You need to achieve this goal without affecting other applications

You use Microsoft Visual Studio 2010 and Microsoft .NET Framework 4.0 to create a Microsoft
ASP.NET application. The application connects to a Microsoft SQL Server database. The application is
hosted on a Web server along with other applications. You need to secure the transmission of data
between the application and the database. You need to achieve this goal without affecting other
applications. What should you do?

You use Microsoft Visual Studio 2010 and Microsoft .NET Framework 4.0 to create a Microsoft
ASP.NET application. The application connects to a Microsoft SQL Server database. The application is
hosted on a Web server along with other applications. You need to secure the transmission of data
between the application and the database. You need to achieve this goal without affecting other
applications. What should you do?

A.
EnCrypt the connection string

B.
Use encryption to store sensitive data in the database.

C.
Use Secure Sockets Layer (SSL) to establish connections to the database

D.
Use Internet Protocol Security (IPSec) to secure the communication channel.

Explanation:
SSL is an established standard for ensuring secure HTTP transactions.
SSL provides a mechanism to perform up to 128-bit encryption on all transactions between the client
and server.
It enables the client to verify that the server belongs to a trusted entity through the use of server
certificates.
It also enables the server to confirm the identity of the client with client certificates. Each of these
issues— encryption, server identity, and client identity—are negotiated in the SSL handshake that
occurs when a client first requests a resource from a
Secure Hypertext Transfer Protocol (HTTPS) server. Essentially, the client and server each present a
list of required and preferred settings.
If a common set of requirements can be agreed upon and met, an SSL connection is established.
Internet Protocol Security (IPsec) is a set of security protocols used to transfer IP packets
confidentially across the Internet.
IPsec is mandatory for all IPv6 implementations and optional for IPv4.
An IPsec policy is a set of rules that determine which type of IP traffic needs to be secured using
IPsec and how to secure that traffic.
Only one IPsec policy is active on a computer at one time.



Leave a Reply 0

Your email address will not be published. Required fields are marked *