You are developing an ASP.NET Web API for a home inventory management system.
You need to limit access to users with IP addresses based only in the United States.
You have the following code:
Which code segments should you include in Target 1 and Target 2 to complete the code? (To
answer, drag the appropriate code segments to the correct targets in the answer area. Each code
segment may be used once, more than once, or not at all. You may need to drag the split bar
between panes or scroll to view content.)
Select and Place:
Answer: 
authorizeattribute
httpactioncontext
I’m pretty sure that the answer is wrong. The correct one is:
AuthorizeAttribute
AuthorizationContext
It seems that this depends on whether System.Web.Mvc or System.Web.Http is being used.. For Mvc: https://msdn.microsoft.com/en-us/library/system.web.mvc.authorizeattribute.onauthorization(v=vs.118).aspx#M:System.Web.Mvc.AuthorizeAttribute.OnAuthorization(System.Web.Mvc.AuthorizationContext)
For Http: https://msdn.microsoft.com/en-us/library/system.web.http.authorizeattribute.onauthorization(v=vs.118).aspx#M:System.Web.Http.AuthorizeAttribute.OnAuthorization(System.Web.Http.Controllers.HttpActionContext)
Not sure what would be the correct answer for this question now..
The book says when you use an API Controller you need to reference System.Web.Http and when you use a Mvc Controller you need to reference System.Web.Http.
Due to the question stating “You are developing an ASP.NET Web API” I conclude the answer should be AuthorizeAttribute -> HttpActionContext.