ASP NET Questionnaire

ASP.NET Questionnaire

Compiled by [email protected] of 20

Number: 1Heading: State / Session managementQuestion: Why a conventional ASP web page is considered to be stateless amd how do

u overcome this using ASP.NET?Answer: Whenver a URL request is made, Web server creates instance of requested

web form, generates HTML and posts it to browser for rendering. It thendestroys instance of web form on the server. When user submits data back tothe web server, a new instance of web form is created which has noknowledge of earlier webform. Hence conventional web page is stateless. InASP.NET before web form get destroyed the state of the webform is stored inViewstate(hidden control) on the page and when the page is posted back, thestate of the webform is restored from view state.

Comments:Level: SE

Number: 2Heading: State / Session managementQuestion: What is a web-farm and how do u manage session in web-farm?Answer: A web-farm is group of webservers hosting a single web application.

Sice the web application is shared across multiple servers, session info cannot be stored in process memory of any of servers. It should be stored in acentralizes database or state machine.

Comments:Level: SSE

Number: 3Heading: State / Session managementQuestion: How do you preserve persistent data, such as simple variables, in a Web

application?Answer: You can preserve data in state variables, such as ApplicationState,

SessionState, or ViewState.Comments:Level: SE

Number: 4Heading: State / Session management



Question: How cookieless session works in ASP.NET?Answer: In cookieless session session id gets embedded in URL automatically. So

when url request is made, session id is stripped from URL by ASP.NETAnd is used to identify session information belonging to user.

Comments:Level: TL

Number: 5Heading: State / Session managementQuestion: Does cookieless session works when absolute paths are specified ?Answer: No cookieless session does not work with absolute paths. It works only with

relative path.Comments:Level: TL

Number: 6Heading: State / Session managementQuestion: Is it possible to protect view state from tampering when it's passed over an

unencrypted channel?Answer: Yes. Simply include an @ Page directive with an

EnableViewStateMac="true" attribute in each ASPX file you wish toprotect, or include the following statement in Web.config: hisconfiguration directive appends a hash (officially called the messageauthentication code, or MAC) to view state values round-tripped tothe client and enables ASP.NET to detect altered view state. IfASP.NET determines that view state has been altered when a pageposts back to the server, it throws an exception.

The hash is generated by appending a secret key (thevalidationKey value attached to the <machineKey> element inMachine.config) to the view state and hashing the result. Anattacker can't modify view state and fix up the hash withoutknowing the secret key, too.

Comments:Level: TL



Number: 7Heading: State / Session managementQuestion: How do u synchronize access to Application variables by multiple threads.Answer: Use Application.Lock and Application.Unlock before accessing Application

Variables.Comments:Level: SE

Number: 8Heading: State / Session managementQuestion: How do u cache a web page in ASP.NET?Answer: <%@ outputcache duration=”60” varybyparam=”none”>Comments:Level: SE

Number: 9Heading: State / Session managementQuestion: What is difference between following statements

1 - <%@ outputcache duration=”60” varybyparam=”none”>2 - <%@ outputcache duration=”60” varybyparam=”*”>3 - <%@ outputcache duration=”60” varybyparam=”name”>

Answer: Statement 1 caches only one version of the page irrespective of querystringparameters. Statement 2 caches multiple versions of same page I any ofquewrystring parameter varies. Statement 3 caches multiple versions of thepage for different values of parameter xyz.

Comments: Related to 8Level: SE

Number: 10Heading: State / Session managementQuestion: What is difference between canche.insert and cache.add methodAnswer: The Add and Insert methods have the same signature, but there are subtle

differences between them. First, calling the Add method returns an objectthat represents the cached item, while calling Insert does not. Second, theirbehavior is different if you call these methods and add an item to the cache



that is already stored there. The Insert method replaces the item, while theAdd method fails.

Comments:Level: SSE

Number: 11Heading: State / Session managementQuestion: What is cache dependency and how do u add it?Answer: If object1 has Cache dependency on object2 , then whnever object2 changes,

object1 is removed from the cache.e.g. following example sets up a database connection string denedency onxml file.Cache.Insert("MyData1", connectionString, new

CacheDependency(Server.MapPath(\\myServer\myConfig.xml)));

Comments:Level: SE

Number: 12Heading: State / Session managementQuestion: What are 2 expiration policies for Cached objects?Answer: 1. Absolute expiration: This is fixed duration expiration. For cache

duration of 10 seconds, object is removed from cache after 10 secondsno matter what.

2. Sliding expiration: Canche duration varies based on frequency ofaccess. E.g. If there is sliding expiration of 10 seconds and item isaccessed from the cached again at 8th second, then object is reachedagain for the next 10 seconds

Comments:Level: SE

Number: 13Heading: State / Session managementQuestion: What is fragment caching?Answer: Fragment caching is caching enabled for ascx controls.Comments:



Level: SSE

Number: 14Heading: State / Session managementQuestion: How do u notify an application when an item is removed from the cache?Answer: By implementing event CacheItemRemovedCallBack.Comments:Level: SSE

Number: 15Heading: ASP.NET Web-forms Life Cycle

Question: What is the main difference between the Button server control and the Button HTMLcontrol?

Answer: When clicked, the Button server control triggers an ASP.NET Click event procedureon the server. The Button HTML control triggers the event procedure indicated inthe button' s onclick attribute, which runs on the client.

Comments:Level: SE


Question: List two different exception-handling approaches in ASP.NET Web applications.

Answer: Exceptions can be handled in exception-handling blocks using the Try, Catch, andFinally keywords in Visual Basic .NET or the try, catch, and finally keywords inVisual C#. They can also be handled using Error event procedures at the Global,Application, or Page levels using the Server object' s GetLastError and ClearErrormethods.

Comments:Level: SSE




Question: Write the HTML for a hyperlink that will send mail when the user clicks the link.

Answer: <a href="mailto:[email protected]?SUBJECT=Sending from a client&BODY=Somemessage text.">Send mail</a>

Comments:Level: SE


Question: Show the code that writes a cookie containing the user name “Rob Young” and thecurrent date to the user' s computer. Set the cookie to remain on the user' s computerfor 30 days.

Answer: HttpCookie cookUserInfo = new HttpCookie("UserInfo")CookUserInfo["Name"] = "Rob Young"CookUserInfo["Time"] = DateTime.Now.ToString()cookUserInfo.Expires = DateTime.Now.AddDays(30)Response.Cookies.Add(cookUserInfo)

Comments: Code shown is written in C#Level: SE


Question: What is the difference between the CurrentCulture property and the Current-UICulture property?

Answer: The CurrentCulture property affects how the .NET Framework handles dates,currencies, sorting, and formatting issues. The Current UICulture propertydetermines which satellite assembly is used when loading resources.

Comments:Level: SSE


Question: How do you detect the user' s culture?

Answer: Use the Request object' s UserLanguages array. The value at element 0 corresponds



to one of the culture codes used by the CultureInfo class. For example:

SLang = Request.UserLanguages(0)

Comments:Level: SE


Question: What are 2 layout options for a webformAnswer: Grid layout: This is the default. Controls are placed exactly where you draw them

and they have absolute positions on the page. Use grid layout for Windows-styleapplications, in which controls are not mixed with large amounts of text.Flow layout: This places controls relative to other elements on the page. If you addelements at run time, the controls that occur after the new element move down. Useflow layout for document-style applications, in which text and controls areintermingled.

Comments:Level: SE


Question: Can an ASPX file contain more than one form marked runat="server"?

Answer: NoComments:Level: SE


Question: How do I comment out statements in ASPX files?

Answer: <%-- <asp:Button Text="Click Me" OnClick="OnClick" runat="server" />--%>

Comments:Level: SE



Number: 24Heading: UI Controls / Data bound controlsQuestion: How do you get several RadioButton controls to interoperate on a Web form so that

only one of the RadioButtons can be selected at once?

Answer: Set the GroupName property of each RadioButton to the same name.

Comments:Level: SE

Number: 25Heading: UI Controls / Data bound controlsQuestion: What is wrong with the following line of code?

Server.Transfer("Default.htm");

Answer: You can' t use the Transfer method with HTML pages. It works only with .aspxpages.

Comments:Level: SE

Number: 26Heading: UI Controls / Data bound controlsQuestion: How do you display a page in one frame from a hyperlink in another frame?

Answer: Use the <a> element' s target attribute to specify the frame to display the page. Forexample, the following hyperlink displays a page in the main frame of a frameset:

<a href="AllTheAnswers.aspx" target="main">Show the answers!</a>

Comments:Level: SE

Number: 27Heading: UI Controls / Data bound controlsQuestion: Briefly describe the best uses for each of the three types of Web controls

Answer: Create a user control when you want to…



…quickly create a group of controls that can be reused throughout a project toperform some logical unit of work.

Create a composite custom control when you want to…

…combine one or more existing controls into a compiled assembly that can be easilyreused in many different projects.

Create a rendered control when you want to…

…build an entirely new control that can be compiled into an assembly for use inmultiple projects.

Comments:Level: SSE

Number: 28Heading: UI Controls / Data bound controlsQuestion: What is the most important method to override when creating a composite custom

control?

Answer: You override the CreateChildControls method to add existing controls to acomposite custom control.

Comments:Level: SE

Number: 29Heading: UI Controls / Data bound controlsQuestion: What is the most important method to override when creating a rendered control?

Answer: You override the Render method when creating a rendered custom control.

Comments:Level: SE

Number: 30Heading: UI Controls / Data bound controlsQuestion: What is the advantage of using CSS rather than in-line styles for formatting a Web

application?



Answer: Using CSS allows you to maintain formatting separately from the content of yourWeb forms, so changes are easier to make and consistency is easier to maintain.

Comments:Level: SSE

Number: 31Heading: UI Controls / Data bound controlsQuestion: How will u get or set the values from a CheckBoxList or RadioButtonList control?

Answer: , use a For Each loop to check each control in the listprivate void Button1_Click(object sender, System.EventArgs e){ foreach (ListItem lstItem in RadioButtonList1.Items) { if (lstItem.Selected) Response.Write(lstItem.Text + " is selected.<br>"); }}

Comments: Code shown is in C#Level: SE

Number: 32Heading: UI Controls / Data bound controlsQuestion: Specify form tag which contains file upload control.

Answer: <form action="webform1.aspx" method="post" enctype="multipart/form-data"runat="server" ID="Form1">

Comments:Level: SE

Number: 33Heading: UI Controls / Data bound controlsQuestion: What is difference between click event of a simple link button and image



button control?

Answer: Using the Button and LinkButton Click event procedure is straightforward. TheImageButton control provides an additional capability. The Click event argument forthe ImageButton control includes the X and Y coordinates for where the user clickedon the control. The image response depends on where it Images that respond toclicks in this way are called image maps.

Comments:Level: SE

Number: 34Heading: UI Controls / Data bound controlsQuestion: Assume that on a web page on left side there is small section consisting of a

text boxes for entering login name and password and button and there aremany other controls . It is required that controls used for login shoulddisappear after logging in. How to achieve this functionality?

Answer: Place login controls on panel control. Make the panel invisible after loginsucceeds.

Comments:Level: SSE

Number: 35Heading: UI Controls / Data bound controlsQuestion: How error messages are displayed using validationsummary control?

Answer: Suppose there are five validator controls on a webform and a single validationsummary control.if there is validation error, then Individual validators display theirText properties, while the longer ErrorMessage property is displayed in theValidationSummary control.

Comments:Level: SSE

Number: 36Heading: UI Controls / Data bound controlsQuestion: What validation control you will use to validate a prime number in a text

box?

Answer: Use custom validator control and write prime number checking code inservervalidate event of custom validator.



Comments:Level: SE

Number: 37Heading: ASP.NET application configurationQuestion: A developer has designed a generic data access layer assembly which can be

shared across many web applications. How do u package and deploy such anapplication.

Answer: Prefix assembly with strong name. Register with GAC to make it a sharedassembly. Create a merge module pacakage(.msm) which can be combinedwith other installables.

Comments:Level: TL

Number: 38Heading: ASP.NET application configurationQuestion: Where will u store connection string in ASP.NET and how will u retrieve it

in aspx page?Answer: Store the conncetion string in web.config file as follows.

<configuration><appSettings><add key="DbConnStr"value="Server=moon;database=Store;Trusted_Connection=yes" /></appSettings></configuration>The value can be retrieved as follows.Dim dsn As String = ConfigurationSettings.AppSettings("DSN")

Comments:Level: SSE

Number: 39Heading: ASP.NET application configurationQuestion: How do u configure custom errors in ASP.NET?Answer: As the name says all about, customErros provides information about custom

error messages for an ASP.NET application. CustomErrors tag provides uswith three attributes. defaultRedirect can be used to specify the URL to direct a browser, if anyunexpected error occurs. The mode attribute takes three values On, Off orRemoteOnly. Remeteonly specifies that custom errors are shown only to



remote clients.

The subtag <error> might be very useful in a variety of way. We can specifythe error status code and ask the browser to redirect to a specific page. Weshould use the attribute, statusCode to specify the error status code and theredirect attribute to specify the redirect URL. Eg: <configuration><system.web><customErrors defaultRedirect="error.aspx" mode="RemoteOnly"><error statusCode="500" redirect="InternalError.htm"/></customErrors></system.web></configuration>

Comments:Level: SSE

Number: 40Heading: ASP.NET application configurationQuestion: How do u configure session mode in web.config file?Answer: Using <sessionState> tag

This tag can be used to specify, were we are storing the session. This can bespecified in the mode attribute. Supported values mode are Off, InProc,StateServer and SqlServer. InProc indicates that, session states is storedlocally. StateServer indicates that session state is stored on a remote serverand sqlserver can be used to indicate that the session state is stored on a sqlserver. We also have the choice to use cookies to store the sessions. This can be setusing the attribute cookieless. Session timeout can be specified using theattribute called timeout. By default, the session timeout is 20 minutes (sameas classic ASP). Eg: <configuration><system.web><sessionState mode="Inproc" cookieless="true" timeout="20"></sessionState></system.web></configuration>

Comments:Level: SE

Number: 41



Heading: ASP.NET application configurationQuestion: What if some one types the web.config file in the URL?

Answer: ASP.NET configures IIS to prevent direct browser access to web.config files to ensurethat their values cannot become public (attempts to access them will cause ASP.NETto return 403: Access Forbidden).

Comments:Level: SE

Number: 42Heading: ASP.NET application configurationQuestion: Explain application isolation levels in IIS 5Answer: In-process with IIS (Inetinfo.exe). This option increases performance because

all calls are made in-process; however, it offers no protection. If anapplication fails, it can corrupt memory and affect Inetinfo.exe, as well asother applications running in-process.

Pooled with other Web application processes in DLLHost.exe. This is thedefault option and it provides a balance between protection andperformance. If an application fails, it can affect other applications in thepool, but it will not affect Inetinfo.exe.

Isolated in its own instance of DLLHost.exe. Isolated applications areprotected from affecting or being affected by problems in other applications.However, calls to other applications must cross process boundaries, and thisaffects performance.

Comments:Level: SSE

Number: 43Heading: ASP.NET application configurationQuestion: What is the difference between the Debug and Trace classes?

Answer: Under the default environment settings, code using the Debug class is stripped outof release builds, while code using the Trace class is left in. The classes are otherwiseequivalent.

Comments:Level: SE

Number: 44Heading: ASP.NET application configuration



Question: What are the two special steps you need to take to ensure that a COM componentcan use a component from a .NET assembly?

Answer: 1.You must register the .NET assembly in the system registry using RegAsm.exe.

2. You must make sure that the COM component can find the .NET assembly, eitherby placing the .NET assembly in the global assembly cache, by placing the twocomponents in the same folder, or by following the other assembly-probing rules.

Comments:Level: SSE

Number: 45Heading: ASP.NET securityQuestion: You have developed a educational ASP.NET application. The web.config file

has following structure.<allow roles-“Guardians, Students”/><deny roles=”?”/>In the root directory of ur application, there is a subdirectory called“GuardiansOnly” . What actions u need to take to allow only “Guardians”role to access directory “GuardiansOnly” without modifying web.config fileof root directory.

Answer: Create another web.config file in directory “GuardiansOnly” with followingsettings.<allow roles-“Guardians”/><deny roles=”*”/>

Comments:Level: SE

Number: 46Heading: ASP.NET securityQuestion: Which ASP.NET authentication mode is best suited to identifying and authorizing

users who belong to a corporate network?

Answer: Windows integrated authentication is best suited to authenticating users of acorporate network because it uses the accounts and permissions that already exist fornetwork users.

Comments:Level: SE



Number: 47Heading: ASP.NET securityQuestion: How does the Secure Sockets Layer (SSL) provide security in a Web application?

Answer: SSL protects data exchanged between a client and a Web application by encryptingthe data before it is sent across the Internet.

Comments:Level: SSE

Number: 48Heading: ASP.NET application configurationQuestion: Given the following settings

<configuration> <system.web> <trace enabled="true" pageOutput="false" /> </system.web></configuration>Where will be trace information be stored?

Answer: Trace information will be stored in trace.axd file in root directory.Comments:Level: SE

Number: 49Heading: ASP.NET webform life cycleQuestion: What is a http handlerAnswer: Http handler is .net component designed for processing files with specific

extensions. E.g. If we wish to process abc.sync differently than normal aspxfile, then we can implement HttpHandler for handling requests with *.syncextension

Comments:Level: SE

Number: 50



Heading: ASP.NET webform life cycleQuestion: What are different steps involved in implementing http handler?Answer: 1. Write a class which implements IHttpHandler interface

2. Register this handler in web.config or machine.config file.

3. Map the file extension (.15seconds) to ASP.NET ISAPI extension DLL(aspnet_isapi.dll) in Internet Services Manager.

Comments:Level: SSE

Number: 51Heading: ASP.NET webform life cycleQuestion: Which method of HttpHandler gets invoked when request is received?Answer: ProcessRequest(System.Web.HttpContext context) gets invoked

Comments:Level: SE

Number: 52Heading: ASP.NET webform life cycleQuestion: How do u register Http Handler?Answer: Add following settings in web.config file

<httpHandlers> <add verb="*" path="*.15seconds"type="MyHandler.NewHandler,MyHandler"/></httpHandlers>

Comments:Level: SE

Number: 53Heading: ASP.NET webform life cycleQuestion: What is Http modue and where it can be used?Answer: HTTP modules are .NET components that implement the

System.Web.IHttpModule interface. These components plug themselves into



the ASP.NET request processing pipeline by registering themselves forcertain events. Whenever those events occur, ASP.NET invokes the interestedHTTP modules so that the modules can play with the request.

Comments:Level: SE

Number: 54Heading: ASP.NET webform life cycleQuestion: How do u register/unregister http module?Answer: Add following settings in web.config file

To register:

<httpModules> <add type="classname, assemblyname" name="modulename" /><httpModules>To unregister:<httpModules> <remove name="modulename" /><httpModules>

Comments:Level: SE

Number: 55Heading: ASP.NET webform life cycleQuestion: What is output of Server.MapPath("")?

Answer: It gives physical path of the file that includes aboce statementComments:Level: SE

Number: 56Heading: ASP.NET User controlQuestion: How will u register a control “login.ascx” and declare its instance on a

webform>Answer:

Registering a control:

<%@ Register TagPrefix="uc1" TagName="login" Src="Login.ascx" %>



Instancing a control:

<Chapter06:login ID="LoginControl" RunAt=Server />

Comments:Level: SE

Number: 57Heading: ASP.NET SecurityQuestion: What is impersonation?Answer:

Impersonation is when a user gains access to a resource by using a differentidentity, usually as an anonymous user. To allow this, Windows uses a specialuser account known as the anonymous logon account. Whenever an attempt ismade to access server resources over the Web, the user is automatically loggedon anonymously. The user can only access the resources for which theanonymous user account has privileges. By default, the username for theanonymous logon account takes the form IUSR_COMPUTERNAME, in whichCOMPUTERNAME is the name of the server.

Comments:Level: SSE

Number: 58Heading: ASP.NET SecurityQuestion: Which accounts are used by ASP.NET for impersonation?Answer: By default, ASP.NET uses two accounts to provide impersonation capabilities: the

local system process account and the IUSR_COMPUTERNAME account. Whenimpersonation is turned off, all the resources are accessed using the local systemprocess account. When impersonation is turned on, the IUSR_COMPUTERNAMEaccount is used to provide access to resources.

Comments:Level: TL

Number: 59Heading: ASP.NET webform life cycle



Question: What is authentication? Explain different types of authentication techniquesused in ASP.NET

Answer:Authentication is the process of identifying valid users by requiring them toprove themselves. The three types of authentication provided by ASP.NET areas follows:

Windows built-in authentication. IIS uses basic, digest, or integratedWindows authentication to perform the initial authentication. The user gainsaccess to the requested resources under the context of this account. Theaccounts that are valid for accessing the complete application, or parts of it,can be specified in the web.config file.

Passport-based authentication. This authentication offers single loginand core profile services for member sites. This is possible through theusage of a centralized Web-based authentication service, provided byMicrosoft.

Forms-based authentication. In this authentication, HTTP clientsideredirection is used to redirect an unauthenticated user to an HTML form.Using this HTML form, the user provides his/her login credentials and thensubmits the form. The system issues a cookie (containing the credentials ora key for re-acquiring the identity) if the application authenticates therequest. Then, the client browser sends the cookie with all the subsequentrequests. The user can access the application while this cookie is retained.

In addition, when none of the preceding methods is used, the default IISauthentication is used and resources can be accessed as specified by theapplication settings in IIS. Impersonation is still implemented, and the resourcesare accessed under the context of the local system process account or theIUSR_COMPUTERNAME account.

Comments:Level: SSE

ASP NET Questionnaire

Documents

Transcript of ASP NET Questionnaire