← Back to exam page

GSSP-.NET GIAC GIAC Secure Software Programmer - C#.NET

Loading demo links...

Showing 10–12 of 20 questions

Question 10 (Volume B)

You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET 2008 as its application development platform. You create an ASP.NET Web application using the .NET Framework 3.5. The application is used to map HTTP requests to HTTP handlers based on a file name extension. You need to ensure that each HTTP handler processes individual HTTP URLs or groups of URL extensions in the application. Which of the following built-in HTTP handlers will you use to accomplish this task?

Each correct answer represents a part of the solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • Web service handler (*.asmx)

  • Generic handler (*.ashx)

  • Generic Web handler (*.ashx)

  • ASP.NET page handler (*.aspx)

  • Trace handler (trace.axd)


Question 11 (Volume C)

You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET

2005 as its application development platform. You have recently finished development of Web services using the .NET Framework. The access control to Web services is part of your accountability. You are currently revealing an existing class as a XML Web service. You are required to ensure that the XML Web service is exclusively accessible to Web service clients within the ABC Inc. domain. To fulfill this requirement you want to change the access modifiers on methods that must be represented as Web methods. What will you do to accomplish this task?

Select an option, then click Submit answer.

  • Use the Public access modifier for each Web method.

  • Use the Private access modifier for each Web method.

  • Use the Internal or Friend access modifier for each Web method.

  • Use the Protected access modifier for each Web method.


Question 12 (Volume A)

Allen works as a Software Developer for ABC Research Center. This research center has its subsidiaries in different cities. Allen wants to retrieve a Soil Test Report for the

Geological Survey Department. He wants the test report to be available to all the members of the department over the Internet. He creates an XML Web service named

SampleReport. SampleReport contains a Web method named SoilTestDetails that requires additional security. Allen decides to use generic rolebased security to secure the

SoilTestDetails method from unauthorized users.

Allen writes code to ensure that once a user is authenticated, a user identity named Generic is created. The Generic user identity has a group membership named GeoSurvey to allow the authenticated users access to the SoilTestDetails Web method. Which of the following code segments should Allen use to accomplish the task?

Select an option, then click Submit answer.

  • Dim GenIdentity As GenericIdentity = New GenericIdentity("Generic", "Custom")
    Dim GesRoles() As String= {"GeoSurvey"}
    Dim GeoPrincipal As GenericPrincipal = New GenericPrincipal(GenIdentity, GeoRoles)
    Thread.CurrentPrincipal = GeoPrincipal

  • Dim GeoIdentity As IIdentity = New GenericIdentity("Generic", "GeoSurvey")
    Dim GeoPrincipal As IPrincipal = New WindowsPrincipal((WindowsIdentity) GeoIdentity)
    Thread.CurrentPrincipal = GeoPrincipal

  • Dim GeoIdentity As IIdentity = New GenericIdentity("Generic", "Custom")
    Dim WinGeoIdentity As WindowsIdentity = (WindowsIdentity) GeoIdentity
    Dim GeoRoles() As String = {"GeoSurvey"}
    Dim GenGeoPrincipal As GenericPrincipal = New GenericPrincipal(WinGeoIdentity, GeoRoles)
    WindowsIdentity.Impersonate(WinGeoIdentity.Token)

  • Dim MyGenericIdentity As System.Security.Principal.IIdentity = New
    GenericIdentity("Generic",
    "Custom")
    Dim GeoRoles() As String = {"GeoSurvey"}
    GenericPrincipal GenGeoPrincipal = new GenericPrincipal(MyGenericIdentity, GeoRoles);
    MyGenericIdentity = WindowsIdentity.GetCurrent();