What should you do?

You are developing a Windows Communication Foundation (WCF) service.
You need to enable security auditing for all events. What should you do?

You are developing a Windows Communication Foundation (WCF) service.
You need to enable security auditing for all events. What should you do?

A.
Set the serviceAuthorizationAuditLevel setting to Success and the messageAuthenticationAuditLevel setting to Success.

B.
Set the messageAuthenticationAuditLevel setting to Success and the auditLogLocation setting to Application.

C.
Set the serviceAuthorizationAuditLevel setting to SuccessAndFailure and the messageAuthenticationAuditLevel setting to SuccessAndFailure.

D.
Set the messageAuthenticationAuditLevel setting to SuccessAndFailure and the auditLogLocation setting to Security.

Explanation:
<serviceSecurityAudit>
Specifies settings that enable auditing of security events during service operations.

<serviceSecurityAudit
auditLogLocation=”Default/Application/Security”
messageAuthenticationAuditLevel= None/Success/Failure/SuccessAndFailure”
serviceAuthorizationAuditLevel=”None/Success/Failure/SuccessAndFailure”
suppressAuditFailure=”Boolean”
/>

serviceAuthorizationAuditLevel
Specifies the types of authorization events that are recorded in the audit log. Valid values include the following:
None: No auditing of service authorization events is performed.
Success: Only successful service authorization events are audited.
Failure: Only failure service authorization events are audited.
SuccessAndFailure: Both success and failure service authorization events are audited.
The default value is None. For more information, see AuditLevel.

messageAuthenticationAuditLevel
Specifies the type of message authentication audit events logged. Valid values include the following:
None: No audit events are generated.
Success: Only successful security (full validation including message signature validation, cipher, and token validation) events are logged.
Failure: Only failure events are logged.
SuccessAndFailure: Both success and failure events are logged.
The default value is None. For more information, see AuditLevel.

ServiceAuthorizationAuditLevel
Gets or sets the type of authorization events to audit at the service level.

<messageAuthenticationAuditLevel>
Gets or sets the type of authentication events to audit at the message level.

AuditLogLocation Enumeration
Specifies the location where security-related event logs are written.

Default Specifies the default location, which is determined by the operating system. If writing to the Security
log is supported (such as on and and later platforms), the default log location is the Security log.
Otherwise (such as in ), the default log location is the Application log.
Application Specifies the Application log in the event log.
Security Specifies the Security log in the event log. The calling thread must have SeAuditPrivilege to be able to write to the Security log.



Leave a Reply 1

Your email address will not be published. Required fields are marked *