Question 21
An application will be deployed in a SharePoint 2010 server farm that is managed by department-level site collection administrators.You need to design this application to meet all the following requirements:
.The application must contain a custom Web Part that accesses the object model at the farm level.
.The application must be available anywhere in the farm as more departments require the functionality.
.The site collection administrator in each department must be able to activate the application without the help of the farm administrator.
.The level of access to the SharePoint 2010 object model must be limited. Which approach should you recommend?
A. Create the Web Part as part of a feature in a sandboxed solution. Then deploy it with a farm-level scope.
B. Create the Web Part as part of a feature in a sandboxed solution. Then deploy it by assigning a resource quota at the site collection level.
C. Create the Web Part as part of a feature. Then deploy it to the bin directory of the Web application of each department. Specify and deploy a Custom Access Security policy defining the security limitations of the Web Part.
D. Create the Web Part as part of a feature. Then deploy it to the bin directory of the Web application of each department. Delegate authority to modify the security in the Web application web.config file to the site collection administrator of each department.
解析:
本题要求你开发一个Sharepoint应用,此应用由网站集管理员进行管理,并且符合如下要求:
要求1. 必须包括一个用户定义的WebPart,此WebPart可以访问场级别的对象(资源)。
要求2. 此应用可以在场内的任何网站集上使用
要求3. 场内的网站集管理员可以不依赖于场管理员激活【注意是”激活”,不是”部署”】此应用。
要求4. 此应用访问场级别的对象(资源)的程度是受限的。
看完上面的描述,回到我们的选项,在我们的备选项中提供了两大解决思路,一是通过SandBox方式部署WebPart,一是通过部署在bin目录方式。对于WebPart的部署位置,我们在Question19做了介绍。这里只讨论本题选项中涉及到的方式。
先来分析SandBox方式,这种方式完全可以脱离场管理员的干涉,而且访问也绝对是受限的。所以在看到题干的前面部分时,我们自然首先考虑到Sandbox方式。但问题发生在要求上,尤其是要提供访问场级别的对象(资源)的能力,这个问题如果在选项中提供了Sandbox的Full Trust Proxy方式,也应该可以行得通,但问题是在我们的选项A.B中均未提及Full Trust Proxy方式,所以作为Sandbox的两个备选项就必须被排除了。
于是目光转向选项C.D,这两个选项差异在后半部分,选项C是通过CAS提供访问限制控制,代码访问安全性 (CAS) 是一种资源约束策略,用于限制程序集对受保护的系统资源和操作进行的访问。SharePoint Foundation 具有一些内置安全策略,这些安全策略是基于 ASP.NET 的内置安全策略构建的。默认情况下,SharePoint Foundation 使用一组最少的权限来确保服务器和基础结构不受恶意代码的影响。如果 Web 部件需要比最低设置中提供的权限更高的访问权限,可以使用多种方式提高 Web 部件的权限,但只推荐使用其中一种方法。采用CAS方式应该是本题的选择。至于选项D的方式,即试图为各个网站集管理员提供修改Web Application级别的Web.config文件中的关于security方面的设置的能力,貌似微软并没有提供这样的作的途径,而且,我们知道Web Application的Web.config设置影响的是整个Web Application,而绝不会达到控制其内的各个网站集的粒度,所以很明显,选项D是用来混淆视听的。
因此本题答案应该选 C
参考
http://msdn.microsoft.com/zh-cn/library/cc768621(v=office.12).aspx
http://msdn.microsoft.com/zh-cn/library/vstudio/ee696753(v=vs.100).aspx
http://msdn.microsoft.com/zh-cn/library/wyts434y.aspx
http://msdn.microsoft.com/zh-cn/library/xady2w27(v=vs.100).aspx
Question 22
You are designing several new custom applications for a SharePoint 2010 farm. One of the current applications contains a Web Part with code that requires substantial CPU and memory resources. The SharePoint farmadministrator wants to ensure that new applications containing custom code do not degrade the performance ofthe Web front-end (WFE) servers when they are deployed to the SharePoint farm.You need to enable the administrator to perform the following tasks:
.To configure the applications to run in isolation mode
.To control the resource usage of custom SharePoint applications by assigning the execution load to specified servers and perform load-balancing of the WFE servers
.To limit the resources allotted to specific applications without impacting overall farm performance and stability
Your design must meet all these requirements. Which approach should you recommend?
A. Design sandboxed solutions to deploy on the SharePoint 2010 farm. Specify that the execution of user code is to run on the same WFE server as the server that received the Web request.
B. Design sandboxed solutions to deploy on the SharePoint 2010 farm. Specify that the execution of user code is to run on any available WFE server that is running the User Code Service.
C. Design farm-scoped solutions and deploy them in the farm. Ensure that the SharePoint administrator will uninstall solutions if WFE servers are running at or near 100% CPU utilization.
D. Design user controls, load them into Web Parts, and deploy them as features in the farm. Ensure that theSharePoint administrator will deactivate these features in the farm if WFE servers are running at or near 100% CPU utilization.
解析:
本题试图让你实现某个包含有WebPart的Sharepoint应用程序,此应用程序需要消耗大量的CPU与内存资源,因此,这是作为场管理人员所忌讳的,他不愿看到因为你的这类应用程序的部署给前端Web服务器带来性能上的冲击,所以,就对你开发的此类应用程序提出了要求:
要求1. 需要把你的应用配置成”隔离”模式运行 【看到此要求,当然反应就是Sandbox了】
要求2. 需要实现在WFE上的负载均衡,并能控制其对资源的消耗。【看到负载均衡,自然就想到系统会根据各WFE的当前运行情况,动态指派相应的应用到当前最适合的WFE服务器上,因此,必然涉及多个WFE服务器】
要求3. 为保持整个场的稳定运行,需要给它分配有限的资源,以免对整个场产生冲击
看完上面的要求,已经完全能定位本题的正确选项了,即满足Sandbox,又满足多WFE服务器动态分派任务的只有选项B.
至于其它选项:
选项A. 问题在于它始终分配任务给一个WFE服务器,达不到负载均衡的目的。
选项C.D 均为场解决方案,达不到”隔离”的要求。
因此本题答案应该选 B
参考
http://msdn.microsoft.com/zh-cn/library/ee535266(v=office.14).aspx
Question 23
Your SharePoint 2010 team does not have enough development team members, time, or budget to support the requests from all of the different departments in the organization. You have the following requirements:
.Your internal IT security team requires that the SharePoint 2010 architects include the proper design specifications necessary to limit the security vulnerabilities in the applications they develop.
.Mid-level Microsoft ASP.NET developers across the organization must be able to implement SharePoint 2010 solutions that meet the security specifications with no extra training.
.You must use specific tools and procedures to ensure that possible security vulnerabilities are limited. You need to create a SharePoint 2010 design specification that directs the developers in the proper method of creating applications to minimize security issues. Which approach should you recommend?
A. Specify that developers should implement sandboxed solutions.
B. Specify that developers should implement the applications with code access security (CAS).
C. Guide developers to implement sandboxed and farm solutions.
D. Guide developers to implement and deploy custom solutions at the farm level.
解析:
本题需要你在IT部门缺乏人手的情况下,对你的Sharepoint方案设计满足如下要求:
要求1. 方案架构在安全方面需要对开发出来的应用进行限制,以免对系统造成破坏。
要求2. 中等水平的开发人员可以在不需要培训的情况下开发出满足安全需要的应用。
要求3. 你需要采取特定的工具和方法以保证应用由于安全方面产生的破坏范围。你需要指导开发人员按照你制定的设计规范和方法进行开发,以最大限度的降低安全方面的隐患。
看完上述要求,再对比备选项,很快就确定本题非Sandbox不可,只有Sandbox才能对安全进行有效限制,才能让开发人员进行放心的开发而不用过多的关注安全层面的问题,才能把应用的部署和管理分配给各部门的指定用户而减轻IT部门由于人手不够产生的工作压力。
至于其它选项,选项B:涉及到CAS,当然需要对开发人员进行相关培训。选项C.D均涉及到场应用,场应用在安全和管理方面都提高了IT部门的难度,增大了安全风险,并进一步增大了开发、维护和管理方面的工作压力。
因此本题答案应该选 A
参考
Question 24
You are designing a solution for a SharePoint 2010 site. You need to design a solution that includes:
.Custom pages to add, view, and update list items.
.Custom workflows with code on list items.
Which approach should you recommend?
A. Design a sandboxed solution that includes workflows with code and custom application pages.
B. Design multiple sandboxed solutions that include workflows with code and custom application pages.
C. Design a farm solution that includes workflows with code and custom application pages.
D. Design a farm solution that includes workflows with code. Develop list application pages and use the Stsadm tool to deploy them manually to the bin folder of the Web application.
解析:
本题要求你设计一个解决方案满足如下条件:
要求1. 开发用户应用程序页面用于查看,添加和更新列表。【这项要求就直接排除了Sandbox相关的选项,因为开发用户应用程序页面涉及到Sharepiont的文件系统的操作,这恰恰是Sandbox的限制之一】
要求2. 开发基于列表的工作流并有代码操作列表项
对于上述相关要求,我们先是排除了与Sandbox相关的选项A.B,然后转向选项C.D,选项D的主要问题是你可以直接使用VS2010来开发部署你的用户应用程序页面,且此页面所在的位置应该是{SharePoint Root}\TEMPLATE\LAYOUTS,你可以在你的VS2010开发环境中Map一个这样的目录并进行开发。
需要注意的是:由于Sandbox解决方案允许用户上载Content Pages,所以我们也可以采用变通的办法来在Sandbox方式下开发用户应用程序页面,不过这种方式开发的此类页面只能实现很简单的业务逻辑(使用Javascipt),然后我们把此页面部署到文档库中即可。对于 本题要求的增、删、改操作此方式是无能为力的。
因此本题答案应该选 C
参考
http://msdn.microsoft.com/en-us/library/gg615454(v=office.14).aspx
http://msdn.microsoft.com/en-us/library/ff798382.aspx
http://msdn.microsoft.com/en-us/magazine/ee335711.aspx