RenDC
home
Human Resources
Tutorials
search
User
Home
Interview Q&A
News Feed
Add Post
Questions
Add Question
Tutorials
 » Interview Questions and Answers  » Questions  » News Feed  » Tutorials  » rendc.com

.Net code security

  Home  Microsoft .Net Technologies  .Net code security


“.Net code security frequently Asked Questions in various Dot Net Code Security job Interviews by interviewer. The set of .Net code security interview questions here ensures that you offer a perfect answer to the interview questions posed to you. Get preparation of .Net code security job interview”



10 .Net Code Security Questions And Answers

1⟩ Explain dot net Security Controls?

With the large amount of business being done on the web, security is vitally important for protecting not only confidential information such as credit card numbers, but also users’ personal details and preferences. Thus, most of the web applications require the capability to authenticate users on their web sites. Although this was easy to do in ASP.NET 1.x, you still had to write code. With ASP.NET 2.0, things have changed for the better. For security-related functionalities, ASP.NET 2.0 introduces a wide range of new controls:

<asp:Login>: Provides a standard login capability that allows the users to enter their credentials

<asp:LoginName>: Allows you to display the name of the logged-in user

<asp:LoginStatus>: Displays whether the user is authenticated or not

<asp:LoginView>: Provides various login views depending on the selected template

<asp:PasswordRecovery>: Provides the web site administrators with the capability to email the users their lost password

The login controls described here abstract most of the common tasks for which developers have to manually write code for a secured web site. Although this could be achieved in ASP.NET 1.x, you still had to add controls manually and write code. Apart from providing the user interface, ASP.NET 2.0 also provides the capability to retrieve and validate user information using Membership functionality. To this end, ASP.NET ships with a new Membership API, the aim of which is to abstract the required membership functionality from the storage of the member information.

Is this answer helpful?   | 

Answer This Question
 148 views

3⟩ Do you know role-based and code based security?

Based on the credentials of the user, the access is provided to the user.

Role-based authorization is provided by the CLR to an account. It mostly involves the code running with the privileges of the current user.

Code security is about granting and denying permissions from the permission sets.

Is this answer helpful?   | 

Answer This Question
 156 views

4⟩ Do you know Principal object?

The Principal object represents authenticated users. It contains information about user’s identity and role. You have PrincipalPermission object in .Framework that specifies user and its role. It has Demand method that checks the current user or Principal against the name and role specified in the PrincipalPermission.

Is this answer helpful?   | 

Answer This Question
 139 views

5⟩ Explain code security types?

Framework provides the security features to secure code from unauthorized users and unauthorized uses.

There are two types of code security:

Role based security: This authorizes user.

Code access security: This protects system resources from unauthorized calls.

Is this answer helpful?   | 

Answer This Question
 144 views

6⟩ What is declarative and imperative security?

Security checks can be applied imperatively or declaratively. Declarative security is applied by associating attribute declarations that specify a security action with classes or methods. Imperative security is applied by calling the appropriate methods of a Permission object that represents the Principal (for role-based security) or system resource (for code access security).

Is this answer helpful?   | 

Answer This Question
 142 views

7⟩ Tell me the differences between declarative and imperative security?

Declarative and imperative are the different syntax schemes used to implement security declarations in .NET Framework. In declarative security, attribute syntax is used. The security constraints are stored in the assembly at compile time. The disadvantage of declarative security is that there are tools which extract security requirements from the metadata in the assembly.

In imperative implementation, the attribute syntax is not used. It is implemented by writing the regular code to provide restrictions

Is this answer helpful?   | 

Answer This Question
 143 views

8⟩ Explain code access security?

Code access security protects code from unauthorized calls. You can prevent access to the system resources using Permission object. The permission object specifies user and its role. The demand method of permission object checks if specified user and role matches with the current user.

Is this answer helpful?   | 

Answer This Question
 139 views


rendc.org

rendc.org

Whether it is technological solutions or user-oriented innovations, We have put together for you the best sources of HR Interview Questions and Answers, Tech Ideas, and Programming Tutorials."

Quick Links:
Interview Question and Answer Questions Add Questions News-Feed Add Posts HR Hacks Tutorials Profile rendc.com memeph.com

© 2022 | All rights reserved.


News Letter   RENDC

welcome to www.rendc.org