Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Microsoft 70-340 Exam - Cheat-Test.com

Free 70-340 Sample Questions:

1.You are an application developer for your company. You are developing an ASP.NET Web application that customers will use to order products. Certain customers, named Gold customers, have credit with your company. These customers are allowed to place orders without supplying payment information. All other customers must provide credit card information to place an order.
The ASP.NET Web site will use Forms authentication to authenticate all users. The authentication code associates a role named GoldCustomer with the current Web request if the user is a Gold customer.
Your application contains the following method, which returns a value of true if a user enters valid credit card information or a value of false if the user does not enter valid credit card information. (Line numbers are included for reference only.)
01 private bool ValidatePaymentInfo(string strCCNum, int expMonth, int expYear) {
02 if (strCCNum.Length == 0) {
03 return false;
04 }
05 if (!Regex.IsMatch(strCCNum, m_strCCPattern)) {
06 return false;
07 }
08 DateTime dtExpires = new DateTime(expYear, expMonth, 1);
09 dtExpires.AddMonths(1);
10 return (DateTime.Now >= dtExpires);
11 }
You need to replace the code at line 03 to ensure that the method returns a value of true when the customer is a member of the GoldCustomer role.
Which code segment should you use?
A: return HttpContext.Current.User.IsInRole("GoldCustomer");
B: return HttpContext.Current.User.Identity.Name == "GoldCustomer";
C: WindowsPrincipal p = new WindowsPrincipal(WindowsIdentity.GetCurrent());
return p.IsInRole("GoldCustomer");
D: return WindowsIdentity.GetCurrent().Name == "GoldCustomer";
Answer: A

2.You are an application developer for your company. You are conducting a code review of an assembly written by another developer. The assembly is named MyAssembly.exe. The assembly is for an application that accesses data in a Microsoft SQL Server database. All users of the application have access to the database by using their Microsoft Windows user accounts.
The assembly contains the following code segment.
string userid;
string password;
userid = "sa";
password = "";
SqlConnection sqlConnection = new SqlConnection();
string connectionString;
connectionString = "data source=myServer";
connectionString += ";initial catalog=myDatabase";
connectionString += ";user id=" + userid;
connectionString += ";password=" + password;
sqlConnection.ConnectionString = connectionString;
sqlConnection.Open();
You need to improve the security of the code segment.
What should you do?
A: Replace the code segment with the following code segment.
SqlConnection sqlConnection = new SqlConnection();
string connectionString;
connectionString = "data source=myServer";
connectionString += ";Integrated Security=SSPI";
connectionString += ";initial catalog=myDatabase";
sqlConnection.ConnectionString = connectionString;
sqlConnection.Open();
B: Replace the code segment with the following code segment.
SqlConnection sqlConnection = new SqlConnection();
string connectionString;
connectionString =
"data source=myserver;initial catalog=myDatabase;user id=sa;password=;";
sqlConnection.ConnectionString = connectionString;
sqlConnection.Open();
C: Run the caspol.exe -resolveperm MyAssembly.exe command from the command line.
D: Run the permview /decl MyAssembly.exe command from the command line.
Answer: A

3.You are an application developer for your company. You are reviewing the security for a console application that was written by another developer. The application uses impersonation to run as a member of the Administrators group. The following code segment is the only code that deals with security in the application.
RegistryKey key =
Registry.CurrentUser.CreateSubKey("Name");
key.SetValue("Name", "Tester");
You need to improve the security of the application.
What should you do?
A: Change the application to run as the interactive user.
B: Run the application from the command line by using the runas command and specify the Administrator account.
C: Change the application to use code access security.
D: Change the application to write to the HKEY_LOCAL_MACHINE hive.
Answer: A

4.You are an application developer for your company. You are developing a client application that queries a Microsoft SQL Server database. The application uses an unmanaged component to retrieve data from another application, and your application uses that data as part of a SQL query.
In the application code, you use a variable named externalobject to refer to the unmanaged component. A variable named calcval contains an integer value that is calculated by your application. A SqlCommand object named sqlcmd is already defined and associated with an open ADO.NET connection to the SQL Server database.
The application contains the following code segment.
string myquery;
myquery = "INSERT INTO DataStore (ExternalID, CalcValue)";
myquery += " VALUES(" + externalobject.LegacyData + ",";
myquery += calcval.ToString() + ")";
sqlcmd.CommandText = myquery;
sqlcmd.ExecuteNonQuery();
You need to improve the security of this code segment.
What should you do?
A: Place the code segment within a try-catch block.
B: In the code segment, ensure that the value of externalobject.LegacyData meets the length and type requirements of the SQL Server table.
C: Validate that externalobject.LegacyData contains only expected data and no additional SQL statements.
D: Copy the contents of externalobject.LegacyData into a string variable, and append the string variable to the SQL statement.
Answer: C

5.You are an application developer for your company. You are developing an ASP.NET Web application. All users in the company use Microsoft Internet Explorer 6.0. A group of users is testing the application. The users report that when an exception occurs, the full exception information is displayed in their Web browsers.
You need to ensure that the full exception information is not displayed when an exception occurs.
What should you do?
A: Require users to use HTTPS to access the application.
B: Trap all exceptions and display a generic error message.
C: Instruct users to enable friendly error messages in Internet Explorer.
D: Obfuscate the compiled assemblies of the application
E: Modify the application's configuration to disable custom errors.
Answer: B

6.You are an application developer for your company. You are conducting a code review of an application that was developed by another developer. The code declares a variable named permvalue and a variable named grouplist.
A portion of the application code defines security permissions for the user. The application is designed so that permvalue contains an integer that indicates various permissions within the application, and grouplist contains the name of a user group. The permvalue variable also contains values that indicate other information about the user. The grouplist and permvalue variables are initially populated by other components, which are called by the main application.
The application contains the following code segment. (Line numbers are included for reference only.)
01 switch(grouplist) {
02 case "Admin":
03 case "Administrator":
04 permvalue = permvalue | 256;
05 break;
06 case "Reviewer":
07 permvalue = permvalue | 128;
08 break;
09 case "Manager":
10 permvalue = permvalue | 64;
11 break;
12 }
The design document for the application states that permvalue must have a value of zero when the user has no permissions. The design document also states that users not belonging to one of the four predefined groups must have no permissions.
You need to ensure that the code segment assigns the correct value to permvalue in all circumstances.
What should you do?
A: Add the following code before line 01 of the code segment.
if(permvalue == 0) {
throw new ApplicationException();
}
B: Add the following code before line 01 of the code segment.
permvalue = 0;
C: Add the following code between lines 01 and 02 of the code segment.
case "":
permvalue = 0;
break;
D: Add the following code between lines 11 and 12 of the code segment.
default:
permvalue = 0;
break;
Answer: D

7.You are an application developer for your company. You are developing an application that will be used by all company users. You log on to your development computer by using a user account that has local Administrator permissions. However, most company users log on to their client computers by using an account that has only local User permissions.
You need to ensure that your testing activities accurately reflect the production environment in which the application will run.
How should you test the application?
A: Use a test certificate to digitally sign the compiled assemblies of the application.
B: Remove your user account from the local Administrators group on your development computer.
C: Add your user account to the local Users group on your development computer.
D: Run the compiled application from the command line by using the runas command and specifying a user account that has only local User permissions.
Answer: D

8.You are an application developer for your company. You create a Web application that is used by all users in the company. The application is hosted on the intranet Web server, which is named WebServer. WebServer has IIS 5.0 installed. The Web application is configured to use Integrated Windows authentication. The Web.config file specifies that the authentication mode is set to Windows.
The application connects to a Microsoft SQL Server database named DataStore. The database is located on WebServer. The SQL Server computer is configured with SQL Server logins disabled. The database connection code is shown in the following code segment.
string myConnStr;
myConnStr = @"Initial Catalog=""DataStore"";";
myConnStr = myConnStr + "Data Source=localhost;Integrated Security=SSPI;";
SqlConnection myConn = new SqlConnection(myConnStr);
string myInsert;
myInsert = "INSERT INTO Customer (CustomerID, Name) Values('123', 'John Doe')";
SqlCommand myCmd = new SqlCommand(myInsert);
myCmd.Connection = myConn;
myConn.Open();
myCmd.ExecuteNonQuery();
myCmd.Connection.Close();
When you run the application by using Microsoft Internet Explorer, you receive an error message that reads in part: "Login failed for user WebServer\ASPNET."
You need to ensure that the application can run successfully without prompting the user for a user name and password.
What should you do?
A: Change the authentication mode in IIS to basic authentication. Update the connection string.
B: Change the authentication mode in IIS to Anonymous and supply a login ID and password for a SQL Server login account that has access to the database. Update the connection string.
C: Enable Integrated Windows authentication in Internet Explorer.
D: Enable impersonation in the Web.config file.
Answer: D

9.You are an application developer for your company, which is named Litware, Inc. You are developing a Windows Forms scheduling application for a medical clinic. Each user of the application belongs to either a Windows group named Receptionist or a Windows group named Manager. The domain name is Litwareinc.
The business rules of the application state that receptionists and managers can add and remove appointments to time slots in the schedule. However, only managers can mark time slots as unavailable for scheduled appointments. The application includes the following method, which is used to mark time slots as unavailable.
private void BlockOutTime(int physicianID, DateTime dtStart, DateTime dtEnd)
You need to modify the code to ensure that an exception is thrown when the BlockOutTime method is called by a user who is not a member of the Manager group.
What should you do?
A: Add the following attribute to the method.
[PrincipalPermission(SecurityAction.Demand, Role=@"Litwareinc\Manager")]
B: Add the following attribute to the method.
[SecurityRole("Manager")]
C: Add the following attribute to the method.
[SecureMethod]
D: Add the following code segment to the beginning of the method.
PrincipalPermission p = new PrincipalPermission(null, @"Litwareinc\Manager");
p.IsUnrestricted();
Answer: A

10.You are an application developer for your company. You are developing a forms-based application that reads files that are named by users of the application. The application contains the following method.
bool approveFileName(string fileName) {
string docRoot=@"C:\MyApp\Documents\";
// Your code goes here... Throw an exception if you meet an error.
return true;
}
Users of the application must not be allowed to access files that are stored in any location other than the C:\MyApp\Documents folder.
You need to add code to the method to achieve this goal.
Which code segment or code segments should you use? (Choose all that apply.)
A:fileName=Path.GetFullPath(fileName);
B:fileName=fileName.ToUpper();
C:fileName=fileName.ToLower();
D:docRoot=docRoot.ToLower();
E:fileName=docRoot+fileName;
F:if (!fileName.StartsWith(docRoot))
throw new ApplicationException (
"User asked for file in wrong directory");
Answer: A, C, D, F


© 2014 Cheat-Test.com, All Rights Reserved