Microsoft .

NET

.NET Framework:
.NET framework is an environment that facilitates Object Oriented Programming Model for multiple
languages. It wraps Operating System and insulates Software Development from many Operating
System specific tasks such as file handling, memory allocation & management.
It has two main components CLR (Common Language Runtime) and .Net BCL (Base Class Libraries).

As you can see in Figure, the .NET Framework sits on top of the operating system, which can be a few
different flavors of Windows and consists of a number of components. .NET is essentially a system
application that runs on Windows.

The most important component of the Framework is something called the CLR. If you are a Java
programmer, think of the CLR as the .NET equivalent of the Java Virtual Machine (JVM). If you don't
know Java, think of the CLR as the heart and soul of the .NET architecture. At a high level, the CLR
activates objects, performs security checks on them, lays them out in memory, executes them, and
garbage-collects them. Conceptually, the CLR and the JVM are similar in that they are both runtime
infrastructures that abstract the underlying platform differences. However, while the JVM currently
supports just the Java language, the CLR supports all languages that can be represented in the
Common Intermediate Language (CIL). The JVM executes bytecode, so it could technically support
many different languages, too. Unlike Java's bytecode, though, IL is never interpreted. Another
conceptual difference between the two infrastructures is that Java code runs on multiple platforms with
a JVM, whereas .NET code runs only on the Windows platforms with the CLR (at the time of this
writing). Microsoft has submitted the Common Language Infrastructure (CLI), which is functional a
subset of the CLR, to ECMA, so a third-party vendor could theoretically implement a CLR for a platform
other than Windows.

An assembly is the basic unit of deployment and versioning, consisting of a manifest, a set of one or
more modules, and an optional set of resources.

.NET Portable Executable File:

A Windows executable, EXE or DLL, must conform to a file format called the PE file format, which is a
derivative of the Microsoft Common Object File Format (COFF). Both of these formats are fully
specified and publicly available. The Windows OS knows how to load and execute DLLs and EXEs
because it understands the format of a PE file. Given this, any compiler that wants to generate
Windows executables must obey the PE/COFF specification.

Standard Windows PE files are divided into two major sections. The first section includes the PE/COFF
headers that reference the contents within the PE file. In addition to the header section, the PE file
holds a number of native image sections, including the .data, .rdata, .rsrc , and .text sections. These are
the standard sections of a typical Windows executable, but Microsoft's C/C++ compiler allows you to
add your own custom sections into the PE file using a compiler pragma statement. For example, you
can create your own data section to hold encrypted data that only you can read. Taking advantage of
this ability, Microsoft has added a few new sections to the normal PE file specifically to support the
CLR's functionality. The CLR understands and manages the new sections. For example, the CLR will
read these sections and determine how to load classes and execute your code at runtime.

The sections that Microsoft has added to the normal PE format are the CLR header and the CLR data
sections. While the CLR header stores information to indicate that the PE file is a .NET executable, the
CLR data section contains metadata and IL code, both of which determine how the program will be
executed.

Metadata

Metadata is machine -readable information about a resource, or "data about data." Such information
might include details on content, format, size, or other characteristics of a data source. In .NET,
metadata includes type definitions, version information, external assembly references, and other
standardized information.

In order for two components, systems, or objects to interoperate with one another, at least one must
know something about the other. In COM, this "something" is an interface specification, which is
implemented by a component provider and used by its consumers.

In .NET, metadata is a common mechanism or dialect that the .NET runtime, compilers, and tools can
all use. Microsoft .NET uses metadata to describe all types that are used and exposed by a particular
.NET assembly. Metadata includes descriptions of an assembly and modules, classes, interfaces,
methods, properties, fields, events, global methods, and so forth.

.NET assemblies are deployable units and manifests are the metadata that describes the assemblies.

IL Code:

An assembly contains the IL code that the CLR executes at runtime. The IL code typically uses types
defined within the same assembly, but it also may use or refer to types in other assemblies. There is
one caveat: each assembly can have at most one entry point, such as DllMain( ), WinMain( ), or
Main( ). You must follow this rule because when the CLR loads an assembly, it searches for one of
these entry points to start assembly execution.

There are four types of assemblies in .NET:

Static assemblies: These are the .NET PE files that you create at compile time. You can create static
assemblies using your favorite compiler: csc, cl, or vbc.
Dynamic assemblies: These are PE-formatted, in-memory assemblies that you dynamically create at
runtime using the classes in the System.Reflection.Emit namespace.
Private assemblies: These are static assemblies used by a specific application.
Public or shared assemblies: These are static assemblies that must have a unique shared name and
can be used by any application.

Side-by-Side Execution:

The CLR allows any versions of the same-shared DLL (shared assembly) to execute at the same time,
on the same system, and even in the same process. This concept is known as side-by-side execution.

Manifests: Assembly Metadata

An assembly manifest is metadata that describes everything about the assembly, including its identity, a
list of files belonging to the assembly, references to external assemblies, exported types, exported
resources, and permission requests. In short, it describes all the details that are required for component
plug-and-play. Since an assembly contains all these details, there's no need for storing this type of
information in the registry, as in the COM world.

An assembly can be a single-module assembly or a multi-module assembly. In a single-module

assembly, everything in a build is clumped into one EXE or DLL, an example of which is the hello.exe
application that we developed earlier. This is easy to create because a compiler takes care of creating
the single -module assembly for you.

A multi-module assembly is one that contains many modules and resource files. To create it you have to
use the Assembly Linker (al.exe) that is provided by the .NET SDK. This tool takes one or more IL or
resource files and spits out a file with an assembly manifest.

Any .NET language may be converted into IL, so .NET supports multiple languages and perhaps
multiple platforms in the future (as long as the target platforms have a CLR).

The Common Type System (CTS):

Because .NET treats all languages as equal, a class written in C# should be equivalent to a class
written in VB.NET, and an interface defined in Managed C++ should be exactly the same as one that is
specified in managed COBOL. Languages must agree on the meanings of these concepts before they
can integrate with one another. In order to make language integration a reality, Microsoft has specified a
common type system to which every .NET language must abide.

Interfaces:
Interfaces support exactly the same concept as a C++ abstract base class (ABC) with only pure virtual
functions. An ABC is a class that declares one or more pure virtual functions and thus cannot be
instantiated. If you know COM or Java, interfaces in .NET are conceptually equivalent to a COM or Java
interface. You specify them, but you don't implement them. A class that derives from your interface must
implement your interface. An interface may contain methods, properties, indexers, and events. In .NET,
a class can derive from multiple interfaces.

The Common Language Specification (CLS):

Microsoft has published the Common Language Specification (CLS). The CLS specifies a series of
basic rules that are required for language integration. Since Microsoft provides the CLS that spells out
the minimum requirements for being a .NET language, compiler vendors can build their compilers to the
specification and provide languages that target .NET. Besides compiler writers, application developers
should read the CLS and use its rules to guarantee language interoperation.

CLR Execution:
.Net PE Files(Metadata And IL) >> Class Loader >> Verifier >> JIT >> Managed Native Code

Once the class loader has found and loaded the target class, it caches the type information for the class
so that it doesn't have to load the class again for the duration of this process.

The verifier is responsible for verifying that:

1. The metadata is well formed, meaning the metadata must be valid.
2. The IL code is type safe, meaning type signatures are used correctly.

The JIT compilers convert IL to native code so that it can execute on the target operating system. For
optimization reasons, JIT compilation occurs only the first time a method is invoked. Recall that the
class loader adds a stub to each method during class loading. At the first method invocation, the VEE
reads the information in this stub, which tells it that the code for the method has not been JIT compiled.
At this indication, the JIT compiler compiles the method and injects the address of the managed native
method into this stub. During subsequent invocations to the same method, no JIT compilation is needed
because each time the VEE goes to read information in the stub, it sees the address of the native
method. Because the JIT compiler only performs its magic the first time a method is invoked, the
methods you don't need at runtime will never be JIT compiled. The compiled, native code lies in
memory until the process shuts down and until the garbage collector clears off all references and
memory associated with the process. This means that the next time you execute the process or
component, the JIT compiler will again perform its magic.

If you want to avoid the cost of JIT compilation at runtime, you can use a special tool called ngen, which
compiles your IL during installation and setup time. Using ngen, you can JIT-compile the code once and
cache it on the machine so that you can avoid JIT compilation at runtime (this process is referred to as
Pre-JITting). In the event that the PE file has been updated, you must PreJIT the PE file again.
Otherwise, the CLR can detect the update and dynamically command the appropriate JIT compiler to
compile the assembly.

All .NET assemblies are essentially binary components. You can treat each .NET assembly as a
component that you can plug into another component or application, without the need for source code,
since all the metadata for the component is stored inside the .NET assembly. While you have to perform
a ton of plumbing to build a component in COM, you need to perform zero extra work to get a
component in .NET, as all .NET assemblies are components by nature. Remember, we're using the
term "component" as a binary, deployable unit, not as a COM class.

Shared Components:
Unlike application-private assemblies, shared assemblies - ones that can be used by any client
application - must be published or registered in the system Global Assembly Cache (GAC). When you
register your assemblies against the GAC, they act as system components, such as a system DLL that
every process in the system can use. A prerequisite for GAC registration is that the component must
possess originator and version information. In addition to other metadata, these two items allow multiple
versions of the same component to be registered and executed on the same machine. Again, unlike
COM, we don't have to store any information in the system registry for clients to use these shared
assemblies.

Object Pooling:
A pool is technical term that refers to a group of resources, such as connections, threads, and objects.
Putting a few objects into a pool allows hundreds of clients to share these few objects (you can make
the same assertion for threads, connections, and other objects). Pooling is therefore a technique that
minimizes the use of system resources, improves performance, and helps system scalability.

ADO.NET Architecture:
Microsoft ADO.NET's object model encompasses two distinct groups of classes: content components
and managed-provider components. The content components include the DataSet class and other
supporting classes such as DataTable, DataRow, DataColumn, and DataRelation. These classes
contain the actual content of a data exchange. The managed-provider components assist in data
retrievals and updates. Microsoft provides two managed providers in its current release of ADO.NET:
OLE DB and SQL. The OLE DB managed provider comes with OleDbConnection, OleDbCommand,
OleDbParameter, and OleDbDataReader. The SQL Server managed provider comes with a similar set
of objects, whose names start with SqlClient instead of OleDb. Developers can use the connection,
command, and data reader objects to directly manipulate data.

We might think that setting up and tearing down connections is not a good idea since the cost of
establishing a connection is usually high. This is a concern only in the absence of connection pooling.
ADO.NET automatically keeps connections to a data source in a pool, so when an application thinks it
is tearing down a connection, it's actually returning it to the resource pool. This allows connections to be
reused, avoiding the cost of reconstructing new connections from scratch.

Because ADO.NET framework classes are managed code, developers can inherit and extend these
classes to their custom needs.

A data reader is a new object providing fast, forward-only, and read-only access to data. This is similar
to an ADO Recordset with server-side, forward - only, and read-only cursor types. Since this is a server
–side cursor, the connection to the server is open throughout the reading of data.

Even though each DataAdapter maps only one DataTable in the DataSet, you can have multiple
adapters to fill the DataSet object with multiple DataTables. Managed Code:
The .Net framework provides several core run-time services to the programs that run within it. For
example exception handling and security. For these services to work the code must provide a minimum
level of information to runtime. Such code is called Managed Code.

Managed Data:
This is data for which memory management is done by .Net runtime’s garbage collector this includes
tasks for allocation de-allocation. We can call garbage collector to collect un-referenced data by
executing System.GC.Collect().

What is an Assembly?
Assemblies are fundamental building blocks of .Net Framework. They contain the type and resources
that are useful to make an application. Assemblies enables code reuse, version control, security and
deployment. An assembly consist of: Manifest , Type Metadata, MSIL and resource file.

Assemblies are Private and Shared. Private are used for a single application and installed in
application’s install directory or its sub-directory. Shared assembly is one that can be referenced by
multiple application and resides in GAC(local cache for assemblies managed by .Net Framework).
gacutil /i myDll.dll can see and %windir%\assembly

Metadata and Manifest:

Manifest describes the assembly itself. Assembly name, version, culture, strong name, list of files, type
reference and reference assembly. While Metadata describes contents within the assembly like classes,
namespaces, interfaces, scope, properties, methods and their parameters etc.

Application Domain: It is a virtual process that serves to isolate an application. All object created
within the same application scope are created within same application domain.

Garbage Collection: It is Automatic Memory Manager for .Net Framework. It manages the memory
allocated to .Net Framework.
When a variable is defined it gets a space in memory (stack) and when an object is created memory for
the object is allocated in heap. When an object is assigned to a variable it increments the reference
counts for the object and when program control comes out of the function the scope of variable gets
ended Or NULL is assigned to variable it decrements the reference count of object by 1. When
reference count of one object becomes zero GC acts call destructor of object and then releases the
memory acquired by the object.

Can .Net Components can be used from a COM? Yes, can be used. But There are few restrictions
such as COM needs an object to be created. So static methods, parameterized constructor can not be
used from COM. These are used by COM using a COM Callable Wrapper (CCW).
TlbImp.exe and TlbExp.exe

How does .NET Remoting work?

It involves sending messages along channels. Two of the standard channels are HTTP and TCP. TCP is
for LANs only and HTTP can be used on LANs or WANs (internet). TCP uses binary serialization and
HTTP uses SOAP (.Net Runtime Serialization SOAP Formatter).

There are 3 styles of remote access:

SingleCall: Each incoming request is handled by new instance.
Singleton: All requests are served by single server object.
Client-Activated Object: This is old state-full DCOM model. Where client receives reference to the
remote object and keep until it finished with it.
DLL-HELL:
Situations where we have to put same name Dlls in single directory where are Dlls are of different
versions.

Versioning:
MajorVersion.MinorVersion.BuildNumber.Revision

Boxing and Un-Boxing:

Implicit(automatic) conversion of value type to reference type is known as Boxing And Explicit (manual)
conversion of Reference type to value type is said to be Un-boxing. (conversion of Integer variable to
object type)

.Net Object Oriented Programming Concepts

Class:
Class is concrete representation of an entity. It represents a group of objects, which posses similar
attributes and behavior.
Provides Abstraction and Encapsulations. A category name that can be given to group of objects of
similar kind.

Object:
Object represents/resembles a Physical/real entity. An object is simply something you can give a name.

Object Oriented Programming: It is a Style of programming that represents a program as a system of

objects and enables code-reuse.

Encapsulation:
Binding of attributes and behaviors. Hiding the implementation and exposing the functionality.

Abstraction:
Hiding the complexity. Defining communication interface for the functionality and hiding rest of the
things.
In .Net destructor can not be abstract. Can define Either Finalize / Destructor. For Destructor access
specifiers can not be assigned. It is Private.

Overloading:
Adding a new method with the same name in same/derived class but with different number/types of
parameters. Implements Polymorphism.

Overriding:
When we need to provide different implementation than the provide by base class, We define the same
method with same signatures in the derived class. Method must be Protected/Protected-Friend/Public
for this purpose. (Base class routine can be called by Mybase.Method, base.Method).

Shadowing:
When the method is defined as Final/sealed in base class and not overridable and we need to provide
different implementation for the same. We define method with Shadows/new.

Inheritance:
Gives you ability to provide is-a relationship. Acquires attributes and behaviors from another. When a
class acquires attributes and behaviors from another class. (must not be Final or sealed class in
.Net)

Abstract Class: Instance can not be created. Optionally can have one or more abstract methods but
not necessary. Can provide body to Classes.
 Interface:
What a Class must do, But not how-to. Bridge for the communication when the caller does not know to
whom he is calling. Describes externally visible behavior of element.
Only Public members which defines the means of the communication with the outer world. Can-be-
Used-As Relationship. Can not contain data but can declare property. There can be no implementation.
Interface can be derived from another interface.

Polymorphism:
Mean by more than one form. Ability to provide different implementation based on different no./type of
parameters. A method behaves differently based on the different input parameters. Does not depend on
the Return-Type.

Pure-Polymorphism:
Make an method abstract/virtual in base class. Override it in Derived Class. Declare a variable of type
base class and assign an object of derived class to it. Now call the virtual/abstract method. The actual
method to be called is decided at runtime.

Early-Binding:
Calling an non-virtual method decides the method to call at compile time is known as Early-Binding.

Late-Binding:
Same as pure-polymorphism.

Identifiers/Access Specifies and scope:

VB.NET: Private, Protected, Friend, Protected Friend, Public.
C#: private, protected, internal, protected internal, public.

What is a Delegate?
A strongly typed function pointer. A delegate object encapsulates a reference to a method. When actual
function needs to be called will be decided at run-time.

Static Variable and Its Life-Time:

VB.NET: Public Shared VAR As Type.
C#: public static Type VAR;
Life time is till the class is in memory.

Constructor:
Special Method Always called whenever an instance of the class is created.

Destructor/Finalize:
Called by GC just before object is being reclaimed by GC.

ASP.Net

Different Types of Caching?

Output Caching: stores the responses from an asp.net page.
Fragment Caching: Only caches/stores the portion of page (User Control)
Data Caching: is Programmatic way to Cache objects for performance.

Authentication and Authorization:

Authentication is identifying/validating the user against the credentials (username and password) and
Authorization performs after authentication. Authorization allowing access of specific resource to user.

Different Types of Directives:

Page, Register, Control, OutputCache, Import, Implements, Assembly, Reference

Difference between Server-Side and Client-Side:

Server-Side code is executed on web-server and does not transmitted to client, while client-side code
executed on client(browser) and is rendered to client along with the content.

Difference Server.Transfer and Response.Redirect:

Both ends the processing for the current request immediately. Server.Transfer start executing the another
resource specified as parameter without acknowledgement to client(browser) while Response.Redirect
intimate client that your requested resource is available at this location and then client request for that
resource.

Different Types of Validators and Validation Controls:

RequiredFieldValidator, RangeValidator, RegularExpressionValidator, CompareValidator, CustomValidator,
ValidationSummary

How to Manage State in ASP.Net?

Client based: ViewState, QueryString and Cookies Server based: Session, Application.

Difference between User Control and Custom Control:

CUSTOM Controls are compiled code (Dlls), easier to use, difficult to create, and can be placed in toolbox.
Drag and Drop controls. Attributes can be set visually at design time. Can be used by Multiple Applications (If
Shared Dlls), Even if Private can copy to bin directory of webApp add reference and use. Normally designed
to provide common functionality independent of consuming Application.

3 Types of Session State Modes?

InProc(cookieless, timeout),
StateServer (Server, Port stateConnectionString="tcpip=server:port"),
SQLServer (sqlconnectionstring) and Off.

What is ViewState and How it is managed, Its Advantages/Benefits?

ViewState is a special object that ASP.NET uses to maintain the state of page and all
webcontrols/ServerControls within it. It is in this object preserves the states of various FORM elements during
post-backs. It is rendered to client(browser) as a Hidden variable __VIEWSTATE under <form>tag. We can
also add custom values to it.

What is web.config and machine.config:

machine.config is default configuration for all applications running under this version, located in
%WinDir%\Microsfot.Net\Framework\Version. Settings can be overridden by Web.Config for an specific
application Web.Config resides in application’s root/virtual root and exists in sub-sequent folders.

Role of Global.asax:
Optional file contains the code to handle Application level events raised by ASP.Net or By HttpModule. This
file resides in application root directory. Application_Start, _End, _AuthenticateRequest, _Error,
Session_Start, _End, BeginRequest, EndRequest. This file is parsed and compiled into dynamically
generated class derived from HttpApplication.

Page Life Cycle:

Init, LoadViewState, LoadPostBackData, Load, RaisePostBackDataChangedEvent, RaisePostBackEvents,
Pre-Render, SaveViewState, Render, Unload, (IpostBackDataChangedEventHandler and
IpostBackEventHandler) Error, CommitTransaction, AbortTransaction, Abort
inetinfo.exe, aspnet_isapi.dll aspnet_wp.exe, HttpModules (OutputCache, Session, Authentication,
Authorization, Custom Modules Specified) and Then HttpHandlers PageHandlerFactory for *.aspx

Can the action attribute of a server-side <form>tag be set to a value and if not how can you possibly
pass data from a form to a subsequent Page?
No assigning value will not work because will be overwritten at the time of rendering. We can assign value to
it by register a startup script which will set the action value of form on client-side. Rest are Server.Transfer
and Response.Redirect.

ASP.Net List Controls and differentiate between them?

RadioButtonList, CheckBoxList, DropDownList, Repeater, DataGrid, DataList

Type Of Code in Code-Behind class:

Server-Side Code.

What might be best suited to place in the Application_Start and Session_Start:

Application level variables and settings initialization in App_Start
User specific variables and settings in Session_Start

Difference between inline and code-behind. Which is best?

Inline is mixed with html and code-behind is separated. Use code-behind, Because Inline pages are loaded,
parsed, compiled and processed at each first request to page and remains in compiled code remains in cache
until it expires, If expires it again load, parse and compile While code-behind allows to be pre-compiled and
provide better performance.

Which Template must provide to display data in Repeater?

ItemTemplate.

How to Provide Alternating Color Scheme in Repeater?

AlternatingItemTemplate

What base class all Web Forms inherit from?

System.Web.UI.Page

What method do you use to explicitly kill a user’s Session?

HttpContext.Current.Session.Abandon()

How do you turn off cookies in one page of your asp.net application?
We will not use it. But can not turn off cookies from server. To allow or not is a client side functionality.

Which two properties are on every validation control?

ControlToValidate and Text, ErrorMessage

How do you create a permanent cookie?

Set expires property to Date.MaxValue (HttpCookie.Expires = Date.MaxValue)

What is the standard you use to wrap up a call to a Web Service?

SOAP

Which method do you use to redirect to user to another page without performing a round trip to
Client?
Server.Transfer(“AnotherPage.aspx”)

What is transport protocol you use to call a Web-Service SOAP?

HTTP-POST

A Web Service can only be written in .NET?

FALSE

Where on internet would you look for Web services?

www.uddi.org

How many classes can a single .NET DLL contain?

Unlimited

How many namespaces are in .NET version 1.1?

124

What is a bubbled event?

When you have a complex control like DataGrid. Writing an event processing routine for each object (cell,
button, row etc.). DataGrid handles the events of its constituents and will raise its own defined custom events.

Difference between ASP Session State and ASP.Net Session State?

ASP: relies on cookies, Serialize all requests from a client, Does not survive process shutdown, Can not
maintained across machines in a Web farm/garden.

Layouts of ASP.NET Pages:

GridLayout and FlowLayout

Web User Control:

Combines existing Server and HTML controls by using VS.Net. to create functional units that encapsulate
some aspects of UI. Resides in Content Files, which must be included in project in which the controls are
used.

Composite Custom Control:

combination of existing HTML and Server Controls.

Rendered custom control:

create entirely new control by rendering HTML directly rather than using composition.

Where do you store the information about user’s Locale?

Page.Culture

Should Validation occur on Client/Server Side for Date Input?

Both. Client-side reduces extra round-trip. Server-Side ensures prevention against hacking and failure against
automated requests.

HTTP GET and HTTP POST:

As their names imply, both HTTP GET and HTTP POST use HTTP as their underlying protocol. Both of these
methods encode request parameters as name/value pairs in the HTTP request. The GET method creates a
query string and appends it to the script's URL on the server that handles the request. For the POST method,
the name/value pairs are passed in the body of the HTTP request message.

Web Services Discovery:

Even though advertising of a web service is important, it is optional. Web services can be private as well as
public. Depending on the business model, some business-to -business (B2B) services would not normally be
advertised publicly. Instead, the web service owners would provide specific instructions on accessing and
using their service only to the business partner. To advertise web services publicly, authors post discovery
files on the Internet. Potential web services clients can browse to these files for information about how to use
the web services—the WSDL (Web Service Description Language). Think of it as the yellow pages for the
web service. All it does is point you to where the actual web services reside and to the description of those
web services. The process of looking up a service and checking out the service description is called Web
Service discovery. There are two ways of advertising the service: static and dynamic. In both of these, XML
onveys the locations of web services.
Static discovery is easier to understand because it is explicit in nature. If you want to advertise your web
service, you must explicitly create the .disco discovery file and point it to the WSDL.

As opposed to explicitly specifying the URL for all web services your site supports, you can enable dynamic
discovery, which enables all web services underneath a specific URL on your web site to be listed
automatically. For your web site, you might want to group related web services under many different
directories and then provide a single dynamic discovery file in each of the directory.

Web Services and Security:

We incorporate security into web service in two ways: system security and application security. System -level
security allows for restricting access to the web services from unauthorized clients. It is done in a declarative
fashion, whereas application - level security is more flexible. With system-level security, you will most likely
have the list of authorized clients' IP addresses that you will let access your web service through the use of
some configuration - management tools. With application-level security, you will incorporate the authentication
into your web service, thus providing a more flexible configuration.

In system – level security client send a user name and password to web server. This pair can be in plain text
format or in some encrypted format. Once server authenticates the user it can access the services available
to server.

In application – level security mode your web services involves taking security into your own hands. You can
program your web services so that all of their methods require an access token, which can be obtained from
the web service after sending in the client's username and password. The client credentials can be sent to the
server through SSL (Secure Sockets Layer), which eliminates the risk of sending clear-text passwords across
the wire. Through this SSL channel, the server returns an access token to the caller, who can use it to invoke
all other web service methods.

Web Form Events

The first event that happens in the life of a Web Form is the Init event. This is raised so that we can have
initialization code for the page. The controls on the page are not yet created at this point. This event is raised
once for each user of the page.

The Load event follows the Init event. Subsequently, it is raised each time the page is requested. When this
event is raised, all child controls of the Web Form are loaded and accessible. You should be able to retrieve
data and populate the controls so that they can render themselves on the page when sent back to the client.

The PreRender event happens just before the page is rendered and sent back to the client. We don't often
handle this event; however, it depends on the situation.

The last event in the life of a Web Form is the Unload event. This happens when the page is unloaded from
memory. Final cleanup should be done here.

Lifecycle Of A Web Form:

In ASP .NET, the web page starts its life when a client requests a particular page. IIS parses and runs the
scripts on the ASP page to render HTML content. As soon as the page rendering is complete, the page's life
ceases; only the view states of the page persist between requests to the page. These view states allow the
controls on the server to appear as if they are still present to handle server events.

Using Web Services:

In Visual Studio.NET IDE, you can choose Project >> Add Web Reference and then type in the URL where
the web service resides. For example, we'll point to the web service we created on local server, than is
PubsWS (suppose). The URL to this web service on our server is http://localhost/PubsWS/PubsWS.asmx.
After adding the web reference, you can access the proxy object to the web service you are calling via the
type servername.proxyObjectName. For your case, it is localhost.PubsWS.
The following code excerpt demonstrates how to use the web service through the proxy. We create an
instance of the proxy object and then ask it to relay the message to the real web service to get the list of
authors. The result will be streamed back in XML format, which is reconstructed into a DataSet object.

[C#]
localhost.PubsWS ws = new localhost.PubsWS( ); DataSet ds = ws.GetAuthors( );

ASP.NET Session-State Management:

ASP.NET improves upon ASP session-state management by moving to an out-of-process model. By having
all web servers in the farm pointing to a common server that hosts the out-of-process state manager, the web
client can be redirected around the farm without losing the session states. By using an out-of-process model,
we no longer have the problem of losing session states when the IIS process is cycled. This means that if the
web server application crashed for whatever reason and restarted within the session time-out duration, the
web clients could still have all their session states intact. Of course, if the out-of-process state manager
crashed, that is a whole different issue. This leads to the next improvement of ASP.NET—the ability to persist
session state to a database.
There are two levels of configuration: machine and application. Machine-level configuration associates with
the machine.config file stored in WinNT\Microsoft.NET\ Framework\\CONFIG\machine.config, while the
application-level configuration uses the web.config file in the application root directory. The application-level
configuration overrides the machine -level configuration.

Acronyms

CCW COM Callable Wrapper

Common Language Infrastructure. This is a subset of the CLR and base class libraries that
CLI Microsoft has submitted to ECMA so that a third-party vendor can build a .NET runtime on
another platform.
CLR Common Language Runtime
CLS Common Language Specification
COFF Common Object File Format
COM Component Object Model
CTS Common Type System
Discovery of Web Services. A Web Service has one or more. DISCO files that contain
DISCO
information on how to access its WSDL.
DNA Distributed interNet Applications Architecture.
DOM Document Object Model
GDI Graphical Device Interface
GAC Global Assembly Cache
GUID Globally Unique Identifier
HTTP Hyper Text Transfer Protocol
IDL Interface Definition Language
IL Intermediate Language
MSIL Microsoft Intermediate Language
MS-
Microsoft Distributed Transaction Coordinator
DTC
N-Tier Multi-Tier
OLTP Online Transaction Processing
OLAP Online Analytical Processing
PE Portable Executable
RAD Rapid Application Development
RCW Runtime Callable Wrapper
SMTP Simple Mail Transfer Protocol
SOAP Simple Object Access Protocol
TCP Transport Control Protocol
TLB Type Library
UDF Uniform Data Format
UI User Interface
URL Uniform Resource Locator
UDDI Universal Description, Discovery and Integration
WAP Wireless Access Protocol
WSDL Web Services Definition Language
WML Wireless Markup Language
XML Extensible Markup Language

SQL Server

What is normalization? Explain different levels of normalization?

Check out the article Q100139 from Microsoft knowledge base and of
course, there's much more information available in the net. It'll be a
good idea to get a hold of any RDBMS fundamentals text book,
especially the one by C. J. Date. Most of the times, it will be okay
if you can explain till third normal form.

What is denormalization and when would you go for it?

As the name indicates, denormalization is the reverse process of

normalization. It's the controlled introduction of redundancy in to
the database design. It helps improve the query performance as the
number of joins could be reduced.

How do you implement one-to-one, one-to-many and many-to-many

relationships while designing tables?

One-to-One relationship can be implemented as a single table and

rarely as two tables with primary and foreign key relationships.
One-to-Many relationships are implemented by splitting the data into
two tables with primary key and foreign key relationships.
Many-to-Many relationships are implemented using a junction table with
the keys from both the tables forming the composite primary key of the
junction table.

It will be a good idea to read up a database designing fundamentals

text book.

What's the difference between a primary key and a unique key?

Both primary key and unique enforce uniqueness of the column on which
they are defined. But by default primary key creates a clustered index
on the column, where are unique creates a nonclustered index by
default. Another major difference is that, primary key doesn't allow
NULLs, but unique key allows one NULL only.

What are user defined datatypes and when you should go for them?

User defined datatypes let you extend the base SQL Server datatypes by
providing a descriptive name, and format to the database. Take for
example, in your database, there is a column called Flight_Num which
appears in many tables. In all these tables it should be varchar(8).
In this case you could create a user defined datatype called
Flight_num_type of varchar(8) and use it across all your tables.

See sp_addtype, sp_droptype in books online.

What is bit datatype and what's the information that can be stored
inside a bit column?

Bit datatype is used to store boolean information like 1 or 0 (true or

false). Untill SQL Server 6.5 bit datatype could hold either a 1 or 0
and there was no support for NULL. But from SQL Server 7.0 onwards,
bit datatype can represent a third state, which is NULL.

Define candidate key, alternate key, composite key.

A candidate key is one that can identify each row of a table uniquely.
Generally a candidate key becomes the primary key of the table. If the
table has more than one candidate key, one of them will become the
primary key, and the rest are called alternate keys.

A key formed by combining at least two or more columns is called

composite key.

What are defaults? Is there a column to which a default can't be bound?

A default is a value that will be used by a column, if no value is

supplied to that column while inserting data. IDENTITY columns and
timestamp columns can't have defaults bound to them. See CREATE
DEFUALT in books online.
SQL Server architecture (top)

What is a transaction and what are ACID properties?

A transaction is a logical unit of work in which, all the steps must

be performed or none. ACID stands for Atomicity, Consistency,
Isolation, Durability. These are the properties of a transaction.

Explain different isolation levels

An isolation level determines the degree of isolation of data between

concurrent transactions. The default SQL Server isolation level is
Read Committed. Here are the other isolation levels (in the ascending
order of isolation): Read Uncommitted, Read Committed, Repeatable
Read, Serializable.

CREATE INDEX myIndex ON myTable(myColumn)

What type of Index will get created after executing the above statement?

Non-clustered index. Important thing to note: By default a clustered

index gets created on the primary key, unless specified otherwise.

What's the maximum size of a row?

8060 bytes. Don't be surprised with questions like 'what is the

maximum number of columns per table'. Check out SQL Server books
online for the page titled: "Maximum Capacity Specifications".

Explain Active/Active and Active/Passive cluster configurations

Hopefully you have experience setting up cluster servers. But if you

don't, at least be familiar with the way clustering works and the two
clusterning configurations Active/Active and Active/Passive. SQL
Server books online has enough information on this topic and there is
a good white paper available on Microsoft site.

Explain the architecture of SQL Server

This is a very important question and you better be able to answer it

if consider yourself a DBA. SQL Server books online is the best place
to read about SQL Server architecture. Read up the chapter dedicated
to SQL Server Architecture.

What is lock escalation?

Lock escalation is the process of converting a lot of low level locks

(like row locks, page locks) into higher level locks (like table
locks). Every lock is a memory structure too many locks would mean,
more memory being occupied by locks. To prevent this from happening,
SQL Server escalates the many fine-grain locks to fewer coarse-grain
locks. Lock escalation threshold was definable in SQL Server 6.5, but
from SQL Server 7.0 onwards it's dynamically managed by SQL Server.

What's the difference between DELETE TABLE and TRUNCATE TABLE commands?

DELETE TABLE is a logged operation, so the deletion of each row gets

logged in the transaction log, which makes it slow. TRUNCATE TABLE
also deletes all the rows in a table, but it won't log the deletion of
each row, instead it logs the deallocation of the data pages of the
table, which makes it faster. Of course, TRUNCATE TABLE can be rolled
back.

Explain the storage models of OLAP

Check out MOLAP, ROLAP and HOLAP in SQL Server books online for more
infomation.

What are the new features introduced in SQL Server 2000 (or the latest
release of SQL Server at the time of your interview)? What changed
between the previous version of SQL Server and the current version?

This question is generally asked to see how current is your knowledge.

Generally there is a section in the beginning of the books online
titled "What's New", which has all such information. Of course,
reading just that is not enough, you should have tried those things to
better answer the questions. Also check out the section titled
"Backward Compatibility" in books online which talks about the changes
that have taken place in the new version.

What are constraints? Explain different types of constraints.

Constraints enable the RDBMS enforce the integrity of the database

automatically, without needing you to create triggers, rule or defaults.

Types of constraints: NOT NULL, CHECK, UNIQUE, PRIMARY KEY, FOREIGN KEY

For an explanation of these constraints see books online for the pages
titled: "Constraints" and "CREATE TABLE", "ALTER TABLE"

Whar is an index? What are the types of indexes? How many clustered
indexes can be created on a table? I create a separate index on each
column of a table. what are the advantages and disadvantages of this
approach?

Indexes in SQL Server are similar to the indexes in books. They help
SQL Server retrieve the data quicker.
Indexes are of two types. Clustered indexes and non-clustered indexes.
When you create a clustered index on a table, all the rows in the
table are stored in the order of the clustered index key. So, there
can be only one clustered index per table. Non-clustered indexes have
their own storage separate from the table data storage. Non-clustered
indexes are stored as B-tree structures (so do clustered indexes),
with the leaf level nodes having the index key and it's row locater.
The row located could be the RID or the Clustered index key, depending
up on the absence or presence of clustered index on the table.

If you create an index on each column of a table, it improves the

query performance, as the query optimizer can choose from all the
existing indexes to come up with an efficient execution plan. At the
same time, data modification operations (such as INSERT, UPDATE,
DELETE) will become slow, as every time data changes in the table, all
the indexes need to be updated. Another disadvantage is that, indexes
need disk space, the more indexes you have, more disk space is used.

Database administration (top)

What is RAID and what are different types of RAID configurations?

RAID stands for Redundant Array of Inexpensive Disks, used to provide

fault tolerance to database servers. There are six RAID levels 0
through 5 offering different levels of performance, fault tolerance.
MSDN has some information about RAID levels and for detailed
information, check out the RAID advisory board's homepage

What are the steps you will take to improve performance of a poor
performing query?

This is a very open ended question and there could be a lot of reasons
behind the poor performance of a query. But some general issues that
you could talk about would be: No indexes, table scans, missing or out
of date statistics, blocking, excess recompilations of stored
procedures, procedures and triggers without SET NOCOUNT ON, poorly
written query with unnecessarily complicated joins, too much
normalization, excess usage of cursors and temporary tables.

Some of the tools/ways that help you troubleshooting performance

problems are: SET SHOWPLAN_ALL ON, SET SHOWPLAN_TEXT ON, SET
STATISTICS IO ON, SQL Server Profiler, Windows NT /2000 Performance
monitor, Graphical execution plan in Query Analyzer.

Download the white paper on performance tuning SQL Server from

Microsoft web site. Don't forget to check out sql-server-performance.com

What are the steps you will take, if you are tasked with securing an
SQL Server?
Again this is another open ended question. Here are some things you
could talk about: Preferring NT authentication, using server, database
and application roles to control access to the data, securing the
physical database files using NTFS permissions, using an unguessable
SA password, restricting physical access to the SQL Server, renaming
the Administrator account on the SQL Server computer, disabling the
Guest account, enabling auditing, using multiprotocol encryption,
setting up SSL, setting up firewalls, isolating SQL Server from the
web server etc.

Read the white paper on SQL Server security from Microsoft website.
Also check out My SQL Server security best practices

What is a deadlock and what is a live lock? How will you go about
resolving deadlocks?

Deadlock is a situation when two processes, each having a lock on one

piece of data, attempt to acquire a lock on the other's piece. Each
process would wait indefinitely for the other to release the lock,
unless one of the user processes is terminated. SQL Server detects
deadlocks and terminates one user's process.

A livelock is one, where a request for an exclusive lock is

repeatedly denied because a series of overlapping shared locks keeps
interfering. SQL Server detects the situation after four denials and
refuses further shared locks. A livelock also occurs when read
transactions monopolize a table or page, forcing a write transaction
to wait indefinitely.

Check out SET DEADLOCK_PRIORITY and "Minimizing Deadlocks" in SQL

Server books online. Also check out the article Q169960 from Microsoft
knowledge base.

What is blocking and how would you troubleshoot it?

Blocking happens when one connection from an application holds a lock

and a second connection requires a conflicting lock type. This forces
the second connection to wait, blocked on the first.

Read up the following topics in SQL Server books online: Understanding

and avoiding blocking, Coding efficient transactions.

Explain CREATE DATABASE syntax

Many of us are used to creating databases from the Enterprise Manager

or by just issuing the command: CREATE DATABAE MyDB. But what if you
have to create a database with two filegroups, one on drive C and the
other on drive D with log on drive E with an initial size of 600 MB
and with a growth factor of 15%? That's why being a DBA you should be
familiar with the CREATE DATABASE syntax. Check out SQL Server books
online for more information.

How to restart SQL Server in single user mode? How to start SQL Server
in minimal configuration mode?

SQL Server can be started from command line, using the SQLSERVR.EXE.
This EXE has some very important parameters with which a DBA should be
familiar with. -m is used for starting SQL Server in single user mode
and -f is used to start the SQL Server in minimal confuguration mode.
Check out SQL Server books online for more parameters and their
explanations.

As a part of your job, what are the DBCC commands that you commonly
use for database maintenance?

DBCC CHECKDB, DBCC CHECKTABLE, DBCC CHECKCATALOG, DBCC CHECKALLOC,

DBCC SHOWCONTIG, DBCC SHRINKDATABASE, DBCC SHRINKFILE etc. But there
are a whole load of DBCC commands which are very useful for DBAs.
Check out SQL Server books online for more information.

What are statistics, under what circumstances they go out of date, how
do you update them?

Statistics determine the selectivity of the indexes. If an indexed

column has unique values then the selectivity of that index is more,
as opposed to an index with non-unique values. Query optimizer uses
these indexes in determining whether to choose an index or not while
executing a query.

Some situations under which you should update statistics:

1) If there is significant change in the key values in the index
2) If a large amount of data in an indexed column has been added,
changed, or removed (that is, if the distribution of key values has
changed), or the table has been truncated using the TRUNCATE TABLE
statement and then repopulated
3) Database is upgraded from a previous version

Look up SQL Server books online for the following commands: UPDATE
STATISTICS, STATS_DATE, DBCC SHOW_STATISTICS, CREATE STATISTICS, DROP
STATISTICS, sp_autostats, sp_createstats, sp_updatestats

What are the different ways of moving data/databases between servers

and databases in SQL Server?

There are lots of options available, you have to choose your option
depending upon your requirements. Some of the options you have are:
BACKUP/RESTORE, detaching and attaching databases, replication, DTS,
BCP, logshipping, INSERT...SELECT, SELECT...INTO, creating INSERT
scripts to generate data.
Explian different types of BACKUPs avaialabe in SQL Server? Given a
particular scenario, how would you go about choosing a backup plan?

Types of backups you can create in SQL Sever 7.0+ are Full database
backup, differential database backup, transaction log backup,
filegroup backup. Check out the BACKUP and RESTORE commands in SQL
Server books online. Be prepared to write the commands in your
interview. Books online also has information on detailed
backup/restore architecture and when one should go for a particular
kind of backup.

What is database replicaion? What are the different types of

replication you can set up in SQL Server?

Replication is the process of copying/moving data between databases on

the same or different servers. SQL Server supports the following types
of replication scenarios:

• Snapshot replication
• Transactional replication (with immediate updating subscribers,
with queued updating subscribers)
• Merge replication

See SQL Server books online for indepth coverage on replication. Be

prepared to explain how different replication agents function, what
are the main system tables used in replication etc.

How to determine the service pack currently installed on SQL Server?

The global variable @@Version stores the build number of the

sqlservr.exe, which is used to determine the service pack installed.
To know more about this process visit SQL Server service packs and
versions.

Database programming (top)

What are cursors? Explain different types of cursors. What are the
disadvantages of cursors? How can you avoid cursors?

Cursors allow row-by-row prcessing of the resultsets.

Types of cursors: Static, Dynamic, Forward-only, Keyset-driven.

Disadvantages of cursors: Each time you fetch a row from the cursor,
it results in a network roundtrip, where as a normal SELECT query
makes only one roundtrip, however large the resultset is. Cursors are
also costly because they require more resources and temporary storage
(results in more IO operations). Further, there are restrictions on
the SELECT statements that can be used with some types of cursors.
Most of the times, set based operations can be used instead of
cursors. Here is an example:

If you have to give a flat hike to your employees using the following
criteria:

Salary between 30000 and 40000 -- 5000 hike

Salary between 40000 and 55000 -- 7000 hike
Salary between 55000 and 65000 -- 9000 hike

In this situation many developers tend to use a cursor, determine each

employee's salary and update his salary according to the above
formula. But the same can be achieved by multiple update statements or
can be combined in a single UPDATE statement as shown below:

UPDATE tbl_emp SET salary =

CASE WHEN salary BETWEEN 30000 AND 40000 THEN salary + 5000
WHEN salary BETWEEN 40000 AND 55000 THEN salary + 7000
WHEN salary BETWEEN 55000 AND 65000 THEN salary + 10000
END

Another situation in which developers tend to use cursors: You need to

call a stored procedure when a column in a particular row meets
certain condition. You don't have to use cursors for this. This can be
achieved using WHILE loop, as long as there is a unique key to
identify each row. For examples of using WHILE loop for row by row
processing, check out the 'My code library' section of my site or
search for WHILE.

Write down the general syntax for a SELECT statements covering all the
options.

Here's the basic syntax: (Also checkout SELECT in books online for
advanced syntax).

SELECT select_list
[INTO new_table_]
FROM table_source
[WHERE search_condition]
[GROUP BY group_by__expression]
[HAVING search_condition]
[ORDER BY order__expression [ASC | DESC] ]

What is a join and explain different types of joins.

Joins are used in queries to explain how different tables are related.
Joins also let you select data from a table depending upon data from
another table.
Types of joins: INNER JOINs, OUTER JOINs, CROSS JOINs. OUTER JOINs are
further classified as LEFT OUTER JOINS, RIGHT OUTER JOINS and FULL
OUTER JOINS.

Can you have a nested transaction?

Yes, very much. Check out BEGIN TRAN, COMMIT, ROLLBACK, SAVE TRAN and
@@TRANCOUNT

What is an extended stored procedure? Can you instantiate a COM object

by using T-SQL?

An extended stored procedure is a function within a DLL (written in a

programming language like C, C++ using Open Data Services (ODS) API)
that can be called from T-SQL, just the way we call normal stored
procedures using the EXEC statement. See books online to learn how to
create extended stored procedures and how to add them to SQL Server.

Yes, you can instantiate a COM (written in languages like VB, VC++)
object from T-SQL by using sp_OACreate stored procedure. Also see
books online for sp_OAMethod, sp_OAGetProperty, sp_OASetProperty,
sp_OADestroy. For an example of creating a COM object in VB and
calling it from T-SQL, see 'My code library' section of this site.

What is the system function to get the current user's user id?

USER_ID(). Also check out other system functions like USER_NAME(),

SYSTEM_USER, SESSION_USER, CURRENT_USER, USER, SUSER_SID(),
HOST_NAME().

What are triggers? How many triggers you can have on a table? How to
invoke a trigger on demand?

Triggers are special kind of stored procedures that get executed

automatically when an INSERT, UPDATE or DELETE operation takes place
on a table.

In SQL Server 6.5 you could define only 3 triggers per table, one for
INSERT, one for UPDATE and one for DELETE. From SQL Server 7.0
onwards, this restriction is gone, and you could create multiple
triggers per each action. But in 7.0 there's no way to control the
order in which the triggers fire. In SQL Server 2000 you could specify
which trigger fires first or fires last using sp_settriggerorder

Triggers can't be invoked on demand. They get triggered only when an

associated action (INSERT, UPDATE, DELETE) happens on the table on
which they are defined.
Triggers are generally used to implement business rules, auditing.
Triggers can also be used to extend the referential integrity checks,
but wherever possible, use constraints for this purpose, instead of
triggers, as constraints are much faster.

Till SQL Server 7.0, triggers fire only after the data modification
operation happens. So in a way, they are called post triggers. But in
SQL Server 2000 you could create pre triggers also. Search SQL Server
2000 books online for INSTEAD OF triggers.

Also check out books online for 'inserted table', 'deleted table' and
COLUMNS_UPDATED()

There is a trigger defined for INSERT operations on a table, in an

OLTP system. The trigger is written to instantiate a COM object and
pass the newly insterted rows to it for some custom processing. What
do you think of this implementation? Can this be implemented better?

Instantiating COM objects is a time consuming process and since you

are doing it from within a trigger, it slows down the data insertion
process. Same is the case with sending emails from triggers. This
scenario can be better implemented by logging all the necessary data
into a separate table, and have a job which periodically checks this
table and does the needful.

What is a self join? Explain it with an example.

Self join is just like any other join, except that two instances of
the same table will be joined in the query. Here is an example:
Employees table which contains rows for normal employees as well as
managers. So, to find out the managers of all the employees, you need
a self join.

CREATE TABLE emp

(
empid int,
mgrid int,
empname char(10)
)

INSERT emp SELECT 1,2,'Vyas'

INSERT emp SELECT 2,3,'Mohan'
INSERT emp SELECT 3,NULL,'Shobha'
INSERT emp SELECT 4,2,'Shridhar'
INSERT emp SELECT 5,2,'Sourabh'

SELECT t1.empname [Employee], t2.empname [Manager]

FROM emp t1, emp t2
WHERE t1.mgrid = t2.empid
Here's an advanced query using a LEFT OUTER JOIN that even returns the
employees without managers (super bosses)

SELECT t1.empname [Employee], COALESCE(t2.empname, 'No manager') [Manager]

FROM emp t1
LEFT OUTER JOIN
emp t2
ON
t1.mgrid = t2.empid

- How do you manage session in ASP and ASP.NET

- How do you handle session management in ASP.NET and how do you implement them.
How do you handle in case of SQLServer mode.
- What are different authentication types. How do you retreive user id in case of
windows authentication
- For a server control, you need to have same properties like color maxlength, size, and
allowed character throughout the application. How do you handle this.
- What is custom control. What is the difference between custom control and user
control
- What is the syntax for datagrid and specifying columns
- How do you add a javascript function for a link button in a datagrid.
- Does C# supports multi-dimensional arrays
- How to transpose rows into columns and columns into rows in a multi-dimensional
array
- What are object oriented concepts
- How do you create multiple inheritance in C#
- ADO and ADO.NET differences
- Features and disadvantages of dataset
- What is the difference between and ActiveX dll and control
- How do you perform validations
- What is reflection and disadvantages of reflection
- What is boxing and how it is done internally
- Types of authentications in IIS
- What are the security issues if we send a query from the application
- Difference between ByVal and ByRef
- Disadvantages of COM components

- How do we invoke queries from the application

- What is the provider and namespaces being used to access oracle database
- How do you load XML document and perform validation of the document
- How do you access elements in XML document
- What is ODP.NET
- Types of session management in ASP.NET
- Difference between datareader and dataset
- What are the steps in connecting to database
- How do you register a .NET assembly
- Usage of web.config
- About remoting and web services. Difference between them
- Caching techniques in .NET
- About CLS and CTS
- Is overloading possible in web services
- Difference between .NET and previous version
- Types of chaching. How to implement caching
- Features in ASP.NET
- How do you do validations. Whether client-side or server-side validations are better
- How do you implement multiple inheritance in .NET
- Difference between multi-level and multiple inheritance
- Difference between dataset and datareader
- What are runtime hosts
- What is an application domain
- What is viewstate
- About CLR, reflection and assemblies
- Difference between .NET components and COM components
- What does assemblyinfo.cs consists
- Types of objects in ASP

#61607; Database

- What are the blocks in stored procedure

- How do you handle exceptions. Give the syntax for it
- What is normalization and types of normalization
- When would you denormalize
- Difference between a query and strored procedure
- What is clustered and non-clustered indexes
- Types of joins
- How do you get all records from 2 tables. Which join do you use
- Types of optimization
- Difference between inline query and stored procedure

Difference between VB dll and assemblies in .NET

- What is machine.config and web.config
- Tell about WSDL
- About web methods and its various attributes
- What is manifest
- Types of caching
- What does connection string consists of
- Where do you store connection string
- What is the difference between session state and session variables
- How do you pass session values from one page to another
- What are WSDL ports
- What is dataset and tell about its features. What are equivalent methods of previous,
next etc. Of ADO in ADO.NET
- What is abstract class
- What is difference between interface inheritance and class inheritance
- What are the collection classes
- Which namespace is used for encryption
- What are the various authentication mechanisms in ASP.NET
- What is the difference between authentication and autherization
- What are the types of threading models
- How do you send an XML document from client to server
- How do you create dlls in .NET
- What is inetermediate language in .NET
- What is CLR and how it generates native code
- Can we store PROGID informatoin in database and dynamically load the component
- Is VB.NET object oriented? What are the inheritances does VB.NET support.
- What is strong name and what is the need of it
- Any disadvantages in Dataset and in reflection
- Advantage of vb.net over vb
- What is runtime host
- How to send a DataReader as a parameter to a remote client
- How do you consume a webservice
- What happens when a reference to webservice is added
- How do you reference to a private & shared assembly
- What is the purpose of System.EnterpriseServices namespace
- About .Net remoting
- Difference between remoting and webservice
- Types of statemanagement techniques
- How to register a shared assembly
- About stateless and statefull webservice
- How to invoke .net components from com components,give the sequence
- How to check null values in dataset
- About how soap messages are sent and received in webservice
- Error handling and how this is done
- Features in .net framework 1.1
- Any problem found in vs.et
- Optimization technique description
- About disco and uddi
- What providers does ado.net uses internally
- Oops concepts
- Disadvantages of vb
- XML serialization
- What providers do you use to connect to oracle database?
- About .NET Framework
- About Assembly in .NET, types of assemblies, their difference, How to register into
GAC. How to generate the strong names & its use.
- What is side by side Execution?
- What is serialization?
- Life cycle of ASP.NET page when a request is made.
- If there is submit button in a from tell us the sequence what happens if submit is
clicked and in form action is specified as some other page.
- About a class access specifiers and method access specifiers.
- What is overloading and how can this be done.
- How to you declare connection strings and how to you make use of web.config.
- How many web.copnfig can exists in a web application & which will be used.
- About .NET Remoting and types of remoting
- About Virtual functions and their use.
- How do you implement Inheritance in dot net
- About ado.net components/objects. Usage of data adapters and tell the steps to
retrieve data.
- What does CLR do as soon as an assembly is created
- How do you retrieve information from web.config.
- How do you declare delegates and are delegates and events one and the same and
explain how do you declare delegates and invoke them.
- If I want to override a method 1 of class A and in class b then how do you declare?
- What does CLR do after the IL is generated and machine language is generated .Will it
look for main method
- About friend and Protected friend
- About multi level and multiple inheritance how to achieve in .net
- Sequence to connect and retrieve data from database useig dataset
- About sn.exe
- What was the problem in traditional component why side by side execution is
supported in .net
- How .net assemblies are registred as private and shared assembly
- All kind of access specifiers for a class and for methods
- On ODP.net
- Types of assemblies that can be created in dotnet
- About namespaces
- OOPs concept
- More on CLR

Impersonation is the process of assigning a user account to an unknown user

Windows integrated authentication. Identifies and authorizes users based on the server' s users list.
Access to resources on the server is then granted or denied based on the user account' s privileges.
This works the same way as regular Windows network security.

Forms authentication. Directs users to a logon Web form that collects user name and password
information, and then authenticates the user against a user list or database that the application
maintains.

Passport authentication. Directs new users to a site hosted by Microsoft so that they can register a
single user name and password that will authorize their access to multiple Web sites. Existing users are
prompted for their Passport user name and password, which the application then authenticates from the
Microsoft Passport user list.

Use this type of

Application type Description
authentication
This is the common access method for most Web sites. No
Public Internet
Anonymous logon is required and you secure restricted resources using
Web application
NTFS file permissions.
Windows authentication authenticates network users
Intranet WebWindows through the domain controller. Network users have access to
application integrated Web application resources as determined by their user
privileges on the server.
Corporate users can access the Web application using their
Private corporateWindows corporate network user names and passwords. User
Web application integrated accounts are administered using the Windows network
security tools.
Applications that need to collect shipping and billing
Commercial Web
Forms information should implement Forms authentication to
application
gather and store customer information.
Passport authentication allows users to sign in once through
Multiple a central authority. The user' s identity is then available to
commercial WebPassport any application using the Passport SDK. Customer
applications information is maintained in a Passport Profile, rather than
in a local database.
Storing Session State InProc

To store session state in the ASP.NET worker process, select InProc from the session state
mode control. Your application will retrieve and store session information very quickly, but it
will be available only to your application (and not on a Web form).

Storing Session State in a State Server

To have ASP.NET store session state on another server on your network, select StateServer
from the SessionState mode control. When you select this item, the dialog box will enable the
Connection String text box and the network timeout text box. Insert the protocol, IP address,
and port for the state server in the Connection String text box. For example, the string:

tcpip=127.0.0.1:42424

will store the session state on the local machine over port 42424. If you want to store the
session state on a machine other than your local server, change the IP address. Before session
state is stored on a machine, you need to make sure the ASP.NET state server is running on that
machine. You may get to it via the Services panel under the control panel.

Storing Session State in a Database

The final option for storing session state is to use a SQL Server database. Select SQLServer
from the ASP.NET session state mode combo box. You'll be asked to enter the connection
string to the SQL Server state database. Here's the string they provide by default:

data source=127.0.0.1;Integrated Security=SSPI

You may point ASP.NET so it references a database on another machine. Of course, you need
to have SQL Server installed on the target machine to make this work. In addition, you'll find
some SQL scripts to create the state databases in your .NET system directory
(C:\WINDOWS\[[<img src="images/shy.gif"/>]]Microsoft.NET\Framework\v2.0.50215 on
this machine at the time of this writing). The Aspnet_regsql.exe tool will set up the databases
for you.

Caching

At the outset, turning on output caching is easy. To set up caching, place the OutputCache
directive on the page. It's a separate directive, like the Page directive. The OutputCache
directive enables caching and provides certain control over its behavior. The following exercise
introduces caching output.For pages that are expensive to generate and that don't change very
often, caching the content represents an enormous performance boost for your Web site—
especially as the number of clients increases.

Serialization is a process of taking an object and converting into a form so that it can be
transported across the network or can be persisted in the storage location. This storage
location can be physical file, database or ASP.NET Cache. The form contains the state of
the object so that by this format, we can construct the same object a later point in time,
which is called Deserialization.

There are three formats of serialization

Binary Serialization : Light andcompact used in Remoting

SOAP Serialization :interoperableuse SOAP and used in web Services
XML Serialization :Custom Serialization

Introduction

Serialization in .NET allows the programmer to take an instance of an object and convert it into a
format that is easily transmittable over the network, or even stored in a database or file system.
This object will actually be an instance of a custom type, including any properties or fields you may
have set.

A few examples I can think of include the ability to send an instance of your object to another portion of
a local or remote application, such as over a Web service. Another example of when to choose to
serialize objects is for data within objects that would normally be stored in a database, but these pieces
of data do not need to be stored individually (their own fields in your tables). Streamline the database
design by only holding those pieces of data for each record you need to query on, and the rest of the
pieces can simply be serialized within a custom type and stored as a complete object within the
database.

Let's take a scheduling object as an example. The scheduling object, enables an application to trigger
events based on a very specific schedule. There could be numerous settings involved when building
this, such as intervals, date and time restrictions, etc. Normally each piece of data would require the
creation of a separate field in your table, when really the only important piece of information is the exact
date/time when the next event should be triggered. Instead, serialize this entire scheduling object, and
save that into the database, along with the one piece of information that is needed, the next event
date/time. This cuts down the entire database schema to about three fields, not to mention the time
saved from writing complex Save and Load methods.

This article covers the two formats in which you can serialize objects to --: XML or binary -- and the
many advantages/disadvantages of each. It also covers the two ways that one can serialize, Basic and
Custom. And, finally, the article will end with a sample project demonstrating how to send a custom
object over the wire with Web Services.

This piece focuses on the .NET Framework's System.Runtime.Serialization namespace (see

http://msdn.microsoft.com/library/en-us/cpref/html/frlrfSystemRuntimeSerialization.asp).

The first step in any serialization process is to take the instance of the object and convert it to a memory
stream. From there we have the ability to perform any number of operations with (file IO, database IO,
etc.). Examine Figure 1.1 (below) which demonstrates four methods for performing serialization,
including serializing and de-serializing in binary format, and the same in XML format. The next section
will cover the differences between binary and XML serialization.

Figure 1.1 Core Serialization Methods

#region Binary Serializers

public static System.IO.MemoryStream SerializeBinary(object request) {
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter serializer =
new System.Runtime.Serialization.Formatters.Binary.BinaryFormatter();
System.IO.MemoryStream memStream = new System.IO.MemoryStream();
serializer.Serialize(memStream, request);
return memStream;
}

public static object DeSerializeBinary(System.IO.MemoryStream memStream) {

memStream.Position=0;
System.Runtime.Serialization.Formatters.Binary.BinaryFormatter deserializer =
new System.Runtime.Serialization.Formatters.Binary.BinaryFormatter();
object newobj = deserializer.Deserialize(memStream);
memStream.Close();
return newobj;
}
#endregion

#region XML Serializers

public static System.IO.MemoryStream SerializeSOAP(object request) {

System.Runtime.Serialization.Formatters.Soap.SoapFormatter serializer =
new System.Runtime.Serialization.Formatters.Soap.SoapFormatter();
System.IO.MemoryStream memStream = new System.IO.MemoryStream();
serializer.Serialize(memStream, request);
return memStream;
}

public static object DeSerializeSOAP(System.IO.MemoryStream memStream) {

object sr;
System.Runtime.Serialization.Formatters.Soap.SoapFormatter deserializer =
new System.Runtime.Serialization.Formatters.Soap.SoapFormatter();
memStream.Position=0;
sr = deserializer.Deserialize(memStream);
memStream.Close();
return sr;
}
#endregion

Whenever you want an object to be able to be serialized, mark it as [Serializable()], with a custom
attribute on the class (http://msdn.microsoft.com/library/en-
us/cpref/html/frlrfsystemserializableattributeclasstopic.asp). In the same solution provided here, the
"Schedule" class in the "Serialization" project, you will see this attribute in use. Also consider the field
attribute named "[NonSerialized()]" (see http://msdn.microsoft.com/library/en-
us/cpref/html/frlrfsystemnonserializedattributeclasstopic.asp). It can be applied to any field from within
your class to prevent it from being serialized. This would be useful if you had a variable within the class
that was not needed or you did not want to have serialized into the final product. Simply add the
NonSerialized() attribute to that variable because the system will not automatically serialize it for you.

Keep in mind that the [Serializable()] attribute applies to the class entirely. So if you want the entire
class to be able to support serialization, you must add that attribute, where the [NonSerialized()]
attribute applies to the fields within a class that is marked as [Serializable()]. Note that using the
[NonSerialized()] is sometimes called "Selective Serialization."

Lastly, note that in order to use the System.Runtime.Serialization.Formatters.Soap.SoapFormatter, you

must add a reference to the System.Runtime.Serialization.Formatters.Soap.dll.
Before proceeding, take time to look over our Schedule class listed in Figure 1.2 (below).

Figure 1.2 Schedule Class

using System;

namespace FifteenSeconds {
/// <summary>
/// Allow us to represent a schedule
/// </summary>
[Serializable()]
public class Schedule {
protected System.DateTime start;
protected System.DateTime end;

//number of milliseconds to increment @ each interval

protected long interval;

public System.DateTime Start {get{return start;}set{start=value;}}

public System.DateTime End {get{return end;}set{end=value;}}
public long Interval {get{return interval;}set{interval=value;}}
public Schedule(System.DateTime Start, System.DateTime End, long Interval) {
start=Start;
end=End;
interval=Interval;
}
//return the next runtime, and if the schedule has ended, return the end time
public System.DateTime NextRunTime {
get {
System.TimeSpan ts = new System.TimeSpan(end.Ticks-System.DateTime.Now.Ticks);
if(ts.Milliseconds>0) {
//our end time is in the future still
return System.DateTime.Now.AddMilliseconds(interval);
} else {
return end;
}
}
}
}

This is the class referred to in the remainder of this article.

Download code for this article

Binary vs. XML Serialization

As demonstrated above, the choice between XML and Binary serialization is not dependent on the
actual implementation of the code. Both methods are very easy to implement. Consider the advantages
offered by both.

Advantages of Binary Serialization

 1. All members, no matter if they are read-only will be serialized.
2. Greater performance*

Advantages of XML Serialization

1. Greater flexibility of object sharing and usage (interoperability)

2. No strict binary dependence
3. Human readable

After reviewing the code in Figure 1.1, notice that serialization in either binary or XML simply depends
only on choosing your Formatter. Also notice that the difference between serialization and
deserialization is the difference between calling the Serialize() method or the Deserialize() method with
the appropriate parameters. The above code can easily be copied into any of your applications as is; it
will be the core of most of your serialization needs. Consider taking a look at the attached ZIP file for
this article. I have included those methods listed above, along with a few other methods.

*I have included a spreadsheet that shows my test results for groups of iterations of Basic Serialization.
Also take a look at the "SpeedTests" project in the solution, which you can use to run your own tests.
For one simple iteration to serialize it was more than 1,000 percent faster to use binary serialization
over XML, and for deserialization it was only 380 percent faster.

Basic Serialization vs. Custom

The .NET Framework provided the ability to perform serialization in two ways. Keep in mind that
"performing" serialization is not the same as the "format" in which we serialize. Performing serialization
refers to the actual way in which to instruct Framework to take our object and pack it into the final result
of the serialization, regardless of the format (see section on Binary vs. XML Serialization, above). The
easiest way is to allow Framework to automatically serialize the object on its own; this is typically called
"Basic Serialization." Basic Serialization only requires that your object has the [Serializable()] class
attribute. Framework will take your class and convert it to the given formatter used. The only control you
have over this process is by using the [NonSerialized()] field attributes to stop any field from being
serialized. You do not have any control over exactly how each item in your class is serialized.

If you desire greater control, then move into the world of "Custom Serialization." This is where you can
specify exactly which items will be serialized, and exactly how it will be done. In the sample solution
provided, I have created a class named "ScheduleCustom" to demonstrate exactly how this is done.

When using Basic Serialization, versioning your objects plays a major role. To serialize our schedule
object to disk, and then change that object (for example, by adding an additional field), will lead to
problems with deserialization. The error will be similar to:

"Wrong number of Members. Object FifteenSeconds.Schedule has 4 members, number of members

deserialized is 3."

If you do run into this issue, consider changing to Custom Serialization. Since you are exactly specifying
how to handle all members of your class during the serialization process, you can avoid these
versioning problems.

Custom Serialization

The first thing we must do is obviously mark our class as [Serializable()]. Next, our class must
implement the System.Runtime.Serialization.ISerializable interface
(http://msdn.microsoft.com/library/en-
us/cpref/html/frlrfSystemRuntimeSerializationISerializableClassTopic.asp). So our class definition looks
like:

[Serializable()]
public class ScheduleCustom : System.Runtime.Serialization.ISerializable {

Within this interface we see the following single method:

void GetObjectData(SerializationInfo info, StreamingContext context);

In order for our class to satisfy supporting the interface, we must also implement this GetObjectData()
method:

public void GetObjectData(SerializationInfo info,StreamingContext context) {

//use the info object to add the items you want serialized
info.AddValue("start", start);
info.AddValue("end", end);
info.AddValue("interval", interval);
}

Given this extremely simple demonstration you may not be able to see the actual power of using
Custom Serialization, so I will add to the class to demonstrate the flexibility it adds to your serialization
needs.

If we were to examine the output of the "start" DateTime value during the serialization process, we
would see it default to the Framework DateTime format:

2002-08-19T14:09:13.3457440-07:00

If you plan on sharing this object with others who are not using the .NET Framework and are
internationally distributed, it may be wise to represent the DateTime value in Greenwich Mean Time
(GMT). Let's modify the GetObjectData() method to convert "start" and "end" times into GMT.

public void GetObjectData(SerializationInfo info,StreamingContext context) {

//use the info object to add the items you want serialized
//in order for better partnering we will convert our times to GMT times
//"Universal Time" AKA "Coordinated Universal Time" AKA GMT
info.AddValue("start", System.TimeZone.CurrentTimeZone.ToUniversalTime(start));
info.AddValue("end", System.TimeZone.CurrentTimeZone.ToUniversalTime(end));
info.AddValue("interval", interval);
info.AddValue("timeformat", "utc");
}

Now the "start" time, when serialized, will be in the GMT format of:

8/19/2002 9:09:13 PM

Also notice the additional property I added named "timeformat". This item will be used later for us to
determine which type of DateTime formats were used for the serialization process.

Also consider other formats for outputting the dates. Consider what the
System.Globalization.DateTimeFormatInfo could offer, or even converting the DateTime to time since
Unix epoch (January 1, 1970, see http://www.wikipedia.com/wiki/Unix_epoch) for easier integration with
non-Microsoft platforms. You could add an optional property to our class to indicate which type of format
the DateTime will be in once it has been serialized, of course indicate this by using the "timeformat"
value we added to the items being serialized.

Custom Deserialization

If you want to allow your object to be deserialized in a custom manner, use a custom constructor. The
definition of this constructor looks similar to:

public ScheduleCustom (SerializationInfo info,StreamingContext context) {}

As usual, you must implement this method. For our schedule class, our implementation will convert the
UTC time back into a local DateTime format.

public ScheduleCustom (SerializationInfo info,StreamingContext context) {

//let's bring back our date/times into local times
this.start = info.GetDateTime("start").ToLocalTime();
this.end = info.GetDateTime("end").ToLocalTime();
this.interval = info.GetInt32("interval");
}

As I indicated in the Custom Serialization process previously, the additional item "timeformat" could be
used to specify exactly how you would convert the serialized time into the DateTime needed for the
local object. But since this example simply covers the conversion to and from UTC, our task is very
easy.

Serialization with Web Services

When learning a new aspect of technology, it's useful to see that technology in use. In this section we
will create one Web Service with two methods. The first method will enable Framework to return our
custom serialized schedule object in binary format. The second method will return the same object in
XML format. This example will be a quick one because we will build on top of the foundation we already
built. In my solution, I have simply added a new C# Web Service project, with a reference to our
"serialization" project. We will next add the two methods as described above.

FifteenSeconds.ScheduleCustom customSchedule =
new FifteenSeconds.ScheduleCustom(System.DateTime.Now, System.DateTime.Now.AddHours(5),
10000);

[WebMethod]
public byte[] Get_Binary_Schedule() {
return FifteenSeconds.Serializer.Serialize( customSchedule,
FifteenSeconds.Serializer.SerializationFormat.Binary).ToArray();
}
[WebMethod]
public string Get_XML_Schedule() {
return FifteenSeconds.Serializer.ConvertStreamToString
(FifteenSeconds.Serializer.Serialize( customSchedule,
FifteenSeconds.Serializer.SerializationFormat.Xml));
}

Notice both methods are using the same instance of the FifteenSeconds.ScheduleCustom object and
simply return back either the byte[], in the case of the binary transfer, or the string, in the case of the
XML. Don't forget Framework will automatically serialize your objects for you, simply by having the
return type on your method your custom type. But what happens if you need to send a collection of
somewhat unrelated objects over the wire? It really depends on your needs and your imagination. Take
time now to review the project named "Serialization" in the solution. It also has a few methods that you
may find useful if you ever need to serialize these objects to a file on your disk.

Assembly :
An assembly is the smallest unit that you use to define the version of an application. The version of an assembly
determines the version of the types and the other resources that it contains. The .NET Framework allows the
execution of multiple versions of the same assembly on the same machine. The side-by-side execution of
assemblies overcomes the problem known as "DLL hell," which is one of the major problems associated with COM
applications.

DLL:
A Dynamic Link Library (DLL) is a file that is loaded at runtime, and its functions linked
dynamically at that time. This allows for multiple applications that use the same library functions
to all share one DLL, and if the code in the DLL needs to be fixed, the DLL can be replaced, and all
applications that use it will get the benefit of the update. Static libraries are different from
DLLs in that each application gets its own copy of the functions, and they are embedded into the Exe
at compile/link time. If the library functions need to be fixed, every application that uses them
must be recompiled to get the fixes.