Which code segment should you insert at line 02?

You use Microsoft Visual Studio 2010 and Microsoft .NET Framework 4.0 to create a Windows Forms application.
You plan to deploy the application to several shared client computers. You write the following code segment.
(Line numbers are included for reference only.)

01 Configuration config = ConfigurationManager.OpenExeConfiguration(exeConfigName);
02 …
03 config.Save();
04 …

You need to encrypt the connection string stored in the .config file. Which code segment should you insert at line 02?

You use Microsoft Visual Studio 2010 and Microsoft .NET Framework 4.0 to create a Windows Forms application.
You plan to deploy the application to several shared client computers. You write the following code segment.
(Line numbers are included for reference only.)

01 Configuration config = ConfigurationManager.OpenExeConfiguration(exeConfigName);
02 …
03 config.Save();
04 …

You need to encrypt the connection string stored in the .config file. Which code segment should you insert at line 02?

A.
ConnectionStringsSection section = config.GetSection(“connectionString”) as ConnectionStringsSection;
section.SectionInformation.ProtectSection(“DataProtectionConfigurationProvider”);

B.
ConnectionStringsSection section = config.GetSection(“connectionStrings”) as ConnectionStringsSection;
section.SectionInformation.ProtectSection(“DataProtectionConfigurationProvider”);

C.
ConnectionStringsSection section = config.GetSection(“connectionString”) as ConnectionStringsSection;
section.SectionInformation.ProtectSection(“RsaProtectedConfigurationProvider”);

D.
ConnectionStringsSection section = config.GetSection(“connectionStrings”) as ConnectionStringsSection;
section.SectionInformation.ProtectSection(“RsaProtectedConfigurationProvider”);

Explanation:
You encrypt and decrypt the contents of a Web.config file by using System.Configuration .DPAPIProtectedConfigurationProvider,
which uses the Windows Data Protection API (DPAPI) to encrypt and decrypt data, or System.Configuration.RSAProtectedConfigurationProvider, which
uses the RSA encryption algorithm to encrypt and decrypt data. When you use the same encrypted configuration file on many computers in a Web farm,
only System.Configuration.RSAProtectedConfigurationProvider enables you to export the
encryption keys that encrypt the data and import them on another server. This is the default setting.

CHAPTER 2 ADO.NET Connected Classes
Lesson 1: Connecting to the Data Store
Storing Encrypted Connection Strings in Web Applications (page 76)

Securing Connection Strings
(http://msdn.microsoft.com/en-us/library/89211k9b(v=vs.80).aspx)

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *