You use Microsoft .NET Framework 4.0 to develop an ASP.NET 4 Web application.
You need to encrypt the connection string information that is stored in the web.config file. The application is deployed to multiple servers.
The encryption keys that are used to encrypt the connection string information must be exportable and importable on all the servers.
You need to encrypt the connection string section of the web.config file so that the file can be used on all of the servers.
Which code segment should you use?
A.
Configuration config = WebConfigurationManager.OpenWebConfiguration(“~�) ;
ConnectionStringsSection section = (ConnectionStringsSection)config.GetSection(“connectionStrings”);
section.Sectionlnformation.ProtectSection(“RsaProtectedConfigurationProvider”);
config.Save();
B.
Configuration config = WebConfigurationManager.OpenMachineConfiguration(“~”);
ConnectionStringsSection section = (ConnectionStringsSection)config.GetSection(“connectionStrings”);
section.Sectionlnformation.ProtectSection(“RsaProtectedConfigurationProvider’*);
config.Save();
C.
Configuration config = WebConfigurationHanager.OpenWebConfiguration (“~”) ;
ConnectionStringsSection section = (ConnectionStringsSection)config.GetSection(“connectionStrings”) ;
section.Sectionlnformation.ProtectSection(“DpapiProtectedConfigurationProvider”);
config.Save ();
D.
Configuration config = WebConfigurationManager.OpenMachineConfiguration (“~”) ;
ConnectionStringsSection section = (ConnectionStringsSection)config.GetSection(“connectionStrings”) ;
section.Sectionlnformation.ProtectSection(“DpapiProtectedConfigurationProvider”);
config.Save () ;
Explanation:
You encrypt and decrypt the contents of a Web.config file by using System.Configuration .DPAPIProtectedConfigurationProvider from the System.Configuration.dll assembly, which uses
the Windows Data Protection API (DPAPI) to encrypt and decrypt data, or by using System.Configuration.RSAProtectedConfigurationProvider, which uses the RSA encryption algorithm
to encrypt and decrypt data.
When you use the same encrypted configuration file on many computers in a web farm, only System.Configuration.RSAProtectedConfigurationProvider enables you to export the
encryption keys that encrypt the data and import them on another server. This is the default setting.CHAPTER 8 Developing Reliable Applications
Lesson 3: Protecting Your Data
Storing Encrypted Connection Strings in Web Applications (page 555)