VB.NET Answer

Taken from CERT-70-306
Related Exam: Microsoft 70-306 Developing and Implementing Windows-based Applications with Microsoft Visual Basic .NET and Microsoft Visual Studio .NET

Choice c is correct. To prevent employees from using unauthorized .NET software on the production floor computer, you should use the Caspol utility to add a Publisher condition to the ALL_CODE group at the machine level, then import your company's Publisher certificate into this condition. In this scenario, because the security issues are confined to a single computer and involve multiple users, the security conditions should be changed at the machine level. Because the enterprise level applies to all users and computers in an enterprise, its scope is too broad for use in this scenario. The user security level is used by an individual to further restrict the permission set granted to his or her user account; thus, changing the settings at the user level is inappropriate. Adding a restriction based on the publishers of the unauthorized software is impractical because of the large number of software companies in existence.

References:

VB.NET, Chapter 25, Managing Security Policy, pp. 868-877.