You create an assembly by using Visual Studio .NET. The assembly is responsible for writing and reading order entry information to and from an XML data file. The assembly also writes and reads values to and from the Windows registry while it is being consumed.
The assembly will be distributed to client computers by using your company, XYZ, intranet. All client computers are configured to implement the default .NET security policy.
You need to implement security in the assembly. What should you do?
Answer & Explanation
B) Implement declarative security and execute the minimum permission request to allow access to the file system and Windows registry.
You can use declarative code access security to request permissions for the entire assembly. SecurityAction flags that can be specified in an assembly-wide directive. When SecurityAction.RequestMinimum is specified, it makes a request to the common language runtime to be granted the requested permission. If the requested permission is not granted by the security policy, the assembly will not execute. A Security Action.RequestOptional is similar, but the assembly will still run even if the requested permission is not granted. Specifying security Action. RequestRefuse requests that the assembly be denied the specified permission.
You must use the Assembly (assembly) directive when specifying these actions as follows:
There are only three Security actionAttributes targets for an assembly: RequestMinimumAssembly, RequestOptionalAssembly, and RequestRefuseAssembly.
Option C, D:
Imperative security does not work well to configure security for an entire assembly. In imperative security, permission to execute is demanded at run time.