C# Answer

Taken from CERT-70-316
Related Exam: Microsoft 70-316 Developing and Implementing Windows-based Applications with Microsoft Visual C# .NET and Microsoft Visual Studio .NET

Choice c is correct. To prevent employees from using unauthorized .NET software on the production floor computer, you should use the Caspol utility to add a Publisher condition to the ALL_CODE group at the machine level, then import your company's Publisher certificate into this condition. In this scenario, because the security issues are confined to a single computer and involve multiple users, the security conditions should be changed at the machine level. Because the enterprise level applies to all users and computers in an enterprise, its scope is too broad for use in this scenario. The user security level is used by an individual to further restrict the permission set granted to his or her user account; thus, changing the settings at the user level is inappropriate. Adding a restriction based on the publishers of the unauthorized software is impractical because of the large number of software companies in existence.

References:

MSDN, Contents, ".NET Development," ".NET Framework SDK," "Product Documentation," "Configuring Applications," "Configuring Security Policy," "Configuring Security Policy Using the Code Access Security Policy Tool (Caspol.exe)," "Configuring Code Groups Using Caspol.exe."