Question: You are developing a server application that will transmit sensitive information on a network. You create an X509Certificate object named certificate and a TcpClient object named client. You need to create an SslStream to communicate by using the Transport Layer Security 1.0 protocol. Which code segment should you use?
- SslStream ssl = new SslStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.None, true); - SslStream ssl = new SslStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.Ssl3, true); - SslStream ssl = new slStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.Ssl2, true); - SslStream ssl = new SslStream(client.GetStream());
ssl.AuthenticateAsServer(certificate, false, SslProtocols.Tls, true);
Correct Answer: 4
Question: You are developing a method to encrypt sensitive data with the Data Encryption Standard (DES) algorithm. Your method accepts the following parameters:
- The byte array to be encrypted, which is named message.
- An encryption key, which is named key
- An initialization vector, which is named iv
You need to encrypt the data. You also need to write the encrypted data to a MemoryStream object. Which code segment should you use?
DES des = new DESCryptoServiceProvider();
des.BlockSize = message.Length;
ICryptoTransform crypto = des.CreateEncryptor(key, iv);
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto,
CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);DES des = new DESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateDecryptor(key, iv);
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto,
CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);DES des = new DESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateEncryptor();
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto,
CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);DES des = new DESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateEncryptor(key, iv);
MemoryStream cipherStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto,
CryptoStreamMode.Write);
cryptoStream.Write(message, 0, message.Length);
Correct Answer: 4
Question: You are creating a new security policy for an application domain. You write the following lines of code.
PolicyLevel policy = PolicyLevel.CreateAppDomainLevel();
PolicyStatement noTrustStatement = new PolicyStatement(
policy.GetNamedPermissionSet("Nothing"));
PolicyStatement fullTrustStatement = new PolicyStatement(
policy.GetNamedPermissionSet("FullTrust"));
You need to arrange code groups for the policy so that loaded assemblies default to the Nothing permission set. If the assembly originates from a trusted zone, the security policy must grant the assembly the FullTrust permission set. Which code segment should you use?
CodeGroup group1 = new FirstMatchCodeGroup(new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);
CodeGroup group2 = new UnionCodegroup(new AllMembershipCondition(), noTrustStatement);
group1.AddChild(group2);CodeGroup group1 = new FirstMatchCodeGroup(new AllMembershipCondition(), noTrustStatement);
CodeGroup group2 = new UnionCodeGroup(new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);
group1.AddChild(group2);CodeGroup group = new UnionCodeGroup(new ZoneMembershipCondition(SecurityZone.Trusted), fullTrustStatement);
CodeGroup group = new FirstMatchCodeGroup( new AllMembershipCondition(), noTrustStatement);
Correct Answer: 2
Question: You are developing a method to decrypt data that was encrypted with the Triple DES Algorithm. The method accepts the following parameters:
- The byte array to be decrypted, which is named cipherMessage
- The key, which is named key
- An initialization vector, which is named iv
You need to decrypt the message by using the TripleDES class and place the result in a string. Which code segment should you use?
TripleDES des = new TripleDESCryptoServiceProvider();
des.BlockSize = cipherMessage.Length;
ICryptoTransform crypto = des.CreateDecryptor(key, iv);
MemoryStream cipherStream = new MemoryStream(cipherMessage);
CryptoStream cryptoStream = new CryptoStream( cipherStream, crypto, CryptoStreamMode.Read);
string message;
message = new StreamReader(cryptoStream).ReadToEnd();TripleDES des = new TripleDESCryptoServiceProvider();
des.FeedbackSize = cipherMessage.Length;
ICryptoTransform crypto = des.CreateDecryptor(key, iv);
MemoryStream cipherStream = new MemoryStream(cipherMessage);
CryptoStream cryptoStream = new CryptoStream(cipherStream, crypto, CryptoStreamMode.Read);
string message;
message = new StreamReader(cryptoStream).ReadToEnd();TripleDES des = new TripleDESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateDecryptor();
MemoryStream cipherStream = new MemoryStream(cipherMessage);
CryptoStream cryptoStream = new CryptoStream( cipherStream, crypto, CryptoStreamMode.Read);
string message;
message = new StreamReader(cryptoStream).ReadToEnd();TripleDES des = new TripleDESCryptoServiceProvider();
ICryptoTransform crypto = des.CreateDecryptor(key, iv);
MemoryStream cipherStream = new MemoryStream(cipherMessage);
CryptoStream cryptoStream = new CryptoStream( cipherStream, crypto, CryptoStreamMode.Read);
string message;
message = new StreamReader(cryptoStream).ReadToEnd();
Correct Answer: 4
Question: You are writing a method that returns an ArrayList named al. You need to ensure that changes to the ArrayList are performed in a threadsafe manner. Which code segment should you use?
ArrayList al = new ArrayList();
lock (al.SyncRoot){return al;}ArrayList al = new ArrayList();
lock (al.SyncRoot.GetType()){return al;}ArrayList al = new ArrayList();
Monitor.Enter(al);
Monitor.Exit(al);
return al;ArrayList al = new ArrayList();
ArrayList sync_al = ArrayList.Synchronized(al);
return sync_al;
Correct Answer: 4