Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
ASP.NET 4 Web Programming with C# 2010: Chapter 18 How to secure a web site COMPLETION 1. The Internet protocol that allows clients and servers to communicate over a secure connection is called ____________________. ANS: SSL Secure Sockets Layer PTS: 1 2. Before a person or company can obtain a digital secure certificate, a certification authority must check with a/an ____________________ authority to verify that the person or company is valid. ANS: registration PTS: 1 3. A _______________ certificate is one that inherits the recognition of a trusted certification authority. ANS: chained root PTS: 1 4. With IIS 7, you can use a ________________ certificate instead of a trial certificate for testing secure web sites. ANS: self-signed PTS: 1 5. Write code that uses the ConfigurationManager class to retrieve an application’s path from a web.config file with the following settings: <appSettings> <add key="AppPath" value="//localhost/aspnet_2010/HalloweenStore/" /> </appSettings> _____________________________________________________________________ ANS: ConfigurationManager.AppSettings["AppPath"] PTS: 1 6. To check whether a page is using a secure connection, you can use the IsSecureConnection property of the _______________ object. ANS: HttpRequest Request PTS: 1 MULTIPLE CHOICE 1. To determine whether you’re transmitting data over a secure connection, you can a. b. c. d. check the appSettings section of the web.config file refer to the URL in the browser’s address bar check for a lock icon in the browser’s title bar watch for the security alert that’s displayed whenever you’re about to establish a secure connection ANS: B PTS: 1 2. For which of the following purposes is a digital secure certificate not used? a. b. c. d. To establish the identity of the client To establish the identity of the server To determine if a security alert is displayed before a secure connection is established To provide information needed to encrypt data ANS: C PTS: 1 3. A certification authority is a company that a. b. c. d. issues digital secure certificates verifies the information provided by a registration authority installs digital secure certificates enables SSL ANS: A PTS: 1 4. Which of the following statements is not true about SSL strength? a. b. c. d. It determines the level of encryption that a secure connection uses. It determines whether a secure connection can be used. It depends on the strength supported by the web server. It depends on the strength supported by the browser. ANS: B PTS: 1 5. Single root certificates a. b. c. d. are issued by a trusted certification authority are known to browser vendors have been added to many of the most popular browsers all of the above ANS: D PTS: 1 6. Which of the following functions are provided by IIS? a. Creating a certificate file that can be used to request a certificate b. Requesting a certificate file from a certification authority c. Installing a certificate d. All of the above e. A and C only ANS: E PTS: 1 7. To request a secure connection in an ASP.NET application, you must a. b. c. d. e. use an absolute URL use a URL that specifies HTTPS as the protocol code the application path in the web.config file all of the above A and B only ANS: E PTS: 1 8. Which of the following statements about secure connections is true? a. If a page that requires a secure connection can only be accessed from other pages in the web site, it’s not necessary to force the page to use a secure connection. b. The only way to be sure that a page uses a secure connection is to check the HTTP request in the Load event of the page. c. A user can access a page in a web site without using a secure connection by bypassing the navigation features of the web site. ANS: C PTS: 1