Security in .NET applications: which combination reflects built-in security models commonly associated with the .NET Framework?

Difficulty: Easy

Correct Answer: 2, 3

Explanation:


Introduction / Context:
.NET provides several security mechanisms. Historically, the Framework supported Code Access Security (CAS) for partially trusted code and Role-Based Security (RBS) for authorization decisions. Authentication is commonly provided by higher-level frameworks (e.g., ASP.NET), not as a core CLR security model term.



Given Data / Assumptions:
The items are:

  • 1) PIN Security (not a .NET feature)
  • 2) Code Access Security
  • 3) Role Based Security
  • 4) Authentication Security
  • 5) Biorhythm Security (nonsense option)


Concept / Approach:
The canonical .NET security models are CAS (in classic .NET Framework) and Role-Based security (often via principal/identity). “PIN Security” and “Biorhythm Security” are not part of .NET. While authentication is an application or framework service, the exam-classic pair highlighting core .NET security features is CAS and Role-Based Security.



Step-by-Step Solution:
Eliminate 1 and 5 as bogus.Recognize 2 (CAS) and 3 (RBS) as standard .NET security models.Note that 4 (Authentication Security) is not a named built-in CLR model; it is typically implemented at app/framework level.Select combination “2, 3”.


Verification / Alternative check:
Framework documentation discusses CAS (legacy) and principal-based authorization; authentication schemes live in ASP.NET/Identity, WCF, etc., rather than being a CLR model name.



Why Other Options Are Wrong:
Options including 1 or 5 include non-existent features.Including 4 shifts into application-level concerns rather than CLR security models.



Common Pitfalls:
Conflating platform security models (CAS/RBS) with app-specific authentication mechanisms.



Final Answer:
2, 3

More Questions from .NET Framework

Discussion & Comments

No comments yet. Be the first to comment!
Join Discussion