Which of the following specifies access privileges to a collection of resources by using the URL mapping?
Click on the arrows to vote for the correct answer
A. B. C. D.resource collection Authorization constraint User data constraint Answer: A is incorrect.
Code Access Security (CAS), in the Microsoft .NET framework, is.
Security constraint is a type of declarative security, which specifies the protection of web content.
It also specifies access privileges to a collection of resources by using the URL mapping.
A deployment descriptor is used to define the security constraint.
Security constraint includes the following elements: Web Microsoft's solution to prevent untrusted code from performing privileged actions.
When the CLR (common language runtime) loads an assembly it will obtain evidence for the assembly and use this to identify the code group that the assembly belongs to.
A code group contains a permission set (one or more permissions)
Code that performs a privileged action will perform a code access demand, which will cause the CLR to walk up the call stack and examine the permission set granted to the assembly of each method in the call stack.
The code groups and permission sets are determined by the administrator of the machine to non- authorized users.
The Access Management process essentially executes policies defined in IT Security Management.
It is sometimes also referred to as Rights Management or Identity Management.
It is part of Service Operation and the owner of Access Management is the Access Manager.
Access Management is added as a new process to ITIL V3
The sub-processes of Access Management are as follows: Maintain Catalogue of User Roles and Access Profiles Manage (ITSM) process.
It tracks all of the individual Configuration Items (CI) in an IT system, which may be as simple as a single server, or as complex as the entire IT department.
In large organizations a configuration manager may be appointed to oversee and manage the CM process.
The answer to this question is B. Security constraint.
A security constraint is a configuration element that defines access restrictions on web resources. It is used in Java web applications and specifies access privileges to a collection of resources by using URL mapping.
URL mapping is a mechanism used by web servers to map a URL pattern to a servlet or a JSP page. Security constraints can be defined in the deployment descriptor of a web application, which is an XML file named web.xml.
The security constraint element in web.xml specifies the following:
The user roles are defined in the deployment descriptor and are used to define groups of users with specific permissions. User data constraints are used to specify the data transport guarantee that must be used when accessing the resource. For example, a data constraint of CONFIDENTIAL specifies that the resource can only be accessed over a secure (HTTPS) connection.
Overall, security constraints provide a powerful mechanism for controlling access to web resources in a Java web application, and URL mapping is a key element in defining those constraints.