You are creating a Windows Communication Foundation (WCF) service that accepts messages from clients
when they are started. The message is defined as follows:
[MessageContract]
public class Agent
{
public string CodeName { get; set; }
public string SecretHandshake { get; set; }
}
You have the following requirements:
* The CodeName property must be sent in clear text.
* The service must be able to verify that the property value was not changed after being sent by the client.
* The SecretHandshake property must not be sent in clear text and must be readable by the service.
What should you do?
A.
Add a MessageBodyMember attribute to the CodeName property and set the ProtectionLevel to Sign.
Add a MessageBodyMember attribute to the SecretHandshake property and set the ProtectionLevel to EncryptAndSign.
B.
Add a DataProtectionPermission attribute to the each property and set the ProtectData property to true.
C.
Add an xmlText attribute to the CodeName property and set the DataType property to Signed.
Add a PasswordPropertyText attribute to the SecretHandshake property and set its value to true.
D.
Add an ImmutableObject attribute to the CodeName property and set its value property to true.
Add a Browsable attribute to the SecretHandshake property and set its value to false.
Explanation:
A message contract can indicate whether the headers and/or body of the message should be digitally signed and encrypted.This is done by setting the System.ServiceModel.MessageContractMemberAttribute.ProtectionLevel property
on the MessageHeaderAttribute and MessageBodyMemberAttribute attributes.
The property is an enumeration of the System.Net.Security.ProtectionLevel type and can be set to None (no encryption or signature),
Sign (digital signature only), or EncryptAndSign (both encryption and a digital signature). The default is EncryptAndSign.For these security features to work, you must properly configure the binding and behaviors.
If you use these security features without the proper configuration (for example, attempting to sign a message without supplying your credentials),
an exception is thrown at validation time.For message headers, the protection level is determined individually for each header.
For message body parts, the protection level can be thought of as the “minimum protection level.”
The body has only one protection level, regardless of the number of body parts.
The protection level of the body is determined by the highest ProtectionLevel property setting of all the body parts.
However, you should set the protection level of each body part to the actual minimum protection level required.Using Message Contracts
(http://msdn.microsoft.com/en-us/library/ms730255.aspx)Consider the class in the following code example.
[MessageContract]
public class PatientRecord
{
[MessageHeader(ProtectionLevel=None)] public int recordID;
[MessageHeader(ProtectionLevel=Sign)] public string patientName;
[MessageHeader(ProtectionLevel=EncryptAndSign)] public string SSN;
[MessageBodyMember(ProtectionLevel=None)] public string comments;
[MessageBodyMember(ProtectionLevel=Sign)] public string diagnosis;
[MessageBodyMember(ProtectionLevel=EncryptAndSign)] public string medicalHistory;
}
Answer A is incorrect as well. As stated in the help:
“The protection level of the body is determined by the highest ProtectionLevel property setting of all the body parts. ”
This means that the CodeName will also be encrypted. The requirement of sending the CodeName in clear-text would not be satisfied.
So what is the right answer than?
There isn’t a correct answer on this page.
A