Asp Net Questionnaire[1]

ASP.NET Questionnaire

Number:

1

Heading:

State / Session management

Question:

Why a conventional ASP web page is considered to be stateless amd how do u overcome this using ASP.NET?

Answer:

Whenver a URL request is made, Web server creates instance of requested web form, generates HTML and posts it to browser for rendering. It then destroys instance of web form on the server. When user submits data back to the web server, a new instance of web form is created which has no knowledge of earlier webform. Hence conventional web page is stateless. In ASP.NET before web form get destroyed the state of the webform is stored in Viewstate(hidden control) on the page and when the page is posted back, the state of the webform is restored from view state.

Comments: Level:

SE

Number:

2

Heading:

State / Session management

Question:

What is a web-farm and how do u manage session in web-farm?

Answer:

A web-farm is group of webservers hosting a single web application. Sice the web application is shared across multiple servers, session info can not be stored in process memory of any of servers. It should be stored in a centralizes database or state machine.

Comments: Level:

SSE

Number:

3

Heading:

State / Session management

Question:

How do you preserve persistent data, such as simple variables, in a Web application?

Answer:

You can preserve data in state variables, such as ApplicationState, SessionState, or ViewState.

Comments: Level:

SE

Number:

4

Heading:

State / Session management

Compiled by [email protected]

Page 1 of 20

ASP.NET Questionnaire Question:

How cookieless session works in ASP.NET?

Answer:

In cookieless session session id gets embedded in URL automatically. So when url request is made, session id is stripped from URL by ASP.NET And is used to identify session information belonging to user.

Comments: Level:

TL

Number:

5

Heading:

State / Session management

Question:

Does cookieless session works when absolute paths are specified ?

Answer:

No cookieless session does not work with absolute paths. It works only with relative path.

Comments: Level:

TL

Number:

6

Heading:

State / Session management

Question:

Is it possible to protect view state from tampering when it's passed over an unencrypted channel?

Answer:

Yes. Simply include an @ Page directive with an EnableViewStateMac="true" attribute in each ASPX file you wish to protect, or include the following statement in Web.config: his configuration directive appends a hash (officially called the message authentication code, or MAC) to view state values round-tripped to the client and enables ASP.NET to detect altered view state. If ASP.NET determines that view state has been altered when a page posts back to the server, it throws an exception. The hash is generated by appending a secret key (the validationKey value attached to the <machineKey> element in Machine.config) to the view state and hashing the result. An attacker can't modify view state and fix up the hash without knowing the secret key, too.

Comments: Level:

TL

Compiled by [email protected]

Page 2 of 20

ASP.NET Questionnaire Number:

7

Heading:

State / Session management

Question:

How do u synchronize access to Application variables by multiple threads.

Answer:

Use Application.Lock and Application.Unlock before accessing Application Variables.

Comments: Level:

SE

Number:

8

Heading:

State / Session management

Question:

How do u cache a web page in ASP.NET?

Answer:

<%@ outputcache duration=”60” varybyparam=”none”>

Comments: Level:

SE

Number:

9

Heading:

State / Session management

Question:

What is difference between following statements 1 - <%@ outputcache duration=”60” varybyparam=”none”> 2 - <%@ outputcache duration=”60” varybyparam=”*”> 3 - <%@ outputcache duration=”60” varybyparam=”name”>

Answer:

Statement 1 caches only one version of the page irrespective of querystring parameters. Statement 2 caches multiple versions of same page I any of quewrystring parameter varies. Statement 3 caches multiple versions of the page for different values of parameter xyz.

Comments:

Related to 8

Level:

SE

Number:

10

Heading:

State / Session management

Question:

What is difference between canche.insert and cache.add method

Answer:

The Add and Insert methods have the same signature, but there are subtle differences between them. First, calling the Add method returns an object that represents the cached item, while calling Insert does not. Second, their behavior is different if you call these methods and add an item to the cache

Compiled by [email protected]

Page 3 of 20

ASP.NET Questionnaire that is already stored there. The Insert method replaces the item, while the Add method fails. Comments: Level:

SSE

Number:

11

Heading:

State / Session management

Question:

What is cache dependency and how do u add it?

Answer:

If object1 has Cache dependency on object2 , then whnever object2 changes, object1 is removed from the cache. e.g. following example sets up a database connection string denedency on xml file. Cache.Insert("MyData1", connectionString, new CacheDependency(Server.MapPath(\\myServer\myConfig.xml)));

Comments: Level:

SE

Number:

12

Heading:

State / Session management

Question:

What are 2 expiration policies for Cached objects?

Answer:

1. Absolute expiration: This is fixed duration expiration. For cache duration of 10 seconds, object is removed from cache after 10 seconds no matter what. 2. Sliding expiration: Canche duration varies based on frequency of access. E.g. If there is sliding expiration of 10 seconds and item is accessed from the cached again at 8th second, then object is reached again for the next 10 seconds

Comments: Level:

SE

Number:

13

Heading:

State / Session management

Question:

What is fragment caching?

Answer:

Fragment caching is caching enabled for ascx controls.

Comments: Compiled by [email protected]

Page 4 of 20

ASP.NET Questionnaire Level:

SSE

Number:

14

Heading:

State / Session management

Question:

How do u notify an application when an item is removed from the cache?

Answer:

By implementing event CacheItemRemovedCallBack.

Comments: Level:

SSE

Number:

15

Heading:

ASP.NET Web-forms Life Cycle

Question:

What is the main difference between the Button server control and the Button HTML control?

Answer:

When clicked, the Button server control triggers an ASP.NET Click event procedure on the server. The Button HTML control triggers the event procedure indicated in the button' s onclick attribute, which runs on the client.

Comments: Level:

SE

Number:

16

Heading:

ASP.NET Web-forms Life Cycle

Question:

List two different exception-handling approaches in ASP.NET Web applications.

Answer:

Exceptions can be handled in exception-handling blocks using the Try, Catch, and Finally keywords in Visual Basic .NET or the try, catch, and finally keywords in Visual C#. They can also be handled using Error event procedures at the Global, Application, or Page levels using the Server object' s GetLastError and ClearError methods.

Comments: Level:

SSE

Number:

17

Heading:

ASP.NET Web-forms Life Cycle

Compiled by [email protected]

Page 5 of 20

ASP.NET Questionnaire Question:

Write the HTML for a hyperlink that will send mail when the user clicks the link.

Answer:

Send mail

Comments: Level:

SE

Number:

18

Heading:

ASP.NET Web-forms Life Cycle

Question:

Show the code that writes a cookie containing the user name “Rob Young” and the current date to the user' s computer. Set the cookie to remain on the user' s computer for 30 days.

Answer:

HttpCookie cookUserInfo = new HttpCookie("UserInfo") CookUserInfo["Name"] = "Rob Young" CookUserInfo["Time"] = DateTime.Now.ToString() cookUserInfo.Expires = DateTime.Now.AddDays(30) Response.Cookies.Add(cookUserInfo)

Comments:

Code shown is written in C#

Level:

SE

Number:

19

Heading:

ASP.NET Web-forms Life Cycle

Question:

What is the difference between the CurrentCulture property and the CurrentUICulture property?

Answer:

The CurrentCulture property affects how the .NET Framework handles dates, currencies, sorting, and formatting issues. The CurrentUICulture property determines which satellite assembly is used when loading resources.

Comments: Level:

SSE

Number:

20

Heading:

ASP.NET Web-forms Life Cycle

Question:

How do you detect the user' s culture?

Answer:

Use the Request object' s UserLanguages array. The value at element 0 corresponds

Compiled by [email protected]

Page 6 of 20

ASP.NET Questionnaire to one of the culture codes used by the CultureInfo class. For example: SLang = Request.UserLanguages(0)

Comments: Level:

SE

Number:

21

Heading:

ASP.NET Web-forms Life Cycle

Question:

What are 2 layout options for a webform

Answer:

Grid layout: This is the default. Controls are placed exactly where you draw them and they have absolute positions on the page. Use grid layout for Windows-style applications, in which controls are not mixed with large amounts of text. Flow layout: This places controls relative to other elements on the page. If you add elements at run time, the controls that occur after the new element move down. Use flow layout for document-style applications, in which text and controls are intermingled.

Comments: Level:

SE

Number:

22

Heading:

ASP.NET Web-forms Life Cycle

Question:

Can an ASPX file contain more than one form marked runat="server"?

Answer:

No

Comments: Level:

SE

Number:

23

Heading:

ASP.NET Web-forms Life Cycle

Question:

How do I comment out statements in ASPX files?

Answer:

<%- --%>

Comments: Level:

SE

Compiled by [email protected]

Page 7 of 20

ASP.NET Questionnaire

Number:

24

Heading:

UI Controls / Data bound controls

Question: Answer:

How do you get several RadioButton controls to interoperate on a Web form so that only one of the RadioButtons can be selected at once? Set the GroupName property of each RadioButton to the same name.

Comments: Level:

SE

Number:

25

Heading:

UI Controls / Data bound controls

Question:

What is wrong with the following line of code? Server.Transfer("Default.htm");

Answer:

You can' t use the Transfer method with HTML pages. It works only with .aspx pages.

Comments: Level:

SE

Number:

26

Heading:

UI Controls / Data bound controls

Question:

How do you display a page in one frame from a hyperlink in another frame?

Answer:

Use the element' s target attribute to specify the frame to display the page. For example, the following hyperlink displays a page in the main frame of a frameset: Show the answers!

Comments: Level:

SE

Number:

27

Heading:

UI Controls / Data bound controls

Question:

Briefly describe the best uses for each of the three types of Web controls

Answer:

Create a user control when you want to…

Compiled by [email protected]

Page 8 of 20

ASP.NET Questionnaire …quickly create a group of controls that can be reused throughout a project to perform some logical unit of work. Create a composite custom control when you want to… …combine one or more existing controls into a compiled assembly that can be easily reused in many different projects. Create a rendered control when you want to… …build an entirely new control that can be compiled into an assembly for use in multiple projects.

Comments: Level:

SSE

Number:

28

Heading:

UI Controls / Data bound controls

Question: Answer:

What is the most important method to override when creating a composite custom control? You override the CreateChildControls method to add existing controls to a composite custom control.

Comments: Level:

SE

Number:

29

Heading:

UI Controls / Data bound controls

Question:

What is the most important method to override when creating a rendered control?

Answer:

You override the Render method when creating a rendered custom control.

Comments: Level:

SE

Number:

30

Heading:

UI Controls / Data bound controls

Question:

What is the advantage of using CSS rather than in-line styles for formatting a Web application?

Compiled by [email protected]

Page 9 of 20

ASP.NET Questionnaire Answer:

Using CSS allows you to maintain formatting separately from the content of your Web forms, so changes are easier to make and consistency is easier to maintain.

Comments: Level:

SSE

Number:

31

Heading:

UI Controls / Data bound controls

Question:

How will u get or set the values from a CheckBoxList or RadioButtonList control?

Answer:

, use a For Each loop to check each control in the list private void Button1_Click(object sender, System.EventArgs e) { foreach (ListItem lstItem in RadioButtonList1.Items) { if (lstItem.Selected) Response.Write(lstItem.Text + " is selected.
"); } }

Comments:

Code shown is in C#

Level:

SE

Number:

32

Heading:

UI Controls / Data bound controls

Question:

Specify form tag which contains file upload control.

Answer:

Comments: Level:

SE

Number:

33

Heading:

UI Controls / Data bound controls

Question:

What is difference between click event of a simple link button and image

Compiled by [email protected]

Page 10 of 20

ASP.NET Questionnaire button control? Answer:

Using the Button and LinkButton Click event procedure is straightforward. The ImageButton control provides an additional capability. The Click event argument for the ImageButton control includes the X and Y coordinates for where the user clicked on the control. The image response depends on where it Images that respond to clicks in this way are called image maps.

Comments: Level:

SE

Number:

34

Heading:

UI Controls / Data bound controls

Question:

Assume that on a web page on left side there is small section consisting of a text boxes for entering login name and password and button and there are many other controls . It is required that controls used for login should disappear after logging in. How to achieve this functionality?

Answer:

Place login controls on panel control. Make the panel invisible after login succeeds.

Comments: Level:

SSE

Number:

35

Heading:

UI Controls / Data bound controls

Question:

How error messages are displayed using validationsummary control?

Answer:

Suppose there are five validator controls on a webform and a single validation summary control.if there is validation error, then Individual validators display their Text properties, while the longer ErrorMessage property is displayed in the ValidationSummary control.

Comments: Level:

SSE

Number:

36

Heading:

UI Controls / Data bound controls

Question:

What validation control you will use to validate a prime number in a text box?

Answer:

Use custom validator control and write prime number checking code in servervalidate event of custom validator.

Compiled by [email protected]

Page 11 of 20

ASP.NET Questionnaire Comments: Level:

SE

Number:

37

Heading:

ASP.NET application configuration

Question:

A developer has designed a generic data access layer assembly which can be shared across many web applications. How do u package and deploy such an application.

Answer:

Prefix assembly with strong name. Register with GAC to make it a shared assembly. Create a merge module pacakage(.msm) which can be combined with other installables.

Comments: Level:

TL

Number:

38

Heading:

ASP.NET application configuration

Question:

Where will u store connection string in ASP.NET and how will u retrieve it in aspx page?

Answer:

Store the conncetion string in web.config file as follows. The value can be retrieved as follows. Dim dsn As String = ConfigurationSettings.AppSettings("DSN")

Comments: Level:

SSE

Number:

39

Heading:

ASP.NET application configuration

Question:

How do u configure custom errors in ASP.NET?

Answer:

As the name says all about, customErros provides information about custom error messages for an ASP.NET application. CustomErrors tag provides us with three attributes. defaultRedirect can be used to specify the URL to direct a browser, if any unexpected error occurs. The mode attribute takes three values On, Off or RemoteOnly. Remeteonly specifies that custom errors are shown only to

Compiled by [email protected]

Page 12 of 20

ASP.NET Questionnaire remote clients. The subtag <error> might be very useful in a variety of way. We can specify the error status code and ask the browser to redirect to a specific page. We should use the attribute, statusCode to specify the error status code and the redirect attribute to specify the redirect URL. Eg: <system.web> <customErrors defaultRedirect="error.aspx" mode="RemoteOnly"> <error statusCode="500" redirect="InternalError.htm"/> Comments: Level:

SSE

Number:

40

Heading:

ASP.NET application configuration

Question:

How do u configure session mode in web.config file?

Answer:

Using <sessionState> tag This tag can be used to specify, were we are storing the session. This can be specified in the mode attribute. Supported values mode are Off, InProc, StateServer and SqlServer. InProc indicates that, session states is stored locally. StateServer indicates that session state is stored on a remote server and sqlserver can be used to indicate that the session state is stored on a sql server. We also have the choice to use cookies to store the sessions. This can be set using the attribute cookieless. Session timeout can be specified using the attribute called timeout. By default, the session timeout is 20 minutes (same as classic ASP). Eg: <system.web> <sessionState mode="Inproc" cookieless="true" timeout="20">

Comments: Level:

SE

Number:

41

Compiled by [email protected]

Page 13 of 20

ASP.NET Questionnaire Heading:

ASP.NET application configuration

Question:

What if some one types the web.config file in the URL?

Answer:

ASP.NET configures IIS to prevent direct browser access to web.config files to ensure that their values cannot become public (attempts to access them will cause ASP.NET to return 403: Access Forbidden).

Comments: Level:

SE

Number:

42

Heading:

ASP.NET application configuration

Question:

Explain application isolation levels in IIS 5

Answer:

·

In-process with IIS (Inetinfo.exe). This option increases performance because all calls are made in-process; however, it offers no protection. If an application fails, it can corrupt memory and affect Inetinfo.exe, as well as other applications running in-process.

·

Pooled with other Web application processes in DLLHost.exe. This is the default option and it provides a balance between protection and performance. If an application fails, it can affect other applications in the pool, but it will not affect Inetinfo.exe.

·

Isolated in its own instance of DLLHost.exe. Isolated applications are protected from affecting or being affected by problems in other applications. However, calls to other applications must cross process boundaries, and this affects performance.

Comments: Level:

SSE

Number:

43

Heading:

ASP.NET application configuration

Question:

What is the difference between the Debug and Trace classes?

Answer:

Under the default environment settings, code using the Debug class is stripped out of release builds, while code using the Trace class is left in. The classes are otherwise equivalent.

Comments: Level:

SE

Number:

44

Heading:

ASP.NET application configuration

Compiled by [email protected]

Page 14 of 20

ASP.NET Questionnaire Question: Answer:

What are the two special steps you need to take to ensure that a COM component can use a component from a .NET assembly? 1.You must register the .NET assembly in the system registry using RegAsm.exe. 2. You must make sure that the COM component can find the .NET assembly, either by placing the .NET assembly in the global assembly cache, by placing the two components in the same folder, or by following the other assembly-probing rules.

Comments: Level:

SSE

Number:

45

Heading:

ASP.NET security

Question:

You have developed a educational ASP.NET application. The web.config file has following structure. <deny roles=”?”/> In the root directory of ur application, there is a subdirectory called “GuardiansOnly” . What actions u need to take to allow only “Guardians” role to access directory “GuardiansOnly” without modifying web.config file of root directory.

Answer:

Create another web.config file in directory “GuardiansOnly” with following settings. <deny roles=”*”/>

Comments: Level:

SE

Number:

46

Heading:

ASP.NET security

Question:

Which ASP.NET authentication mode is best suited to identifying and authorizing users who belong to a corporate network?

Answer:

Windows integrated authentication is best suited to authenticating users of a corporate network because it uses the accounts and permissions that already exist for network users.

Comments: Level:

SE

Compiled by [email protected]

Page 15 of 20

ASP.NET Questionnaire

Number:

47

Heading:

ASP.NET security

Question:

How does the Secure Sockets Layer (SSL) provide security in a Web application?

Answer:

SSL protects data exchanged between a client and a Web application by encrypting the data before it is sent across the Internet.

Comments: Level:

SSE

Number:

48

Heading:

ASP.NET application configuration

Question:

Given the following settings <system.web> Where will be trace information be stored?

Answer:

Trace information will be stored in trace.axd file in root directory.

Comments: Level:

SE

Number:

49

Heading:

ASP.NET webform life cycle

Question:

What is a http handler

Answer:

Http handler is .net component designed for processing files with specific extensions. E.g. If we wish to process abc.sync differently than normal aspx file, then we can implement HttpHandler for handling requests with *.sync extension

Comments: Level:

SE

Number:

50

Compiled by [email protected]

Page 16 of 20

ASP.NET Questionnaire Heading:

ASP.NET webform life cycle

Question:

What are different steps involved in implementing http handler?

Answer:

1. Write a class which implements IHttpHandler interface 2. Register this handler in web.config or machine.config file. 3. Map the file extension (.15seconds) to ASP.NET ISAPI extension DLL (aspnet_isapi.dll) in Internet Services Manager.

Comments: Level:

SSE

Number:

51

Heading:

ASP.NET webform life cycle

Question:

Which method of HttpHandler gets invoked when request is received?

Answer:

ProcessRequest(System.Web.HttpContext context) gets invoked

Comments: Level:

SE

Number:

52

Heading:

ASP.NET webform life cycle

Question:

How do u register Http Handler?

Answer:

Add following settings in web.config file

Comments: Level:

SE

Number:

53

Heading:

ASP.NET webform life cycle

Question:

What is Http modue and where it can be used?

Answer:

HTTP modules are .NET components that implement the System.Web.IHttpModule interface. These components plug themselves into

Compiled by [email protected]

Page 17 of 20

ASP.NET Questionnaire the ASP.NET request processing pipeline by registering themselves for certain events. Whenever those events occur, ASP.NET invokes the interested HTTP modules so that the modules can play with the request. Comments: Level:

SE

Number:

54

Heading:

ASP.NET webform life cycle

Question:

How do u register/unregister http module?

Answer:

Add following settings in web.config file To register: To unregister:

Comments: Level:

SE

Number:

55

Heading:

ASP.NET webform life cycle

Question:

What is output of Server.MapPath("")?

Answer:

It gives physical path of the file that includes aboce statement

Comments: Level:

SE

Number:

56

Heading:

ASP.NET User control

Question:

How will u register a control “login.ascx” and declare its instance on a webform>

Answer:

Registering a control: <%@ Register TagPrefix="uc1" TagName="login" Src="Login.ascx" %>

Compiled by [email protected]

Page 18 of 20

ASP.NET Questionnaire

Instancing a control:

Comments: Level:

SE

Number:

57

Heading:

ASP.NET Security

Question:

What is impersonation?

Answer:

Impersonation is when a user gains access to a resource by using a different identity, usually as an anonymous user. To allow this, Windows uses a special user account known as the anonymous logon account. Whenever an attempt is made to access server resources over the Web, the user is automatically logged on anonymously. The user can only access the resources for which the anonymous user account has privileges. By default, the username for the anonymous logon account takes the form IUSR_COMPUTERNAME, in which COMPUTERNAME is the name of the server.

Comments: Level:

SSE

Number:

58

Heading:

ASP.NET Security

Question:

Which accounts are used by ASP.NET for impersonation?

Answer:

By default, ASP.NET uses two accounts to provide impersonation capabilities: the local system process account and the IUSR_COMPUTERNAME account. When impersonation is turned off, all the resources are accessed using the local system process account. When impersonation is turned on, the IUSR_COMPUTERNAME account is used to provide access to resources.

Comments: Level:

TL

Number:

59

Heading:

ASP.NET webform life cycle

Compiled by [email protected]

Page 19 of 20

ASP.NET Questionnaire Question: Answer:

What is authentication? Explain different types of authentication techniques used in ASP.NET Authentication is the process of identifying valid users by requiring them to prove themselves. The three types of authentication provided by ASP.NET are as follows: ·

Windows built-in authentication. IIS uses basic, digest, or integrated Windows authentication to perform the initial authentication. The user gains access to the requested resources under the context of this account. The accounts that are valid for accessing the complete application, or parts of it, can be specified in the web.config file.

·

Passport-based authentication. This authentication offers single login and core profile services for member sites. This is possible through the usage of a centralized Web-based authentication service, provided by Microsoft.

·

Forms-based authentication. In this authentication, HTTP clientside redirection is used to redirect an unauthenticated user to an HTML form. Using this HTML form, the user provides his/her login credentials and then submits the form. The system issues a cookie (containing the credentials or a key for re-acquiring the identity) if the application authenticates the request. Then, the client browser sends the cookie with all the subsequent requests. The user can access the application while this cookie is retained.

In addition, when none of the preceding methods is used, the default IIS authentication is used and resources can be accessed as specified by the application settings in IIS. Impersonation is still implemented, and the resources are accessed under the context of the local system process account or the IUSR_COMPUTERNAME account.

Comments: Level:

SSE

Compiled by [email protected]

Page 20 of 20