Home » Microsoft » 70-643 » What should you do?
You install the Web Server (IIS) server role on a new server that runs Windows Server 2008 R2. You install a Microsoft .NET Framework application on a Web site on the Web server.
The application launches a process that presents a real-time graphical report to the Web browser and creates a text report file on the hard disk drive.
The company security policy states that the application must not perform any of the following tasks:
Write to the event log.
Access Open Database Connectivity (ODBC) data sources. Make network or Web service calls.
You need to configure the Web site so that the application can be executed. You must ensure that the application meets the outlined security requirements.
What should you do?
A. Set the .NET Framework trust level to Full for the Web site.
B. Set the .NET Framework trust level to Low for the Web site.
C. Set the .NET Framework trust level to High for the Web site.
D. Set the .NET Framework trust level to Medium for the Web site.
Correct Answer: D
Explanation/Reference:
Use the .NET Trust Levels feature page to set the trust element in the web.config file. The trust element enables you to configure the level of code access security (CAS) that is applied to an application.
Full (internal) – Specifies unrestricted permissions. Grants the ASP.NET application permissions to access any resource that is subject to operating system security. All privileged operations are supported.
High (web_hightrust.config) – Specifies a high level of code access security, which means that the application cannot do any one of the following things by default:
Call unmanaged code.
Call serviced components.
Write to the event log.
Access Message Queuing service queues.
Access ODBC, OleDb, or Oracle data sources.
Medium (web_mediumtrust.config) – Specifies a medium level of code access security, which means that, in addition to High Trust Level restrictions, the ASP.NET application cannot do any of the following things by default:
Access files outside the application directory.
Access the registry.
Make network or Web service calls.
Low (web_lowtrust.config) – Specifies a low level of code access security, which means that, in addition to Medium Trust Level restrictions, the application cannot do any of the following things by default:
Write to the file system.
Call the Assert method.
Minimal (web_minimaltrust.config) – Specifies a minimal level of code access security, which means that the application has only execute permissions.
Source: http://technet.microsoft.com/en-us/library/cc754779.aspx
