Internet Explorer file downloads over SSL do not work with the cache control headers

When you try to open a Microsoft Office document or a PDF file by typing an HTTPS URL for the document in the Address bar of Internet Explorer 6 Service Pack 1 (SP1), you may receive the following error message:

Unable to download.

Internet Explorer was unable to open this site. The requested site is either unavailable or cannot be found. Please try again later. 

 

This issue occurs if the server sends a "Cache-control:no-store" header or sends a "Cache-control:no-cache" header.

 

http://support.microsoft.com/kb/323308

Pivot table on SQL Server 2000

EXECUTE ftk_pivot 'select IPG_Name, IPG_SSN from IPGeneral
group by IPG_Name, IPG_SSN', 'sum(IPG_Earnings)', 'IPG_PlanID', 'IPGeneral'

ALTER PROCEDURE [dbo].[ftk_pivot]
@select varchar(8000),
@sumfunc varchar(100),
@pivot varchar(100),
@table varchar(100)

AS

DECLARE @sql varchar(8000), @delim varchar(1)
SET NOCOUNT ON
SET ANSI_WARNINGS OFF

EXEC ('SELECT ' + @pivot + ' AS pivot INTO ##pivot FROM ' + @table + ' WHERE 1=2')
EXEC ('INSERT INTO ##pivot SELECT DISTINCT ' + @pivot + ' FROM ' + @table + ' WHERE '
+ @pivot + ' Is Not Null')

SELECT @sql='',  @sumfunc=stuff(@sumfunc, len(@sumfunc), 1, ' END)' )

SELECT @delim=CASE Sign( CharIndex('char', data_type)+CharIndex('date', data_type) )
WHEN 0 THEN '' ELSE '''' END
FROM tempdb.information_schema.columns
WHERE table_name='##pivot' AND column_name='pivot'

SELECT @sql=@sql + '''' + convert(varchar(100), pivot) + ''' = ' +
stuff(@sumfunc,charindex( '(', @sumfunc )+1, 0, ' CASE ' + @pivot + ' WHEN '
+ @delim + convert(varchar(100), pivot) + @delim + ' THEN ' ) + ', ' FROM ##pivot

DROP TABLE ##pivot

SELECT @sql=left(@sql, len(@sql)-1)
SELECT @select=stuff(@select, charindex(' FROM ', @select)+1, 0, ', ' + @sql + ' ')

EXEC (@select)

IE & Firefox compatible

Make your page Compatible

ASP.NET Runtime Impersonation

Impersonation in ASP.NET

When we are doing I/O operations, the operation system makes security checks to understand if the user is authorized to do the operation. The same thing happens when you try to do operations on another machine in your network. Impersonation in ASP.NET occurs when ASP.NET executes code in the context of an authenticated and authorized user. By default, ASP.NET run in the ASPNET account. By using impersonation we can impersonate the ASPNET account to another account that has access to resources which aren’t granted in the internet security permission. One way to impersonate a user is by using the identity element in the web.config. When you use the following code in your web.config, ASP.NET impersonates to the authenticated user or to an anonymous internet user account:

<identity impersonate="true" />

If you want to impersonate to a specific user you can use the following configuration:

<identity impersonate="true" userName="domain\username" password="password" />

Runtime Impersonation

At my customer the previous configuration examples weren’t an option. The second way to impose impersonation is by runtime. This option can be achieved by using the System.Security.Principal and the WindowsIdentity class. The WindowsIdentity class has a method that makes impersonation and returns a WindowsImpersonationContext. The problem with this class is that you need to supply to it an IntPtr which is a security access token of the user that you wish to impersonate to. The solution is to use P/Invoke and call the LogonUser Win32 API. After you get the impersonation context you can run the network operations that you seek to perform. After you finish to do your operations you need to undo the impersonation. The following code shows an example of an impersonation service class:

using System;

using System.Collections.Generic;

using System.Linq;

using System.Web;

using System.Runtime.InteropServices;

using System.Security.Principal;

namespace WebApplication1

{

public class ImpersonationService

{

#region Consts

public const int LOGON32_LOGON_INTERACTIVE = 2;

public const int LOGON32_PROVIDER_DEFAULT = 0;

#endregion

#region External API

[DllImport("advapi32.dll", SetLastError = true)]

public static extern int LogonUser(

string lpszUsername,

string lpszDomain,

string lpszPassword,

int dwLogonType,

int dwLogonProvider,

out IntPtr phToken

);

[DllImport("advapi32.dll", SetLastError = true)]

public static extern bool RevertToSelf();

[DllImport("kernel32.dll", SetLastError = true)]

public static extern int CloseHandle(IntPtr hObject);

#endregion

#region Methods

public void PerformImpersonatedTask(string username, string domain, string password, 

int logonType, int logonProvider, Action methodToPerform)

{

IntPtr token = IntPtr.Zero;

if (RevertToSelf())

{

if (LogonUser(username, domain, password, logonType,

logonProvider, out token) != 0)

{

var identity = new WindowsIdentity(token);

var impersonationContext = identity.Impersonate();

if (impersonationContext != null)

{

methodToPerform.Invoke();

impersonationContext.Undo();

}

}

else

{

// do logging

}

}

if (token != IntPtr.Zero)

{

CloseHandle(token);

}

}

#endregion

}

}

Here is an example of how to use the class in your ASP.NET application:

using System;

using System.IO;

namespace WebApplication1

{

public partial class _Default : System.Web.UI.Page

{       

#region Page Events

private void Page_Load(object sender, System.EventArgs e)

{

var service = new ImpersonationService();

service.PerformImpersonatedTask("username", "domain", "password",

ImpersonationService.LOGON32_LOGON_INTERACTIVE, ImpersonationService.LOGON32_PROVIDER_DEFAULT, new Action(MethodToPerform));

}

#endregion

#region Methods

public void MethodToPerform()

{

var serverPath = @"\\ServerName\test";

var dirInfo = new DirectoryInfo(serverPath);

Response.Write(dirInfo.Exists);

}

#endregion

}

}

Summary

In the post I showed a simple way to implement a class that impersonate to a relevant account in order to achieve some functionality that internet security permissions don’t allow.  You should consider to use the web.config instead since it does all the communication with Win32 API instead of the supplied code. The impersonation isn’t limited only to ASP.NET and can be used also in other frameworks.

#5 Practice Questions and Discussion for Exam 70-536

QUESTIONS Technology Focus: Improving the security of .NET Framework applications by using the NET Framework security features
1. You use the .NET Framework to develop a client-server application. The server part of the application runs on a computer running Microsoft Windows Server 2003. All client computers run Microsoft Windows XP Professional. You need to write code that performs authentication and establishes a secure connection between the server and the client. You must make sure that the Kerberos protocol is used for authentication.
You must also make sure that data is encrypted before it is transmitted over the network and decrypted when it reaches the destination. Which code segment should you use?

Option A: C# public void NetMethod(NetworkCredential credentials, Stream innerStream) {     NegotiateStream ns = new NegotiateStream(innerStream);     ns.AuthenticateAsServer(credentials, ProtectionLevel.EncryptAndSign,         TokenImpersonationLevel.Impersonation);     // Additional code } Visual Basic Public Sub NetMethod( _     ByVal credentials As NetworkCredential, _     ByVal innerStream As Stream)     Dim ns As NegotiateStream = New NegotiateStream(innerStream)     ns.AuthenticateAsServer(credentials, ProtectionLevel.EncryptAndSign, _     TokenImpersonationLevel.Impersonation)     ' Additional code End Sub

Option B: C# public void NetMethod(NetworkCredential credentials, Stream innerStream) {     NegotiateStream ns = new NegotiateStream(innerStream);     ns.AuthenticateAsServer(credentials, ProtectionLevel.Sign,         TokenImpersonationLevel.Impersonation);     // Additional code } Visual Basic Public Sub NetMethod( _     ByVal credentials As NetworkCredential, _     ByVal innerStream As Stream)     Dim ns As NegotiateStream = New NegotiateStream(innerStream)     ns.AuthenticateAsServer(credentials, ProtectionLevel.Sign, _     TokenImpersonationLevel.Impersonation)     ' Additional code End Sub

Option C: C# public void NetMethod(X509Certificate serverCertificate, Stream innerStream) {     SslStream ss = new SslStream(innerStream);     ss.AuthenticateAsServer(serverCertificate, true,         SslProtocols.Tls, true);     // Additional code } Visual Basic Public Sub NetMethod( _     ByVal serverCertificate As X509Certificate, _     ByVal innerStream As Stream)     Dim ss As SslStream = New SslStream(innerStream)     ss.AuthenticateAsServer(serverCertificate, True, _         SslProtocols.Tls, True)     ' Additional code End Sub

Option D: C# public void NetMethod(X509Certificate serverCertificate, Stream innerStream) {     SslStream ss = new SslStream(innerStream);     ss.AuthenticateAsServer(serverCertificate, true,         SslProtocols.Ssl3, true);     // Additional code } Visual Basic Public Sub NetMethod( _     ByVal serverCertificate As X509Certificate, _     ByVal innerStream As Stream)     Dim ss As SslStream = New SslStream(innerStream)     ss.AuthenticateAsServer(serverCertificate, True, _         SslProtocols.ssl3, True)     ' Additional code End Sub

---

2. You develop a .NET Framework application. This application is deployed throughout the company on all workstations. All workstations are networked and are part of a Microsoft Windows domain.
Your application requires certain permissions in order to run. As a domain administrator, you configure the enterprise policy to grant the required permissions to the application. This application may be part of more than one code group.
You must make sure that your application receives sufficient permissions to run at all times. You must override any policy changes made by end users that lower the permissions required by your application to run.What should you do?
A: Apply the Exclusive attribute to the application's code group on the enterprise policy level.
B: Apply the LevelFinal attribute to the application's code group on the user policy level.
C: Apply the LevelFinal attribute to the application's code group on the enterprise policy level.
D: Apply the Exclusive attribute to the application's code group on the user policy level.

---

3. You develop a .NET Framework application. The assembly is added to these four code groups at the Enterprise level policy:
* All Code code group with a permission set of Everything
* Known Code code group with a permission set of Local Intranet
* Unknown Code code group with a permission set of Internet
* Restricted Code code group with a permission set of Nothing
The assembly is not a member of any other code groups.When the assembly is executed, what permissions does the Common Language Runtime (CLR) assign to the assembly?
A: Internet
B: Everything
C: Local Intranet
D: Nothing

Double data type never get accurate result

double x,y;
x =120.0;
y = 0.05;
double z= x % y;

tried this and expected the result to be 0, but it came out 0.04933333.

However,

x =120.0;
y = 0.5;
double z= x % y;

did indeed gave the correct result of 0.

Accuracy problems

Solution:  

Since Decimal types are perfectly accurate and float’s are not, why would we still want to use the intrinsic float/double types? Short answer – performance. In my speed tests Decimal types ran over 20 times slower than their float counterparts.

So if you’re writing a financial application for a bank that has to be 100% accurate and performance is not a consideration, use the Decimal type. On the other hand, if you need performance and extremely small floating point variations don’t affect your program, stick with the float and double types.

GoDaddy FAQ

How to move Domain to another hosting plan?

1. Use File Manage to Archive your content, download to your loca computer
2. Cancel current account, wait for about 1 -24 hour, setup the other hosting plan
3. Upload Archived ZIP file, then unArchive to destination

output Excel using classic ASP

Private Sub DownloadFile(file) 
     Dim strAbsFile 
     strAbsFile = server.MapPath("..\DownloadFiles") & "\" & file
     Set objFSO = Server.CreateObject("Scripting.FileSystemObject") 
     If objFSO.FileExists(strAbsFile) Then 
         Set objFile = objFSO.GetFile(strAbsFile) 
         Response.Clear 
        Response.AddHeader "Content-Disposition", "attachment; filename=" & objFile.Name 
         'The following line not working on IIS7 & Windows2008
         'Response.AddHeader "Content-Length", objFile.Size 
         'Response.ContentType = "application/octet-stream" 
         Response.ContentType="application/x-msexcel"
         Set objStream = Server.CreateObject("ADODB.Stream") 
         objStream.Open 
         '-- set as binary 
         objStream.Type = 1 
         Response.CharSet = "UTF-8" 
         '-- load into the stream the file 
         objStream.LoadFromFile(strAbsFile) 
         '-- send the stream in the response 
         Response.BinaryWrite(objStream.Read) 
         objStream.Close 
         Set objStream = Nothing 
         Set objFile = Nothing 
     Else 'objFSO.FileExists(strAbsFile) 
         Response.Clear 
         Response.Write("No such file exists.") 
     End If 
     Set objFSO = Nothing 
 End Sub 

#4 Practice Questions and Discussion for Exam 70-536

QUESTIONS Technology Focus: Implementing serialization and input/output functionality in a .NET Framework application
1. You are developing a logging module for a large application by using the .NET Framework.You need to append logging information to a file named application.log. This log file is opened when the application is started and is closed only when the application is closed. However, you append text several times to the file during a session.
You must minimize overhead to the logging process to ensure maximum performance.Which code segment should you use to create the log file?

Option A: C# StreamWriter sw = File.CreateText(@"c:\application.log"); Visual Basic Dim sw As StreamWriter = File.CreateText("c:\application.log")

Option B: C# FileInfo fi = new FileInfo(@"c:\application.log"); FileStream fs = fi.Open(FileMode.Append); Visual Basic Dim fi As FileInfo = New FileInfo("c:\application.log") Dim fs As FileStream = fi.Open(FileMode.Append)

Option C: C# FileInfo fi = new FileInfo(@"c:\application.log"); StreamWriter sw = fi.AppendText(); Visual Basic Dim fi As FileInfo = New FileInfo("c:\application.log") Dim sw As StreamWriter = fi.AppendText()

Option D C# EventLog.LogNameFromSourceName("MyApp", "Application"); Visual Basic EventLog.LogNameFromSourceName("MyApp", "Application")

---

2. You are developing a class library by using the .NET Framework. You create the following classes:

C# public class Book {     public string Name; } public class Encyclopedia : Book {     public int Volume; } Visual Basic Public Class Book     Public Name As String End Class Public Class Encyclopedia     Inherits Book     Public Volume As Integer End Class

You must be able to serialize the objects of the Encyclopedia class to a disk file. What should you do?

Option A: C# Add the [Serializable] attribute to the Book class only. Visual Basic Add the <Serializable> attribute to the Book class only.

Option B: C# Add the [Serializable] attribute to the Encyclopedia class only. Visual Basic Add the <Serializable> attribute to the Encyclopedia class only.

Option C: C# Add the [Serializable] attribute to the Book class. Add the [Serializable] attribute to the Encyclopedia class. Visual Basic Add the <Serializable> attribute to the Book class. Add the <Serializable> attribute to the Encyclopedia class.

Option D: C# Add the [Serializable] attribute to the Encyclopedia class. Add the [NonSerialized] attribute to the Name field. Visual Basic Add the <Serializable> attribute to the Encyclopedia class. Add the <NonSerialized> attribute to the Name field.

---

3. You are developing a Windows application by using the .NET Framework. The application uses a shared assembly for personalizing the user interface of the application.The same assembly is used by several other applications on the user's machine. Any changes in the user preferences in one application must be carried over to other applications.
You need to access the user's preferences for displaying the user interface.What should you do?
A: Use the IsolatedStorageFile.GetMachineStoreForAssembly method
B: Use the IsolatedStorageFile.GetMachineStoreForDomain method.
C. Use the IsolatedStorageFile.GetUserStoreForDomain method.
D: Use the IsolatedStorageFile.GetUserStoreForAssembly method.

70-564 Braindumps: Designing and Developing ASP.NET Applications Using the Microsoft .NET Framework 3.5

Q NO: 1
You work as an application developer at Abc.com. You instructions are to develop an application by using the .NET Framework 3.5. The Abc.com network users access applications using different operating systems and different browsers. You must also add a new control in the application. The control must meet the requirements below:
The application should be coded to be accessible through the Microsoft Visual Studio .NET 2008 toolbox.The application should be coded to operate without any other prerequisite controls. What should you do?
A. You should make use of an ActiveX control.
B. You should make use of a Web Parts control.
C. You should make use of a user control.
D. You should make use of a custom server control.
Ans: D

Q NO: 2
You work as an application developer at Abc.com. You use the .NET Framework 3.5 to develop an application that runs in the context of a specific user account. No other application should make use of this user account. Your application uses an asymmetric private key to encrypt and decrypt messages to other servers. You want to prevent other users or applications on the server from accessing the private key. What should you do?
A. You should make use of the Triple Data Encryption Standard algorithm to encrypt the private key before storing it in a file.
B. You should have the private key stored in the App_Data directory.
C. You should make use of the System.Security.SecureString class.
D. You should make use of the System.Security.ProtectedData class.
Ans: D

Q NO: 3
You work as an application developer at Abc.com. You use the .NET Framework 3.5 to develop an application for an online community. The application uses Forms authentication and contains a folder that is used to store confidential files in an Excel spreadsheet. You want to prevent unauthorized, automated scripts or bots from accessing the folders in the application. What should you do? (Choose two)
A. You should have the authorization node of the lockElementsattribute value set in the Web.config file.
B. You should have a <deny> element added to the <authorization> element in the Web.config file.
C. You should have a Completely Automated Public Turing Tests implemented to Tell Computers and Humans Apart (CAPTCHA) image control on each page of the application.
D. You should have a Robots.txt file implemented in the root directory of the application.
E. You should have the Excel files mapped to the ASP.NET ISAPI filter.
Ans: B,E

Q NO: 4
You work as an application developer at Abc.com. You use the .NET Framework 3.5 to develop an application which stores data in databases implemented using Microsoft SQL Server, Microsoft Access and various third-party databases. You have been asked to design a data access solution that allows all database platforms to make use of the same data access code, defines the SQL syntax used, and decreases the vulnerability to SQL injection attacks. What should you do to make this possible?
A. You should make use of dynamic SQL statements and string concatenation.
B. You should make use of parameterized stored procedures.
C. You should make use of the SqlCommandBuilder class.
D. You should make use of dynamic SQL statements and the StringBuilder class.
E. You should make use of parameterized SQL statements.
Ans: E

Q NO: 5
You work as an application developer at Abc.com. Your instructions are to develop an application by using the .NET Framework 3.5. Following is a list of the requirements that the application should meet:
The UI element should be coded to have custom logic for implementation in the application.The UI element should be coded to accommodate utilization in multiple pages in the application.The UI element should be coded to accommodate utilization on multiple places in the application.The UI element should be coded to accommodate redistribution on other applications without sharing source code or layout files. What should you do?
A. You should have a user control created.
B. You should have a custom Web control created.
C. You should have a master page created.
D. You should have a theme created.
Ans: B

Q NO: 6
You work as an application developer at Abc.com. You use the .NET Framework 3.5 to develop an application which utilizes the ViewState to store user preferences. You want to capture the ViewState information to be saved in a Microsoft SQL Server database making use of the proper event. What should you do?
A. You should make use of the SaveStateComplete event to capture the ViewState information to be saved in a Microsoft SQL Server database.
B. You should make use of the Init event to capture the ViewState information to be saved in a Microsoft SQL Server database.
C. You should make use of the Load event to capture the ViewState information to be saved in a Microsoft SQL Server database.
D. You should make use of the InitComplete event to capture the ViewState information to be saved in a Microsoft SQL Server database.
Ans: A

Q NO: 7
You work as an application developer at Abc.com. Your instructions are to develop an application by that makes use of ViewState to save user preferences. You are also instructed to capture and save all ViewState information to a SQL Server database. What should you do?
A. You should make use of the SaveStateComplete event.
B. You should make use of the Init event.
C. You should make use of the Load event.
D. You should make use of the InitComplete event.
Ans: A

Q NO: 8
You work as an application developer at Abc.com. Your instructions are to develop an application by using the .NET Framework 3.5. The application must include a custom control library which the developers will be able to use on Web pages in multiple applications. Various state management strategies are used on these applications. You need to implement consistent state management for all instances of the control in your custom control library. What should you do?
A. You should use the ViewState state repository.
B. You should use the ApplicationState state repository.
C. You should use the ControlState state repository.
D. You should use the SessionState state repository.
Ans: C

Q NO: 9
You work as an application developer at Abc.com. Your instructions are to develop an application by using the .NET Framework 3.5 containing a page with a DataPager control named AbcPager1. You need to make sure that the KingPager1 properties are exposed to the WebPartZoner controls on all other pages where Abc.com also wants AbcPager1 to be displayed. What should you do?
A. You should have the AbcPager1 control copied into a new user control whilst adding a reference to the new user control in each page by using the @Register directive. You should modify the WebPartZone control on each page by adding a zonelement element.
B. You should have the AbcPager1 control copied into a new web form whilst adding a reference to the new web form in each page by using the @Register directive. You should modify the WebPartZone control on each page by adding a zoneelement element.
C. You should have the AbcPager1 control copied into a new user control whilst adding a reference to the new user control in each page by using the @Register directive. You should modify the WebPartZone control on each page by adding a partstyle element.
D. You should modify the WebPartZone control on each page by adding a partstyle element.
Ans: A

Q NO: 10
You work as an application developer at Abc.com. You use the .NET Framework 3.5 to develop an application. During the course of the day Abc.com directed you to evaluate the application design which uses the specifications below:
The application should be coded to store data in a Microsoft SQL Server 2008 database.The application should be coded to retrieve data using the DataContext object.The application should be coded to display data using GridView controls. You want to use the required data source control which should be used in the design of the application. What should you do?
A. You should make use of the LingDataSource data source control.
B. You should make use of the XmlDataSource data source control.
C. You should make use of the ObjectDataSource data source control.
D. You should make use of the SqlDataSource data source control.
Ans: A

Q NO: 11
You work as an application developer at Abc.com. You use the .NET Framework 3.5 to develop an application containing a Data Access Layer (DAL) supporting databases from thirdparty vendors. You have configured the application to display the data using a GridView control. Additionally, Abc.com has instructed you to code the application so that it allows paging and provides optimistic concurrency. What should you do to adequately complete this task?
A. You should make use of the SqlDataReader data access objects in the Data Access Layer (DAL).
B. You should make use of the OleDbDataAdapter data access objects in the Data Access Layer (DAL).
C. You should make use of the OleDbDataReader data access objects in the Data Access Layer (DAL).
D. You should make use of the SqlDataAdapter data access objects in the Data Access Layer (DAL).
Ans: B

70-562 Braindumps - Microsoft .NET Framework 3.5, ASP.NET Application Development

QUESTION NO: 1
You are in the process of creating an ASP.NET application using .NET Framework 3.5. The application is designed for mobile devices and contains a mobile Web form. The Web form has the following code:
<mobile:ObjectList ID="OlCrtl" OnItemCommand="OlCrtl_ItemCommand"
Runat="server">
<Command Name="cmdShowData" Text="Data" />
<Command Name="cmdClear" Text="Clear" />
</mobile:ObjectList>
You then create an event handler named OlCrtl_ItemCommand. You have to make sure that the event handler will identify the selection of the ShowData item.
What should you do?
A. You should consider writing the following code segment:
Public Sub OlCrtl_ItemCommand(ByVal sender As Object, _
ByVal e As ObjectListCommandEventArgs)
Dim olCmd As ObjectListCommand = TryCast(sender, ObjectListCommand)
If olCmd.Name = "ShowData" Then
End If
End Sub
B. You should consider writing the following code segment:
Public Sub OlCrtl_ItemCommand(ByVal sender As Object, _
ByVal e As ObjectListCommandEventArgs)
Dim olCmd As ObjectListCommand = TryCast(e.CommandSource, ObjectListCommand)
If olCmd.Name = "ShowData" Then
End If
End Sub
C. You should consider writing the following code segment:
Public Sub OlCrtl_ItemCommand(ByVal sender As Object, _
ByVal e As ObjectListCommandEventArgs)
If e.CommandName = "ShowData" Then
End If
End Sub
D. You should consider writing the following code segment:
Public Sub OlCrtl_ItemCommand(ByVal sender As Object, _
ByVal e As ObjectListCommandEventArgs)
If e.CommandArgument.ToString() = "ShowData" Then
End If
End Sub
CORRECT ANSWER: C

QUESTION NO: 2
You work as an application developer at .com. You receive an instruction from management to create an ASP.NET application ABC_App. You create the ABC_App application that uses Microsoft .NET Framework 3.5. You decide to deploy ABC_App on server in a test lab. You need to make sure that the code-behind files for the web pages are complied on the first request sent to ABC_App. You must also ensure that ABC_App provides the best possible performance. What should you do?
A. You should consider adding <compilation debug="true"> to the Web.config file.
B. You should consider adding <compilation debug="true" batch="true"> to the Web.config file.
C. You should consider adding <compilation debug="false"> to the Web.config file.
D. You should consider adding <compilation debug="auto"> to the Web.config file.
CORRECT ANSWER: C

QUESTION NO: 3
You work as an application developer at .com. You make use of Microsoft .NET Framework 3.5 to create a Microsoft ASP.NET application. You application makes use of a Microsoft SQL Server 2005 computer named -SR02. -SR02 has a default instance. -SR02 makes use of Windows Authentication. You deploy the application on -SR02. You are in the process of configuring the membership providers as well as the role management providers for the application from the command prompt. What should you do?
A. You should execute the aspnet_regsql.exe -E -S localhost -A mr command on SR02.
B. You should execute the sqlcmd.exe -S -sr02 E command on -SR02.
C. You should execute the aspnet_regsql.exe /server:localhost command on -SR02.
D. You should execute the aspnet_regiis.exe -s -sr02 command on -SR02.
CORRECT ANSWER: A

QUESTION NO: 4
You work as a Web Developer at .com. You are in the process of creating a Web application that uses Microsoft ASP.NET 3.5.
The configuration below exists in the Web.config file:
<authorization>
<deny users="?"/>
</authorization>
<authentication mode="Forms"/>
<identity impersonate="false"/>
.com hosts the Web application that uses Microsoft Internet Information Services (IIS)
6.0. The Integrated Windows Authentication is enabled in IIS and anonymous access disabled.
The application pool is configured to run as the identity \WebApp. The IIS anonymous account is \Anonymous.
The following code exists in the code-behind file for a web form:
string name = WindowsIdentity.GetCurrent().Name;
Response.Write(name);
A .com employee named RoryAllen has a domain user account named \RAllen.
He uses this account to access the page. However, Rory Allen logs in to the Web application with the user name FormsUser. You need to determine the output of this code when Rory Allen accesses the page. What will the output of this code be?
A. The output will be FormsUser.
B. The output will be \RAllen.
C. The output will be \Anonymous.
D. The output will be \WebApp.
CORRECT ANSWER: D

QUESTION NO: 5
You work as an application developer at .com. The .com network contains a web server named -SR05. -SR05 runs Microsoft Internet Information Services (IIS) 6.0 and uses Windows Authentication. You are in the process of creating an ASP.NET application using .NET Framework 3.5. The application allows users to upload files to shared folders on a file server named SR07. You decide to deploy this application on a -SR02 by making use the default ASP.NET 2.0 application pool. You receive numerous complaints from users stating that they receive an access denied message when uploading files. You need to ensure that the application functions correctly. What should you do?
A. Your subsequent step should be to add the <authentication mode="None" /> section to the Web.config file.
B. You should consider adding <identity impersonate="true" /> to the Web.config file.
C. You should consider enabling Anonymous Authentication on -SR05.
D. You should consider adding <allow users="*" /> to the <authorization> section ofthe Web.config file.
E. You should consider enabling Anonymous Authentication on -SR07.
CORRECT ANSWER: B

QUESTION NO: 6
You work as an application developer at .com. You decide to create an ASP.NET Web application on the companies' network in Microsoft .NET Framework 3.5. Your application must not allow access to anonymous users but must support users from untrusted domains. What should you do?
A. Your best choice would be to add the code below to the Web.config file:
<system.web>
<authentication mode="Windows">
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
B. Your best choice would be to add the code below to the Web.config file:
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
<authorization>
<deny users="*" />
</authorization>
</system.web>
C. Your best choice would be to add the code below to the Web.config file:
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
D. Your best choice would be to add the code below to the Web.config file:
<system.web>
<authentication mode="Windows">
</authentication>
<authorization>
<deny users="*" />
</authorization>
</system.web>
CORRECT ANSWER: C

QUESTION NO: 7
You work as an application developer at .com. You are in the process of creating a Microsoft ASP.NET application that uses Microsoft .NET Framework 3.5. You have been instructed by management to set up authentication for the newly created Web application. You have to make sure that the Web application will be able to support users from untrusted domains. However, you need to make sure that users are not able to access the application anonymously. You thus need to determine the appropriate code that should be added to the Web.config file. What should you do?
A. You should consider adding the code segment below:
<system.web>
<authentication mode="Windows">
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
B. You should consider adding the code segment below:
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
<authorization>
<deny users="*" />
</authorization>
</system.web>
C. You should consider adding the code segment below:
<system.web>
<authentication mode="Windows">
</authentication>
<authorization>
<deny users="*" />
</authorization>
</system.web>
D. You should consider adding the code segment below:
<system.web>
<authentication mode="Forms">
<forms loginUrl="login.aspx" />
</authentication>
<authorization>
<deny users="?" />
</authorization>
</system.web>
CORRECT ANSWER: D

QUESTION NO: 8
You work as an application developer at .com. You are currently creating an ASP.NET Web application. You use Microsoft .NET Framework 3.5. This application will be hosted in the Marketing department. You need to make sure that Windows Authentication is used for the application. You have to make sure that the Marketing team has access to a confidential file named accs.xls. You therefore decide to set up the necessary NTFS file system permission to accomplish this. You check and discover that all .com users are able to access the accs.xls file. What should you do?
A. You should consider removing the rights from the application pool identity to the accs.xls file.
B. You should consider adding <identity impersonate="true"/> to the Web.config file.
C. You should consider removing the NTFS permissions from the ASP.NET user to the accs.xls file.
D. You should consider adding <authentication mode="[None]"> to the Web.config file.
CORRECT ANSWER: B

QUESTION NO: 9
You work as a Web Developer at .com. You are in the process of creating a Web application that uses Microsoft ASP.NET 3.5. A third-party assembly contains custom server controls. This assembly does not contain a strong name and it's not part of the application's Microsoft Visual Studio 2008 solution. You have to make sure that the other users are able to use the custom controls. You decide to configure the applications project. What should you do?
A. You should add a project reference to the project.
B. You should add a Web reference to the project.
C. You should add a service reference to the project.
D. You should add an assembly reference to the project.
CORRECT ANSWER: D

70-536 Braindumps : Microsoft .NET Framework – Application Development Foundation

Q No: 1

You are writing a custom dictionary. The custom-dictionary class is named MyDictionary. You need to ensure that the dictionary is type safe.

Which code segment should you use?

A. Class MyDictionaryImplements Dictionary(Of String, String)

B. Class MyDictionary Inherits HashTable

C. Class MyDictionary Implements IDictionary

D. Class MyDictionary

End Class

Dim t As New Dictionary(Of String, String)

Dim dict As MyDictionary = CType(t, MyDictionary)

Answer: A

Q No: 2

You write a class named Employee that includes the following code segment.

Private m_EmployeeId As String

Private m_EmployeeName As String

Private m_JobTitleName As String

Public Function GetName() As String

Return m_EmployeeName

End Function

Public Function GetTitle() As String

Return m_JobTitleName

End Function

End Class

You need to expose this class to COM in a type library. The COM interface must also facilitate forward-compatibility across new versions of the Employee class. You need to choose a method for generating the COM interface.

What should you do?

A. Add the following attribute to the class definition.<ClassInterface(ClassInterfaceType.None)>

_Public Class Employee

B. Add the following attribute to the class

definition.<ClassInterface(ClassInterfaceType.AutoDual)> _Public Class Employee

C. Add the following attribute to the class definition.<ComVisible(True)> _Public Class Employee

D. Define an interface for the class and add the following attribute to the class definition.<ClassInterface(ClassInterfaceType.None)> _Public Class EmployeeImplements IEmployee

Answer: D

Q No: 3

You are developing a custom event handler to automatically print all open documents.

The event handler helps specify the number of copies to be printed. You need to develop a custom event arguments class to pass as a parameter to the event handler.

Which code segment should you use?

A. public class PrintingArgs {

private int copies;

public PrintingArgs(int numberOfCopies) {

this.copies = numberOfCopies;

}

public int Copies {

get { return this.copies; }

}}

B. public class PrintingArgs : EventArgs {

private int copies;

public PrintingArgs(int numberOfCopies) {

this.copies = numberOfCopies;

}

public int Copies {

get { return this.copies; }

}}

C. public class PrintingArgs {

private EventArgs eventArgs;

public PrintingArgs(EventArgs ea) {

this.eventArgs = ea;

}public EventArgs Args {get { return eventArgs; }}}

D. public class PrintingArgs : EventArgs {

private int copies;}

Answer: B

Q No: 4

You use Reflection to obtain information about a method named MyMethod.

You need to ascertain whether MyMethod is accessible to a derived class. What should you do?

A. Call the IsAssembly property of the MethodInfo class.

B. Call the IsVirtual property of the MethodInfo class.

C. Call the IsStatic property of the MethodInfo class.

D. Call the IsFamily property of the MethodInfo class.

Answer: D

Q No: 5

You are creating a class that uses unmanaged resources. This class maintains references to managed resources on other objects. You need to ensure that users of this class can explicitly release resources when the class instance ceases to be needed. Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

A. Define the class such that it inherits from the WeakReference class.

B. Define the class such that it implements the IDisposable interface.

C. Create a class destructor that calls methods on other objects to release the managed resources.

D. Create a class destructor that releases the unmanaged resources.

E. Create a Dispose method that calls System.GC.Collect to force garbage collection.

F. Create a Dispose method that releases unmanaged resources and calls methods on other objects to release the managed resources.

Answer: B, D, F

Q No: 6

You are working on a debug build of an application.

You need to find the line of code that caused an exception to be thrown. Which property of the Exception class should you use to achieve this goal?

A. Data

B. Message

C. StackTrace

D. Source

Answer: C

Q No: 7

You need to write a code segment that performs the following tasks:

* Retrieves the name of each paused service.

* Passes the name to the Add method of Collection1.

Which code segment should you use?

A. ManagementObjectSearcher^ searcher =

gcnew ManagementObjectSearcher(

"Select * from Win32_Service where State = 'Paused'");for each (ManagementObject^

svc in searcher->Get()) {

Collection1->Add(svc["DisplayName"]);}

B. ManagementObjectSearcher^ searcher =

gcnew ManagementObjectSearcher(

"Select * from Win32_Service", "State = 'Paused'");for each (ManagementObject^ svc in

searcher->Get()) {

Collection1->Add(svc["DisplayName"]);}

C. ManagementObjectSearcher^ searcher =

gcnew ManagementObjectSearcher(

"Select * from Win32_Service");for each (ManagementObject^ svc in searcher->Get()) {

if ((String^) svc["State"] == "'Paused'") {

Collection1->Add(svc["DisplayName"]);

}}

D. ManagementObjectSearcher^ searcher =

gcnew ManagementObjectSearcher();searcher->Scope = gcnew

ManagementScope("Win32_Service");for each (ManagementObject^ svc in

searcher->Get()) {

if ((String^)svc["State"] == "Paused") {

Collection1->Add(svc["DisplayName"]);

}}

Answer: A

Q No: 8

You need to serialize an object of type List(Of Integer) in a binary format. The object is named data. Which code segment should you use?

A. Dim formatter As New BinaryFormatter()Dim ms As New

MemoryStream()formatter.Serialize(ms, data)

B. Dim formatter As New BinaryFormatter()Dim ms As New MemoryStream() For i As

Integer = 1 To 20

formatter.Serialize(ms, data(i - 1))Next

C. Dim formatter As New BinaryFormatter()Dim buffer As New Byte(data.Count) {}Dim ms As New MemoryStream(buffer, True)formatter.Serialize(ms, data)

D. Dim formatter As New BinaryFormatter()Dim ms As New MemoryStream()While ms.CanRead formatter.Serialize(ms, data)End While\

Answer: A

Q No: 9

You are developing an application that dynamically loads assemblies from an application directory.

You need to write a code segment that loads an assembly named Company1.dll into the current application domain. Which code segment should you use?

A. AppDomain^ domain = AppDomain::CurrentDomain;String^ myPath =

Path::Combine(domain->BaseDirectory,

"Company1.dll");Assembly^ assm = Assembly::LoadFrom(myPath);

B. AppDomain ^ domain = AppDomain::CurrentDomain;String^ myPath =

Path::Combine(domain->BaseDirectory,

"Company1.dll");Assembly^ assm = Assembly::Load(myPath);

C.AppDomain^ domain = AppDomain::CurrentDomain;String^ myPath =

Path::Combine(domain->DynamicDirectory,

"Company1.dll");Assembly^ assm = AppDomain::CurrentDomain::Load(myPath);

D. AppDomain^ domain = AppDomain::CurrentDomain;Assembly^ assm =

Domain->GetData("Company1.dll");

Answer: A

Q No: 10

You are testing a newly developed method named PersistToDB. This method accepts a parameter of type EventLogEntry. This method does not return a value. You need to create a code segment that helps you to test the method. The code segment must read entries from the application log of local computers and then pass the entries on to the PersistToDB method. The code block must pass only events of type Error or Warning from the source MySource to the PersistToDB method.

Which code segment should you use?

A. EventLog myLog = new EventLog("Application", ".");

foreach (EventLogEntry entry in myLog.Entries)

{

if (entry.Source == "MySource")

{

PersistToDB(entry);

}

}

B. EventLog myLog = new EventLog("Application", ".");

myLog.Source = "MySource";

foreach (EventLogEntry entry in myLog.Entries)

{

if (entry.EntryType == (EventLogEntryType.Error &

EventLogEntryType.Warning))

{

PersistToDB(entry);

}

}

C. EventLog myLog = new EventLog("Application", ".");

foreach (EventLogEntry entry in myLog.Entries)

{

if (entry.Source == "MySource")

{

if (entry.EntryType == EventLogEntryType.Error ||

entry.EntryType == EventLogEntryType.Warning)

{

PersistToDB(entry);

}

}

}

D. EventLog myLog = new EventLog("Application", ".");

myLog.Source = "MySource";

foreach (EventLogEntry entry in myLog.Entries)

{

if (entry.EntryType == EventLogEntryType.Error ||

entry.EntryType == EventLogEntryType.Warning)

{

PersistToDB(entry);

}

Answer: C

Q No: 11

You are developing a class library. Portions of your code need to access system environment variables.

You need to force a runtime SecurityException only when callers that are higher in the call stack do not have the necessary permissions.

Which call method should you use?

A. Set->Demant();

B. Set->Assert();

C. Set->PermitOnly();

D. Set->Deny();

Answer: A