.

  • C. Open the file in Visual Studio .NET.

  • D. Save the file.

A2:

The correct answer is D. Changes to ASP.NET configuration files are automatically picked up by ASP.NET as soon as the files are saved. Answers A and B are incorrect because changes to the application configuration file are automatically picked up by ASP.NET and do not require restarting the Web Server process or the machine. Answer C is incorrect because the application configuration file is a plain-text file and Visual Studio .NET is not needed to either edit or activate it.

Question 3

Your ASP.NET application requires users to be authenticated with a strong identity. You must allow users with any version 4. x or better browser, and you want passwords to cross the network only with secure encryption. Which authentication should you use?

  • A. Windows authentication with basic IIS authentication

  • B. Windows authentication with digest IIS authentication

  • C. Windows authentication with integrated IIS authentication

  • D. Passport authentication with anonymous IIS authentication

A3:

The correct answer is D. Only Passport authentication fulfills the requirements stated in the question. Answer A is incorrect because basic IIS authentication does not securely encrypt passwords. Answers B and C are incorrect because digest and Windows integrated authentication require Internet Explorer as the browser.

Question 4

You have implemented forms-based authentication for your ASP.NET application. Some users report that they cannot access any resources on the site, even though you have verified that these users are entering correct authentication information. What could be the most likely cause of this problem?

  • A. These users are using non-Internet Explorer browsers.

  • B. These users have disabled cookies for your Web site.

  • C. These users do not have a Microsoft Passport.

  • D. These users are connecting from the Internet rather than a local intranet.

A4:

The correct answer is B. Forms authentication depends on cookies to indicate that a browser session has been authenticated. Answer A is incorrect because form-based authentication is not browser dependent. Answer C is incorrect because users do not need a Microsoft Passport for form-based authentication. Answer D is incorrect because form-based authentication should work well on an intranet as well as the Internet.

Question 5

Your application requires the user to be in the Domain Admins group to activate certain functions. Which ASP.NET security feature should you use to ensure that the user is in this group?

  • A. Passport authentication

  • B. Role-based security

  • C. Encryption

  • D. Type safety

A5:

The correct answer is B. Role-based security enables you to check whether a user is in a particular group. Answer A is incorrect because Passport authentication only authenticates the user's identity and does not provide additional information such as role membership. Answer C is incorrect because encryption is a process of protecting messages so that they can be read only via a special algorithm. Encryption is more suitable for protecting data instead of actions. Answer D is incorrect because type safety is an attribute of the code that verifies that the code uses only the memory locations it is allowed to use. Type safety has nothing to do with the functionality of an application.

Question 6

You want to allow any authenticated user access to your ASP.NET application but refuse access to all unauthenticated users. Which setting should you place in the application's web.config file?

  • A. 

     <deny users="?" />

  • B. 

     <deny users="*" />

  • C. 

     <allow users="?" />

  • D. 

     <allow users="*" />
A6:

The correct answer is A. If you deny access to all unauthenticated users, only authenticated users will be able to use the application. Answer B is incorrect because this option denies access to all the users (authenticated or not). Answer C is incorrect because this option allows access to all the unauthenticated users. Answer D is incorrect because this option allows access to all the users (authenticated or not).

Question 7

You are allowing anonymous or Windows integrated authentication on your IIS server. Your ASP.NET application uses Windows authentication with impersonation enabled. Which account will ASP.NET use when a user attempts to retrieve a page from the application?

  • A. The user's own Windows account

  • B. The ASPNET account

  • C. The IUSR_ ComputerName account

  • D. An account in the local administrators group

A7:

The correct answer is C. ASP.NET impersonates the identity of IIS itself using the IUSR_ ComputerName account. Answer A is incorrect because, if you allow anonymous authentication in IIS, users are never prompted for their Windows credentials. Answer B is incorrect because the ASPNET account is used when impersonation is disabled. Answer D is incorrect because impersonation is not enabled for a specific identity that belongs to the local administrators group.

Question 8

Your ASP.NET Web form includes a custom user control that displays company information. The rest of the page displays highly volatile stock ticker information. Which type of caching should you use to speed up this page?

  • A. Output

  • B. Varying

  • C. Application data

  • D. Fragment

A8:

The correct answer is D. In this case, the user control is a good candidate for caching, but the rest of the page should not be cached. Fragment caching enables you to cache a single user control. Answers A and B are incorrect because output caching and varying caching are useful only for caching the output of the complete page. Answer C is incorrect because application data caching is useful only for caching the data and not for caching page output.

Question 9

Your server is experiencing performance problems because of excessive load. You trace the problem to users overriding the application's caching policy by sending nocache headers in their HTTP requests . What should you do?

  • A. Use the OutputCache directive to configure caching.

  • B. Use the HttpCachePolicy.SetExpires() method to set an extended cache period.

  • C. Use the HttpCachePolicy.SetCacheability() method by passing an HttpCacheability.Private enumeration value.

  • D. Set the HttpCache.SetValidUntilExpires() method by passing true .

A9:

The correct answer is D. The HttpCache.SetValidUntilExpires() method tells the server to ignore client-side refreshes as long as the cache is valid. Answers A, B, and C are incorrect because these options do not override the HTTP Cache-Control headers sent by the client.

Question 10

Your ASP.NET application uses a Web farm to maintain confidential financial information. It's critical that Session state be maintained even in case of a server crash. Which alternative should you use for storing state information?

  • A. Session State Service

  • B. In-process storage

  • C. SQL Server storage

  • D. Configuration files

A10:

The correct answer is C. By placing Session state information in a SQL Server database, you get the benefit of SQL Server's transactional, logged storage that is guaranteed to keep the data in a consistent state even if the server crashes. Answer A is incorrect because, if the Web server storing the Session state fails, all the session information will be lost. Answer B is incorrect because in-process Session state is not shared between multiple Web servers in a Web farm. Answer D is incorrect because configuration files should be used only for storing configuration information.


Previous page
Table of content
Next page
MCAD Developing and Implementing Web Applications with Visual C#. NET and Visual Studio. NET (Exam [... ]am 2)
MCAD Developing and Implementing Web Applications with Visual C#. NET and Visual Studio. NET (Exam [... ]am 2)
ISBN: 789729016
EAN: N/A
Year: 2005
Pages: 191
BUY ON AMAZON
CISSP Exam Cram 2
VBScript Programmers Reference
Oracle Developer Forms Techniques
Introducing Microsoft ASP.NET AJAX (Pro - Developer)
Programming Microsoft ASP.NET 3.5
Sap Bw: a Step By Step Guide for Bw 2.0
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy