SCWCD(310-083)

单选题A developer has used this code within a servlet: 62.if(request.isUserInRole("vip")) { 63.// VIP-related logic here 64.} What else must the developer do to ensure that the intended security goal is achieved?()A Create a user called vip in the security r

题目
单选题
A developer has used this code within a servlet: 62.if(request.isUserInRole("vip")) { 63.// VIP-related logic here 64.} What else must the developer do to ensure that the intended security goal is achieved?()
A

Create a user called vip in the security realm

B

Define a group within the security realm and call it vip

C

Define a security-role named vip in the deployment descriptor

D

Declare a security-role-ref for vip in the deployment descripto

如果没有搜索结果,请直接 联系老师 获取答案。
如果没有搜索结果,请直接 联系老师 获取答案。
相似问题和答案

第1题:

You create a Web site. The Web site has many predefined roles and associated users that will be used for security purposes. You need to manage these roles and user accounts.Which tool should you use? ()

A. the Microsoft .NET Framework Configuration tool

B. the Code Access Security Policy tool

C. the ASP.NET IIS Registration tool

D. the Web Site Administration Tool


参考答案:D

第2题:

Given the security constraint in a DD:// 101. 102. 103.Foo 104./Bar/Baz/* 105.POST 106. 107. 108.DEVELOPER 109. 110. And given that "MANAGER" is a valid role-name,which four are true for this security constraint?()

  • A、MANAGER can do a GET on resources in the /Bar/Baz directory.
  • B、MANAGER can do a POST on any resource in the /Bar/Baz directory.
  • C、MANAGER can do a TRACE on any resource in the /Bar/Baz directory.
  • D、DEVELOPER can do a GET on resources in the /Bar/Baz directory.
  • E、DEVELOPER can do only a POST on resources in the /Bar/Baz directory.
  • F、DEVELOPER can do a TRACE on any resource in the /Bar/Baz directory.

正确答案:A,C,D,F

第3题:

Your network contains a server named Server1 that runs Windows Server 2008 R2.You have a user named User1.You need to ensure that User1 can view the events in the Security event log. The solution must minimize the number of rights assigned to User1.What should you do?()

A. In Event Viewer, filter the Security log.

B. In Event Viewer, configure the properties of the Security log.

C. In the Local Security Policy console, modify the Security Options.

D. In the Registry Editor, add a Security Descriptor Definition Language (SDDL) value.


参考答案:D

第4题:

A developer has created a special servlet that is responsible for generating XML content that is sent to adata warehousing subsystem. This subsystem uses HTTP to request these large data files, which are compressed by the servlet to save internal network bandwidth. The developer has received a request frommanagement to create several more of these data warehousing servlets. The developer is about to copyand paste the compression code into each new servlet. Which design pattern can consolidate thiscompression code to be used by all of the data warehousing servlets?()

  • A、Facade
  • B、View Helper
  • C、Transfer Object
  • D、Intercepting Filter
  • E、Composite Facade

正确答案:D

第5题:

You need to design a method to standardize and deploy a baseline security configuration for servers. You solution must meet business requirements. What should you do?()

  • A、Create a script that installs the Hisecdc.inf security template
  • B、Use a GPO to distribute and apply the Hisec.inf security template
  • C、Use the System Policy Editor to configure each server’s security settings
  • D、Use a GPO to distribute and apply a custom security template

正确答案:D

第6题:

You work as an application developer at Contoso.com. You use Microsoft .NET Framework 3.5 and Microsoft ADO.NET to develop an application. The user name and password that is kept by the connection string is stored directly in the code of the application. You want to make sure that the password in the connection string is as protected.   What should you do? ()

  • A、 Add the connection string to the Settings.settings file.
  • B、 Add connection string to the Web.config file and use protected configuration.
  • C、 Use the TRUE setting in the Persist Security Info keyword.
  • D、 Use the FALSE setting in the Persist Security Info keyword

正确答案:B

第7题:

Which menu option must be used to grant a user the authority to add or remove users to one or more Security Groups?()

  • A、 Security Controls
  • B、 Database Access
  • C、 Set Security Profile
  • D、 Authorize Group Reassignment

正确答案:D

第8题:

Adeveloperhasusedthiscodewithinaservlet:62.if(request.isUserInRole("vip")){63.//VIP-relatedlogichere64.}Whatelsemustthedeveloperdotoensurethattheintendedsecuritygoalisachieved?()

A.Createausercalledvipinthesecurityrealm

B.Defineagroupwithinthesecurityrealmandcallitvip

C.Defineasecurity-rolenamedvipinthedeploymentdescriptor

D.Declareasecurity-role-refforvipinthedeploymentdescripto


参考答案:D

第9题:

A developer has used this code within a servlet: 62.if(request.isUserInRole("vip")) { 63.// VIP-related logic here 64.} What else must the developer do to ensure that the intended security goal is achieved?()

  • A、Create a user called vip in the security realm
  • B、Define a group within the security realm and call it vip
  • C、Define a security-role named vip in the deployment descriptor
  • D、Declare a security-role-ref for vip in the deployment descripto

正确答案:D

第10题:

A developer for the Company.com web site has been told that users may turn off cookie support in their browsers. What must the developer do to ensure that these customers can still use the web application?()  

  • A、 The developer must ensure that every URL is properly encoded using the appropriate URL rewriting APIs
  • B、 The developer must provide an alternate mechanism for managing sessions and abandon theHttpSession mechanism entirely
  • C、 The developer can ignore this issue. Web containers are required to support automatic URL rewriting when cookies are not supported
  • D、 The developer must ass the string ?id= to the end of every URL to ensure that the conversion with the browser can continue.

正确答案:A

更多相关问题
相关内容