What is Multitier architecture?

is a client-server architecture in which prasentation, application processing, data management are

logically separate the process

Example : an application that uses middleware to service data requests between a user database.

Next

What is MVC architecture ?

Model View Controller architecture aims to separate an application into three parts:

Model: It is the business logic of an application. From an object oriented perspective it would consist of
a set of classes that implement the critical functionality of an application from a business point of view.

View: It can consist of every type of interface given to the user. In ASP.NET the view is the set of web
pages presented by a web application.

Controller: This part of the architecture is the most difficult to explain, hence the most difficult to
implement in many platforms. The controller is the object that allows the manipulation of the view.
Usually many applications implement Model-Controller tiers that contain the business logic along with
the necessary code to manipulate a user interface. In an ASP.NET application the controller is implicitly
represented by the code-behind or the server side code that generates the HTML presented to the user.

Next

What is CLR?

When the .NET program is compiled, the output of the compiler is not an executable file but a file that
contains a special type of code called the Microsoft Intermediate Language (MSIL, now called CIL,
Common Intermediate Language). This MSIL defines a set of portable instructions that are independent
of any specific CPU. It's the job of the CLR to translate this Intermediate code into a executable code
when the program is executed making the program to run in any environment for which the CLR is
implemented. And that's how the .NET Framework achieves Portability. This MSIL is turned into
executable code using a JIT (Just In Time) complier. The process goes like this, when .NET programs are
executed, the CLR activates the JIT complier. The JIT complier converts MSIL into native code on a
demand basis as each part of the program is needed. Thus the program executes as a native code even
though it is compiled into MSIL making the program to run as fast as it would if it is compiled to native
code but achieves the portability benefits of MSIL.
Next

What is Rich Internet application

A Rich Internet Application (RIA) is a Web application that has many of the characteristics of desktop
applications, typically delivered either by way of a site-specific browser, via a browser plug-in,
independent sandboxes, or virtual machines.[1] Adobe Flash, Java, and Microsoft Silverlight are
currently the three most common platforms, with penetration rates around 99%, 80%, and 54%
respectively (as of July 2010).[2] Although new Web standards have emerged, they still use the
principles behind RIAs.

Next

What is Abstract Classes?

Abstract classes are closely related to interfaces. They are classes that cannot be instantiated, and are
frequently either partially implemented, or not at all implemented. One key difference between abstract
classes and interfaces is that a class may implement an unlimited number of interfaces, but may inherit
from only one abstract (or any other kind of) class. A class that is derived from an abstract class may still
implement interfaces. Abstract classes are useful when creating components because they allow you
specify an invariant level of functionality in some methods, but leave the implementation of other
methods until a specific implementation of that class is needed. They also version well, because if
additional functionality is needed in derived classes, it can be added to the base class without breaking
code.

An abstract class is denoted in Visual Basic by the keyword MustInherit. In C#, the abstract modifier is
used. Any methods that are meant to be invariant may be coded into the base class, but any methods
that are to be implemented are marked in Visual Basic with the MustOverride modifier. In C#, the
methods are marked abstract. The following example shows an abstract class:

Next

What is delegate and its features

Delegate in C# is similar to a function pointer in C or C++. A delegate is simply a type that references a
method inside a delegate object .Once we assigned delegate to a method its behaves same as the
method. We can use used this method like any other method with parameters and a return value. The
delegate object can then be passed to code which can call the referenced method without having to
know at compile time which method will be invoked.With the h elp of delegate we can programmatically
change method calls, and also plug new code into existing classes.There are some features of delegate

1 delegates allow methods to be passed as parameters.

2 Delegates can be used to define callback methods.

3 Delegates are similar to C plus function pointers, but are type safe.

4 multiple methods can be called on a single event.

5 Methods donot need to match the delegate signature exactly.

Next

What is Partial Classes and Methods?

It is possible to split the definition of a class or a struct, or an interface over two or more source files.
Each source file contains a section of the class definition, and all parts are combined when the
application is compiled. There are several situations when splitting a class definition is desirable:

C# does support the feature of partial methods. These allow a partial class definition to forward declare
a method that another part of the partial class can then optionally define.

Partial methods have some restrictions:

they MUST be of void type (no return)

they CANNOT accept out parameters, then can however accept ref parameters

they CANNOT be virtual or extern

Partial methods are implicitly sealed and private.

Next

What is serialization in .NET? What are the ways to control serialization?

Serialization is the process of converting an object into a stream of bytes. Deserialization

is the opposite process of creating an object from a stream of bytes.

Serialization/Deserialization is mostly used to transport objects (e.g. during remoting), or

to persist objects (e.g. to a file or database).Serialization can be defined as the process of

storing the state of an object to a storage medium. During this process, the public and

private fields of the object and the name of the class, including the assembly containing

the class, are converted to a stream of bytes, which is then written to a data stream.

When the object is subsequently deserialized, an exact clone of the original object is
created.

1 Binary serialization preserves type fidelity, which is useful for preserving the state

of an object between different invocations of an application. For example, you can

share an object between different applications by serializing it to the clipboard. You

can serialize an object to a stream, disk, memory, over the network, and so forth.

Remoting uses serialization to pass objects "by value" from one computer or

application domain to another.

2 XML serialization serializes only public properties and fields and does not preserve

type fidelity. This is useful when you want to provide or consume data without

restricting the application that uses the data. Because XML is an open standard, it

is an attractive choice for sharing data across the Web. SOAP is an open standard,

which makes it an attractive choice.

There are two separate mechanisms provided by the .NET class library - XmlSerializer and

SoapFormatter/BinaryFormatter. Microsoft uses XmlSerializer for Web Services, and uses

SoapFormatter/BinaryFormatter for remoting. Both are available for use in your own code.

Next

Why do I get errors when I try to serialize a Hashtable?

XmlSerializer will refuse to serialize instances of any class that implements IDictionary,

e.g. Hashtable. SoapFormatter and BinaryFormatter do not have this restriction.

what is the difference between arrays and linked list?

the main differance between arrays and linked list is:

In array we follow static memory allocation.

i.e we assign memory to the particular element in advance.

in linked list is dynamic memory allocation.

i.e we assign memory to the particular element at run-time..

hence we reserve only the amount of memory which is

required.

there is no problem of memory shortage or wastage, in

linked list. which we very frequently come accross in the

arrays..

Next

Describe the difference between inline and code behind?

Inline code written along side the html in a page.

Code-behind is code written in a separate file and

referenced by the .aspx page.

Next

what is Override?

The method overridden by an override declaration is known as the overridden base method. The
overridden base method must have the same signature as the override method.

Next

What is boxing and unboxing ?

C# Type System contains three Types , they are Value Types , Reference Types and Pointer Types. C#
allows us to convert a Value Type to a Reference Type, and back again to Value Types . The operation of
Converting a Value Type to a Reference Type is called Boxing and the reverse operation is called
Unboxing.

Boxing means

int Val = 1;

Object Obj = Val;

The first line we created a Value Type Val and assigned a value to Val. The second line , we created an
instance of Object Obj and assign the value of Val to Obj. From the above operation (Object Obj = i ) we
saw converting a value of a Value Type into a value of a corresponding Reference Type . These types of
operation is called Boxing.

UnBoxing

int Val = 1;

Object Obj = Val; //Boxing

int i = (int)Obj; //Unboxing

Next

Static class

If a class is declared as static then the variables and methods should compulsorily be declared as static.

A class can be declared static, indicating that it contains only static members. It is not possible to create
instances of a static class using the new keyword. Static classes are loaded automatically by the .NET
Framework common language runtime (CLR) when the program or namespace containing the class is
loaded.

Use a static class to contain methods that are not associated with a particular object. For example, it is a
common requirement to create a set of methods that do not act on instance data and are not associated
to a specific object in your code. You could use a static class to hold those methods.

The main features of a static class are:

1. They only contain static members.

2. They cannot be instantiated.

3. They are sealed.

4. They cannot contain Instance Constructors or simply constructors as we know that they are
associated with objects and operates on data when an object is created.

Next

Managed and unmanaged

Managed code is not compiled to machine code but to an intermediate language which is interpreted
and executed by some service on a machine and is therefore operating within a (hopefully!) secure
framework which handles dangerous things like memory and threads for you. In modern usage this
frequently means .NET but does not have to.

Unmanaged code is compiled to machine code and therefore executed by the OS directly. It therefore
has the ability to do damaging/powerful things Managed code does not. This is how everything used to
work, so typically it's associated with old stuff like .dlls

Next

What is Extension Methods?

An Extension method is a new language feature of C# starting with the 3.0 specification, as well as Visual
Basic.NET starting with 9.0 and Oxygene with 2.0. Extension methods enable you to "add" methods to
existing types without creating a new derived type, recompiling, or otherwise modifying the original
type. Extension methods are a special kind of static method, but they are called as if they were instance
methods on the extended type. For client code written in C# and Visual Basic, there is no apparent
difference between calling an extension method and the methods that are actually defined in a type.

Next

What are different types that a variable can be defined and their scopes ?

Public- Can be accessed anywhere

Private- anywhere in the same class

Protected -winthin the class and the class that inherites this class
Friend- Members of the class within the assembely

Protected friend- member of assembely or inheriting class

Next

What is application object ?

Application object can used in situation where we want data to be shared across users

globally.

1 What’s the difference between Cache object and application object ?

The main difference between the Cache and Application objects is that the Cache object

provides cache-specific features, such as dependencies and expiration policies.

(2 How can get access to cache object ?

The Cache object is defined in the System.Web.Caching namespace. You can get a reference

to the Cache object by using the Cache property of the HttpContext class in the

System.Web namespace or by using the Cache property of the Page object.

3 What are dependencies in cache and types of dependencies ?

When you add an item to the cache, you can define dependency relationships that can

force that item to be removed from the cache under specific activities of

dependencies.Example if the cache object is dependent on file and when the file data

changes you want the cache object to be update.Following are the supported dependency

File dependency :- Allows you to invalidate a specific cache item when a disk

based file or files change.

Time-based expiration :- Allows you to invalidate a specific cache item

depending on predefined time.

Key dependency :-Allows you to invalidate a specific cache item depending

when another cached item changes.

Next

5. Caching Concepts

What is Cache Callback in Cache ?

Cache object is dependent on its dependencies example file based , time based etc.Cache

items remove the object when cache dependencies change.ASP.NET provides capability

to execute a callback method when that item is removed from cache.

Next

What are different types of caching using cache object of ASP.NET?

You can use two types of output caching to cache information that is to be transmitted to

and displayed in a Web browser:

1)Page Output Caching

Page output caching adds the response of page to cache object.Later when

page is requested page is displayed from cache rather than creating the

page object and displaying it.Page output caching is good if the site is

fairly static.

2) Page Fragment Caching

If parts of the page are changing, you can wrap the static sections as user

controls and cache the user controls using pagefragment caching

What are ASP.NET session and compare ASP.NET session with

classic ASP session variables?

ASP.NET session caches per user session state.It basically uses “HttpSessionState” class.

Following are the limitations in classic ASP sessions :-

1) ASP session state is dependent on IIS process very heavily.So if IIS restarts

ASP session variables are also recycled.ASP.NET session can be independent

of the hosting environment thus ASP.NET session can maintained even if IIS

reboots.

2) ASP session state has no inherent solution to work with Web Farms.ASP.NET

session can be stored in state server and SQL SERVER which can support

multiple server.

3) ASP session only functions when browser supports cookies.ASP.NET session

can be used with browser side cookies or independent of it.

Next

What is ViewState ?

Viewstate is a built-in structure for automatically retaining values among multiple requests

for the same page. The view state is internally maintained as a hidden field on the page

but is hashed, providing greater security than developer-implemented hidden fields do.

Do performance vary for viewstate according to User controls ?

Performance of view state varies depending on the type of server control to which it is

applied. Label, TextBox, CheckBox, RadioButton, and HyperLink are server controls

that perform well with ViewState. DropDownList, ListBox, DataGrid, and DataList suffer

from poor performance because of their size and the large amounts of data making

roundtrips to the server.

(B) What are benefits and Limitation of using Viewstate for state

management?

Following are the benefits of using Viewstate :-

1) No server resources are required because state is contained in a structure in

the page code.

2) Simplicity.

3)States are retained automatically.

4) The values in view state are hashed, compressed, and encoded, thus representing

a higher state of security than hidden fields.95

5) View state is good for caching data in Web farm configurations because the

data is cached on the client.

Following are limitation of using Viewstate:-

1) Page loading and posting performance decreases when large values are

stored because view state is stored in the page.

2) Although view state stores data in a hashed format, it can still be tampered

with because it is stored in a hidden field on the page. The information in the

hidden field can also be seen if the page output source is viewed directly,

creating a potential security risk.

Below is sample of storing values in view state.

this.ViewState["EnterTime"] = DateTime.Now.ToString()

Next

What are benefits and Limitation of using Cookies?

Following are benefits of using cookies for state management :-

1) No server resources are required as they are stored in client.

2) They are light weight and simple to use

Following are limitation of using cookies :-

1) Most browsers place a 4096-byte limit on the size of a cookie,although support

for 8192-byte cookies is becoming more common in the new browser and

client-device versions available today.

2) Some users disable their browser or client device’s ability to receive cookies,

thereby limiting the use of cookies.

3) Cookies can be tampered and thus creating a security hole.

4) Cookies can expire thus leading to inconsistency.

Below is sample code of implementing cookies

Request.Cookies.Add(New HttpCookie(“name”, “user1”))

Next

What is the difference between Authentication and

authorization?

This can be a tricky question. These two concepts seem altogether similar but there is

wide range of difference. Authentication is verifying the identity of a user and authorization

is process where we check does this identity have access rights to the system. In short we

can say the following authentication is the process of obtaining some sort of credentials198

from the users and using those credentials to verify the user’s identity. Authorization is

the process of allowing an authenticated user access to resources. Authentication always

proceed to Authorization; even if your application lets anonymous users connect and use

the application, it still authenticates them as being anonymous.

What is impersonation in ASP.NET ?

By default, ASP.NET executes in the security context of a restricted user account on the
local machine. Sometimes you need to access network resources such as a file on a shared

drive, which requires additional permissions. One way to overcome this restriction is to

use impersonation. With impersonation, ASP.NET can execute the request using the

identity of the client who is making the request, or ASP.NET can impersonate a specific

account you specify in web.config

Can you explain in brief how the ASP.NET authentication

process works?

ASP.NET does not run by itself, it runs inside the process of IIS. So there are two

authentication layers which exist in ASP.NET system. First authentication happens at

the IIS level and then at the ASP.NET level depending on the WEB.CONFIG file.

Below is how the whole process works:-

1) IIS first checks to make sure the incoming request comes from an IP address

that is allowed access to the domain. If not it denies the request.

2) Next IIS performs its own user authentication if it is configured to do so. By

default IIS allows anonymous access, so requests are automatically

authenticated, but you can change this default on a per – application basis

with in IIS.

3) If the request is passed to ASP.net with an authenticated user, ASP.net checks

to see whether impersonation is enabled. If impersonation is enabled, ASP.net

acts as though it were the authenticated user. If not ASP.net acts with its own

configured account.

4) Finally the identity from step 3 is used to request resources from the operating

system. If ASP.net authentication can obtain all the necessary resources it

grants the users request otherwise it is denied. Resources can include much

more than just the ASP.net page itself you can also use .Net’s code access199

security features to extend this authorization step to disk files, Registry keys

and other resources.

Next

What are the various ways of authentication techniques

in ASP.NET?

Selecting an authentication provider is as simple as making an entry in the web.config file

for the application. You can use one of these entries to select the corresponding built in

authentication provider:

authentication mode=windows or passport or forms

Custom authentication where you might install an ISAPI filter in IIS that

compares incoming requests to list of source IP addresses, and considers

requests to be authenticated if they come from an acceptable address. In that

case, you would set the authentication mode to none to prevent any of the

.net authentication providers from being triggered.

Next

Windows authentication and IIS

If you select windows authentication for your ASP.NET application, you also have to

configure authentication within IIS. This is because IIS provides Windows authentication.
IIS gives you a choice for four different authentication methods:

Anonymous,basic,digest and windows integrated

If you select anonymous authentication, IIS doesn’t perform any authentication, Any one

is allowed to access the ASP.NET application.

If you select basic authentication, users must provide a windows username and password

to connect. How ever this information is sent over the network in clear text, which makes

basic authentication very much insecure over the internet.

If you select digest authentication, users must still provide a windows user name and

password to connect. However the password is hashed before it is sent across the network.

Digest authentication requires that all users be running Internet Explorer 5 or later and

that windows accounts to stored in active directory.200

If you select windows integrated authentication, passwords never cross the network.

Users must still have a username and password, but the application uses either the Kerberos

or challenge/response protocols authenticate the user. Windows-integrated authentication

requires that all users be running internet explorer 3.01 or later Kerberos is a network

authentication protocol. It is designed to provide strong authentication for client/server

applications by using secret-key cryptography. Kerberos is a solution to network security

problems. It provides the tools of authentication and strong cryptography over the network

to help to secure information in systems across entire enterprise

Passport authentication

Passport authentication lets you to use Microsoft’s passport service to authenticate users

of your application. If your users have signed up with passport, and you configure the

authentication mode of the application to the passport authentication, all authentication

duties are off-loaded to the passport servers.

Passport uses an encrypted cookie mechanism to indicate authenticated users. If users

have already signed into passport when they visit your site, they’ll be considered

authenticated by ASP.NET. Otherwise they’ll be redirected to the passport servers to log

in. When they are successfully log in, they’ll be redirected back to your site

To use passport authentication you have to download the Passport Software Development

Kit (SDK) and install it on your server. The SDK can be found at http://

msdn.microsoft.com/library/default.asp?url=/downloads/list/websrvpass.aps. It includes

full details of implementing passport authentication in your own applications.

Forms authentication

Forms authentication provides you with a way to handle authentication using your own

custom logic with in an ASP.NET application. The following applies if you choose forms

authentication.

1) When a user requests a page for the application, ASP.NET checks for the

presence of a special session cookie. If the cookie is present, ASP.NET assumes

the user is authenticated and processes the request.

2) If the cookie isn’t present, ASP.NET redirects the user to a web form you

provide201

You can carry out whatever authentication, it check’s you like it checks your form. When

the user is authenticated, you indicate this to ASP.NET by setting a property, which

creates the special cookie to handle subsequent requests.

Next

How does authorization work in ASP.NET?

ASP.NET impersonation is controlled by entries in the applications web.config file. The

default setting is “no impersonation”. You can explicitly specify that ASP.NET shouldn’t

use impersonation by including the following code in the file

<identity impersonate=”false”/>

It means that ASP.NET will not perform any authentication and runs with its own

privileges. By default ASP.NET runs as an unprivileged account named ASPNET. You

can change this by making a setting in the processModel section of the machine.config

file. When you make this setting, it automatically applies to every site on the server. To

user a high-privileged system account instead of a low-privileged set the userName attribute

of the processModel element to SYSTEM. Using this setting is a definite security risk, as

it elevates the privileges of the ASP.NET process to a point where it can do bad things to

the operating system.

When you disable impersonation, all the request will run in the context of the account

running ASP.NET: either the ASPNET account or the system account. This is true when

you are using anonymous access or authenticating users in some fashion. After the user

has been authenticated, ASP.NET uses its own identity to request access to resources.

The second possible setting is to turn on impersonation.

<identity impersonate =”true”/>

In this case, ASP.NET takes on the identity IIS passes to it. If you are allowing anonymous

access in IIS, this means ASP.NET will impersonate the IUSR_ComputerName account

that IIS itself uses. If you aren’t allowing anonymous access,ASP.NET will take on the

credentials of the authenticated user and make requests for resources as if it were that

user. Thus by turning impersonation on and using a non-anonymous method of

authentication in IIS, you can let users log on and use their identities within your ASP.NET

application.
Finally, you can specify a particular identity to use for all authenticated requests

<identity impersonate=”true” username=”DOMAIN\username” password=”password”/>

With this setting, all the requests are made as the specified user (Assuming the password

it correct in the configuration file). So, for example you could designate a user for a single

application, and use that user’s identity every time someone authenticates to the

application. The drawback to this technique is that you must embed the user’s password

in the web.config file in plain text. Although ASP.NET won’t allow anyone to download

this file, this is still a security risk if anyone can get the file by other means.

Next

Polymorphism?

It allows you to invoke derived class methods through a base class reference during run-time. This is
handy when you need to assign a group of objects to an array and then invoke each of their methods

Next

Early binding - Assigning values to variables during design

time or exposing object model at design time.

Late Binding - Late binding has the same effect as early

binding. The difference is that you bind the object

library in code at run-time

Next
What is the difference between a DLL and an EXE?

An EXE is an executable file, that may run on its own. Its independant. Where as a DLL is a Dynamic Link
Library, that binds to an exe, or another DLL at runtime.

A DLL has an exposed interface, through which members of the assembly may be accessed by those
objects that require it.

Next

Immutable :

When you do some operation on a object, it creates a new object hence state is not modifiable as in
case of string.

Mutable

When you perform some operation on a object, object itself modified no new obect created as in case of
StringBuilder

Next

C# 2.0:

The major features of C# 2 were generics, nullable types, anonymous methods and other delegate-
related enhancements and iterator blocks. Additionally, several smaller features were introduced:
partial types, static classes, properties with different access modifiers for getters and setters, namespace
aliases, pragma directives and fixed-sized buffers.
C# 3.0:

C# 3 primarily built towards LINQ, although many features are useful elsewhere. Automatic properties,
implicit typing of arrays and local variables, object and collection initializers and anonymous types are all
covered in chapter XREF ch8 . Lambda expressions and expression trees extended the delegate-related
progress made in version 2.0, and extension methods provided the last ingredient for query expressions.
Partial methods were only added in C# 3, although partial types themselves were in C# 2. As Marc points
out in the comments, generic type inference received a considerable boost in C# 3.

C# 4.0:

C# 4.0 has some features aimed at interoperability, but doesn't have the same single-mindedness of C#
3.0. Again there's a reasonably clear divide between the "small" features (named arguments, optional
parameters, better COM interop, generic variance) and the huge feature of dynamic typing.

A DLL runs in tandem with the application space in memory, as the application references it. Whereas an
EXE is independant, and runs as an independant process.