You are implementing an ASP.NET Web site that will be accessed by an international audience. The site contains global and local resources for display elements that must be translated into the language that is selected by the user. You need to ensure that 

第1题：

You are implementing a Web page that displays text that was typed by a user. You need to display the user input in the Web page so that a cross-site scripting attack will be prevented. What should you do？（）

• A、Call document.write.
• B、Call Response.Write.
• C、Call HttpUtility.UrlEncode.
• D、Call HttpUtility.HtmlEncode.

第2题：

You create a Web site. The Web site has many predefined roles and associated users that will be used for security purposes. You need to manage these roles and user accounts. Which tool should you use? （）

• A、the Microsoft .NET Framework Configuration tool
• B、the Code Access Security Policy tool
• C、the ASP.NET IIS Registration tool
• D、the Web Site Administration Tool

第3题：

You create a Web site that you must copy from a development server to a testing server, along with all source files. You do not have terminal access to the testing server. You need to create the virtual directory. Then you must copy the Web site to the virtual directory on the testing server without precompiling the site. What should you do?（）

• A、Use the Publish Web tool.
• B、Use the Copy Web tool.
• C、Use the command line to XCOPY the files.
• D、Create a Web Setup project.

第4题：

You are an IIS Web server administrator implementing authentication settings for a new Web site.According to the requirements for the Human Resources Web site， users should be prompted forauthentication information when they attempt to access the site. The site will be accessed only by userswho have accounts in your organization’s Active Directory domain. You have already configured the filesystem permissions for the content based on the appropriate settings. You also want to maximize securityof the site. Which two actions should you take to meet these requirements？（）

• A、Enable Windows authentication.
• B、Enable basic authentication.
• C、Disable anonymous authentication.
• D、Enable anonymous authentication.

第5题：

You have a public computer that runs Windows XP Professional. All users log on to the computer by using the same user account. You log on to the computer by using the local administrator account and attempt to access a secure Web site. You discover that you have automatically logged on to the secure Web site by using the credential of another user. You need to connect to the secure Web site by using your own credentials. What should you do?（）

• A、Run ipconfig /flushdns at the command prompt. 
• B、Reset the password for the local administrator user account. 
• C、From the Internet Options in Internet Explorer, clear the AutoComplete history.
• D、From the Internet Options in Internet Explorer, delete the Temporary Internet Files. 

第6题：

You write a Web application. This application must support multiple languages. You store the localized strings in the application as resources. You want these resources to be accessed according to a users language preference. You create the following resource files in the App_GlobalResources folder of your application.myStrings.resxmyStrings.enCA.resxmyString.en-US.resxmyStrings.fr-CA.resxmyStrings.es-MX.resx resource file stores a localized version of the following strings: Name, E-mail, Address, and Phone. You create a Web Form that contains one label for each of these strings. You need to ensure that the correct localized version of each string is displayed in each label, according to a users language preference. What should you do? （）

• A、Add the following configuration section to the Web.config file.
• B、Set the directive for each page in your site as follows:<%@ page="" uiculture="“Auto”">
• C、Add the following code segment to the pages load event.lblName.Text = @”{myStrings}Name”; lblAddress.Text = @”{myStrings}Address”; lblEmail.Text = @”{myStrings}Email”; lblPhone.Text = @”{myStrings}Phone”;
• D、Add the following code segment to the pages load event. lblName.Text = Resources.myStrings.Name; lblAddress.Text = Resources.myStrings.Address; lblEmail.Text = Resources.myStrings.Email; lblPhone.Text = Resources.myStrings.Phone;

第7题：

You have a server that runs Windows Server 2008. The server has the Web Server （IIS） server role installed.   The server contains a Web site that is configured to use only Windows Authentication. You have a security group named Group1 that contains several user accounts.  You need to prevent the members of Group1 from accessing a Web site. You must not prevent other users from accessing the Web site.  Which Web site feature should you configure？（）

• A、Authentication
• B、Authorization Rules
• C、IIS Manager Permissions
• D、SSL Settings

第8题：

You have a Windows Server 2008 server that has the Web Server （IIS） server role installed. The servercontains a Web site. You need to ensure that the cookies sent from the Web site are encrypted on userscomputers. Which Web site feature should you configure？（）

• A、Authorization Rules
• B、Machine Key
• C、Pages And Controls
• D、SSL Settings

第9题：

第10题：

You work as the IT professional in an international company which is named Wiikigo. You are experiencedin implementing and administering a network operating system. You are specialized in deploying servers，configuring Windows Server 2008 Terminal services and network application services， and configuring aweb services infrastructure. You are in charge of a server that runs Windows Server 2008. The server hasthe Web Server （IIS） server role installed. The Web developer at your company creates a new Web sitethat runs an ASP.NET 3.0 Web application. The ASP.NET Web application must run under a securitycontext that is separate from any other ASP.NET application on the Web server. You create a local useraccount and grant account rights and permissions to run the ASP.NET Web application. Authentication forthe new Web site should be configured to support the Web application. What action should you perform？（）

• A、The ASP.NET Impersonation setting should be configured to Enabled. Edit the ASP.NET Impersonation setting by specifying the new local user account.
• B、The Windows Authentication setting should be configured to Enabled.
• C、The Forms Authentication setting should be configured to Enabled by using all the default settings.
• D、The ASP.NET State Service should be configured to log on to the new local user account by using the Services console.

第11题：

You work as the IT professional in an international company which is named Wiikigo. You are experiencedin implementing and administering a network operating system. You are specialized in deploying servers，configuring Windows Server 2008 Terminal services and network application services， and configuring aweb services infrastructure. You are in charge of a server that runs Windows Server 2008. The server hasthe Web Server （IIS） server role installed. The server contains a Web site that is configured to use onlyWindows Authentication. You have a security group named Group1 that contains several user accounts.Now you receive an order from the company management. According to the company requirement， youhave to prevent the members of Group1 from accessing a Web site. But you are not allowed prevent otherusers from accessing the Web site. Which Web site feature should you configure？（）

• A、You should configure SSL Settings
• B、You should configure Authentication
• C、You should configure Authorization Rules
• D、You should configure IIS Manager Permissions

第12题：

You manage a server that runs Windows Server 2008. The server has the Web Server （IIS） role installed. The Web developer at your company creates a new Web site that runs an ASP.NET 3.0 Web application.  The ASP.NET Web application must run under a security context that is separate from any other ASP.NET application on the Web server.  You create a local user account and grant account rights and permissions to run the ASP.NET Web application.  You need to configure authentication for the new Web site to support the Web application. What should you do？（）

• A、Configure the Windows Authentication setting to Enabled.
• B、Configure the Forms Authentication setting to Enabled by using all the default settings.
• C、Configure the ASP.NET State service to log on to the new local user account by using the Services console.
• D、Configure the ASP.NET Impersonation setting to Enabled. Edit the ASP.NET Impersonation setting by specifying the new local user account.

第13题：

You have a Windows Server 2008 server that has the Web Server （IIS） server role installed. The server contains a Web site.  You need to ensure that the cookies sent from the Web site are encrypted on users computers.  Which Web site feature should you configure？（）

• A、Authorization Rules
• B、Machine Key
• C、Pages And Controls
• D、SSL Settings

第14题：

You are implementing an ASP.NET Web site. The site uses a component that must be dynamically configured before it can be used within site pages. You create a static method named SiteHelper.Configure that configures the component. You need to add a code segment to the Global.asax file that invokes the SiteHelper.Configure method the first time， and only the first time， that any page in the site is requested. Which code segment should you use？ （）

• A、void Application_Start（object sender， EventArgs e） { SiteHelper.Configure（）； }
• B、void Application_Init（object sender， EventArgs e） { SiteHelper.Configure（）； }
• C、void Application_BeginRequest（object sender， EventArgs e） { SiteHelper.Configure（）； }
• D、Object lockObject = new Object（）； void Application_BeginRequest（object sender， EventArgs e） { lock（lockObject（）） { SiteHelper.Configure（）； } }

第15题：

You are creating an ASP.NET Web site. The site contains pages that are available to anonymous users. The site also contains a page named Premium.aspx that provides premium content to only members of a group named Subscribers. You need to modify the web.config file to ensure that Premium.aspx can be accessed by only members of the Subscribers group. Which configuration should you use？（）

• A、<location path="Premium.aspx"> <system.web> <authorization> <allow users="Subscribers"/>            <deny users="*"/> </authorization> </system.web> </location> 
• B、<location path="Premium.aspx"> <system.web> <authorization> <allow roles="Subscribers"/>             <deny users="*"/> </authorization> </system.web> </location> 
• C、<location path="Premium.aspx"> <system.web> <authorization> <allow roles="Subscribers"/>             <deny users="?"/> </authorization> </system.web> </location> 
• D、<location path="Premium.aspx"> <system.web> <authorization> <deny users="*"/> <allow roles="Subscribers"/> </authorization> </system.web> </location>

第16题：

You create a Web site that is for members only. The behavior of the Web site changes according to the role of the user. The Web site uses the ASP.NET Membership control for creation of user accounts. You need to find out whether a user is a member of a particular role. What should you do?（）

• A、Pass the user names and passwords to Membership.ValidateUser.
• B、Pass the role names to User.IsInRole.
• C、Pass the role names to Roles.RoleExists.
• D、Pass the user names to Membership.GetUser.

第17题：