C Sharp Test Question 3
You use the .NET Framework to develop a client-server application. The server part of the application runs on a computer running Microsoft Windows Server 2003. All client computers run Microsoft Windows XP Professional.
You need to write code that performs authentication and establishes a secure connection between the server and the client. You must make sure that the Kerberos protocol is used for authentication.
You must also make sure that data is encrypted before it is transmitted over the network and decrypted when it reaches the destination.
Which code segment should you use?
C Sharp Test Question 3
This code segment (highlighted) uses the NegotiateStream class. The NegotiateStream class uses the Kerberos protocol for authentication if it is supported by both the client and the server. Windows Server 2003 and Windows XP both support the Kerberos protocol. When the value ProtectionLevel.EncryptAndSign is passed as a parameter to the AuthenticateAsServer method, it specifies that data must be encrypted and signed before it is transmitted over the network and decrypted and verified when it reaches the destination.
You should not use the following code segment because when the value ProtectionLevel.Sign is passed as a parameter to the AuthenticateAsServer method, it specifies that data should only be signed (rather than both encrypted and signed) before it is transmitted:
Wrong code
You should not use the 2nd set of code segment because it uses X509 certificates for authentication rather than the Kerberos protocol:
You should not use the 3 rd set of code segment because it uses X509 certificates for authentication rather than the Kerberos protocol:
Categories: HTML Tags: 70-536, C Sharp Test Question