GSSP-.NET GIAC GIAC Secure Software Programmer - C#.NET Free Practice Exam Questions (2025 Updated)

Martin works as a Software Developer for BlueWell Inc. He creates an ASP.NET application, named App1. During beta testing of App1, he ensures that the actual ASP.NET error messages are displayed whenever errors are encountered. He also ensures that both developers and beta testers see the actual text of the error messages.

During beta testing of App1, Martin performs beta testing of other applications also on the same test server. All the other applications display the ASP.NET error messages. After completing beta testing, Martin promotes the beta test server to a production server. He wants all the applications to display a single, user-friendly error message. Martin also wants to configure App1 and the production server to meet these goals. He removes the customErrors element from the Web.config file for App1. What else will he do to accomplish the required task with minimum administrative effort?

You work as a Windows Application Developer for ABC Inc. The company uses Visual Studio .NET 2008 as its application development platform. You create a Windows application using .NET Framework 3.5. The application captures account information. The account number has the following specifications:

l It holds literal and input characters of the alphanumeric type.

l It has a predefined format.

You must ensure that the account number is in the correct format. You must also ensure that only input characters are accepted from users. What will you do?

You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET 2005 as its application development platform. You are creating an application that reads data from and writes data to a file using the .NET Framework 2.0. You want to restrict users to read characters from a byte stream and write characters to a stream. Which of the following classes will you use to accomplish the task?

Each correct answer represents a part of the solution. Choose two.

You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET as its application development platform. You are creating an assembly. The assembly contains a public method. The Global Assembly Cache contains a second assembly. You require that the public method is only called from the second assembly. Which of the following permission classes will you use to accomplish this task?

Mark works as a Software Developer for BlueWell Inc. He develops four Windows-based applications using Visual Studio .NET. All the applications use an assembly, named Assembly1. Mark deploys the applications on the company's intranet. Later, he modifies Assembly1 and wants to ensure that all the applications use the latest version of Assembly1. Which of the following files will Mark use to accomplish this?

You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET as its application development platform. You create a Windows service application using the .NET Framework. You are required to synchronize execution of some resources across multiple processes.

What will you do to accomplish this task?

You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET 2008 as its application development platform. You are creating an ASP.NET Web application using .NET Framework 3.5. The application can be run only by a specific set of user credentials. Therefore, other applications are not permitted to employ these user credentials. The ASP.NET application uses asymmetric encryption to encrypt and decrypt messages to other servers. You are required to shield the private key that is used to encrypt and decrypt messages that are accessed by other users or applications on the same server. What will you do to accomplish the task?

You work as a Windows Application Developer for ABC Inc. The company uses Visual Studio .NET 2008 as its application development platform. You create a Windows Forms application using .NET Framework 3.5. You need to execute a method named ProcAmount in the background of the application. The method requires that an integer value 101 is passed to it. You are required to pass an integer value 101 to start a background thread. Which of the following code segments should you use?

Each correct answer represents a part of the solution. Choose two.

You work as a Software Developer for Mansoft Inc. You create an application. You want to use the application to encrypt data. You use the HashAlgorithmType enumeration to specify the algorithm used for generating Message Authentication Code (MAC) in Secure Sockets Layer (SSL) communications. Which of the following are valid values for HashAlgorithmType enumeration?

Each correct answer represents a part of the solution. Choose all that apply.

You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET 2008 as its application development platform. You are creating an ASP.NET Web application using .NET Framework 3.5. The application will be accessed by users from remote locations over the Internet. You need to use ASP.NET role management. You must ensure that any authorization information cached on remote client computers is as secure as possible. What will you do?

You work as a Software Developer for ManSoft Inc. The company uses Visual Studio.NET as its application development platform. You create an application using the .NET Framework. You use ManSoft's intranet to deploy the application to client computers. You use the security configuration of the .NET Framework to configure security for the application at the enterprise policy level. Virus attacks caused the IT manager at ManSoft Inc. to tighten the security at the machine level. Users reported that they could no longer execute the application. Which of the following options will you use to resolve this issue?

You work as a Software Developer for ManSoft Inc. The company has several branches worldwide. The company uses Visual Studio.NET 2005 as its application development platform. You create an application that will be used by all the branches of the company. You want to use declarative attributes that configure security for a serviced component of the application. Which of the following attributes will you use in order to support component, interface, or method level role checks?

You work as a Software Developer for ABC Inc. The Company uses .NET Framework as its application development platform. You are writing a method that might throw an exception at several points during its execution. You need to run several lines of code after the method runs, whether or not an exception occurs. Which of the following blocks will you use to accomplish this task?

You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET as its application development platform. You need to write a code segment that transfers the contents of a byte array named ToSend by using a NetworkStream object named NetStr. You want to use a cache of size only 8,192 bytes. Which of the following code segments will you use to accomplish the task?

You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET 2005 as its application development platform. You create a remoting application that provides stock information to customers using .NET Framework. The server component raises an event on the client computer when certain conditions are met. You must ensure that the server raises exactly one event for each client application that is registered for the event. What will you do to accomplish this task?

You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET as its application development platform. You create a method to hash data with the Secure Hash Algorithm (SHA) using .NET Framework. The hash data is passed to the method as a byte array named msg. You are required to calculate the hash of the msg array by using the SHA1. It is also mandatory to place the result into a byte array named Myhash. Which of the following code segments should you use to accomplish the task?

You work as a Web Application Developer for ABC Inc. The company uses Visual Studio .NET as its application development platform. You are creating a Web application using .NET Framework 2.0. The application will be used in Local Area Network (LAN). The Web application reads comma enclosed text files. The text files exist in a subdirectory under the Web application's root directory. You must ensure that users never directly navigate to these files in a Web browser if they are not members of the Accounting role. You are required to write an ASP.NET HTTP handler that will use the FileAuthorizationModule class. Which of the following forms of authentications will you use?

Peter works as a Software Developer for GenTech Inc. He develops an application named App1 using Visual Studio .NET. App1 uses an assembly named Assembly1. Peter installs App1 and Assembly1 to the C:\Program Files\App1 and C:\Program Files\Assembly1 folders respectively. While executing App1, Peter finds that App1 fails to execute with TypeLoadException. What will he do to resolve this issue.

Each correct answer represents a part of the solution. Choose all that apply.

Sandra works as a Software Developer for ABC Inc. She develops a Windows form named MyForm1. She wants to add a Button control named button1 to a Panel control named panel1 at runtime. Therefore, she writes the following code:

1. private void MyForm1_Load(object sender, EventArgs e)

2. {

3. Button button1 = new Button();

4. button1.Location = new Point(50,50);

5. button1.Size = new Size(100, 30);

6. button1.Text = "My First button";

7. Panel panel1 = new Panel();

8. panel1.Location = new Point(10, 100);

9. // Write code here

10. // Write code here

11. }

Which of the following code statements will Sandra write in line numbers 9 and 10? (Line numbers are for reference only.)

Each correct answer represents a part of the solution. Choose two.