Exam : 070-529
Title : Microsoft .NET Framework 2.0 – Distributed Application Development
Ver : 02.14.07
QUESTION 1
You have a Web service that is deployed on an unsecured network
A. Apply Web Services Enhancements (WSE) 3.0 security to the Web service that is configured to use an X.509 certificate with the Sign-Only protection level.
B. Write custom code in each Web method of the Web service that encrypts the data by using the DESCryptoServiceProvider class.
C. Write a custom SOAP extension attribute class to encrypt and decrypt the SOAP message. Apply the attribute to the Web service class.
D. Apply Web Services Enhancements (WSE) 3.0 security to the Web service that is configured to use an X.509 certificate with the Sign and Encrypt protection level.
Answer: D
Explanation:
Only by using an X.509 certificate with Sign and Encrypt protection (D) can the parties of the message ensure that the message has not only not been tampered with, but that it can only be read by parties with the appropriate certificate.
Encryption on Web Services that is configurable at runtime is done through Web Services Enhancements (WSE) 3.0 security in 2.0, thus writing custom code (B) or using a custom SOAP extension (C) is not the most efficient or correct answer.
Using an X.509 certificate with Sign-Only protection (A), makes a hash of the content, and ensures at the other end that the message has not been tampered with – but does not ensure that no-one has read it along the way.
QUESTION 6
You write an XML Web service. The XML Web service contains Web methods that return large amounts of non-sensitive public data. The data is transferred over the Internet. You need to be able to detect if the data was tampered with during transit. The implementation must be configurable at run time. Your solution must minimize the impact on the performance of the Web service. What should you do?
A. Configure the virtual directory to require the Secure Sockets Layer (SSL) protocol.
B. Apply Web Services Enhancements (WSE) 3.0 security to the Web service that is configured to use an X.509 certificate with the Sign-Only protection level..
C. Apply Web Services Enhancements (WSE) 3.0 security to the Web service that is configured to use an X.509 certificate with the Sign and Encrypt protection level.
D. Configure the virtual directory
Answer: B
Explanation:
This solution does not require the encryption of “non-sensitive public data,” therefore the encryption of data using SSL (A), or using WSE 3.0 with Sign and Encrypt protection level (C) is not necessary.
Basic authentication (D) would require the signing in of clients without the need to encrypt that sign-on, but is not a part of the current solution.
Using WSE 3.0 with Sign-Only protection level (B) allows for the hashing, and digital signing of data, without the need to encrypt it. Thus meeting the needs for this solution.
Download Microsoft Exam
070-529: Microsoft .NET Framework 2.0 – Distributed Application Development:ยป Download Link
