Exam 70-486 study Notes – Part 1

Design the Application Architecture:  36 Questions

Business Requirements

  1. Allow users view a list of videos.
  2. Allow users to select a video from the list and watch it.
  3. If a user closes the browser, redirect the user to the last video watched when the user visits the site again.
  4. Save the last watched movie for 10 days.
  5. Only users over 18 must be able to view videos that have an R rating.

Business Requirements

  1.  The application must be hosted on a web farm with server affinity disabled.
  2. The application must be an ASP.NET MVC Razor application.
  3. The user’s browser must display the video in its native format.
  4. If the user’s browser cannot play the video, a link to the video file should be displayed.
  5. Icons for videos must be stored in the images folder.
  6. Video icons must have a watermark when they are displayed in the user’s browser.
  7. Unhandled exceptions must be sent to an e-mail address in the support department. (Your solution must not require you to write custom code).
  8.  The application must authenticate users against a claims-based service by using client certificates.
  9. Hackers must not be able to eavesdrop on videos being watched by users.

Application Files

Views\_ViewStart.cshtml

Views\Video\List.cshtml

Views\Video\Watch.cshtml

Models\Video.cs

WatermarkIconWriter.cs

Question # 1   How many controllers and actions do you need ?

  1. Two controllers with two actions each
  2. One controller with one action
  3. One controller with two actions

  4. Two controllers with one action each

Explanation:

You need a minimum of one controller with two actions. In this scenario, you have two views. One view allows users to view a list of videos. The other view allows users to watch a single video. Each view should correspond with an action, and a single controller can contain multiple actions.

Question # 2  You need to save the last watched movie. The value of the movie ID to save is 100 ?

Explanation:

The first option is correct . we should store the data in the cookie . the first statement sets the value of cookie name and the second line sets the cookie expiration date to 10 days from now.

The second option is also not correct it stores data in application state. Application state maintains the same values for all users

The third option is also not correct because it attempts to add cookie to request object , request allow us to read the existing cookie not add

The fourth option is not correct it use HttpContext and data is stored in HTTP context is available for the duration of the single request

Question # 3  The WatermarkIconWriter class creates the watermark on a video icon when it is displayed. Which two interfaces should the class implement? (Each correct answer presents part of the solution. Choose two.)

  1. IRouteConstraint
  2. IHttpHandler
  3. IHttpModule
  4. IRouteHandler

Explanation :

You should implement IHttpHandler – Http handlers are endpoints that process http request.it can process http request and can overlay the image with a watermark by using the Graphics class.

You should also implement IRouteHandler. This interface represents a route handler. Route handlers map URL patterns to HTTP handlers. This way, whenever requests to files in the images subfolder are made, this route handler handles the request by passing it to the HTTP handler, which in turn writes the watermark on the image.

You should not implement IHttpModule. This interface represents an HTTP module. HTTP modules do not represent endpoints for resources. Instead, they have access to the HTTP pipeline, allowing them to inspect incoming requests and outgoing responses.

You should not implement IRouteConstraint. This interface represents a route constraint. A route constraint helps specify how a URL pattern matches a route.
Question # 4  You need to ensure the List content is embedded in the Layout page when the List page is displayed to the user

Which code segment should you insert at line LY10?  In ViewStart.cshtml

  1. @Scripts.Render(“List.cshtml”)
  2. @RenderSection(“body”)
  3. @Scripts.Url(“List.cshtml”)
  4. @RenderBody()
  5. @RenderPage(“List.cshtml”, null);

You should use the following code segment:  @RenderBody()
You should not use the following code segment: [email protected](“List.cshtml”) The Render method of the Scripts class allows you to render <script> tags for each script file passed as a parameter to the method.

You should not use the following code segment: @RenderPage(“List.cshtml”, null)  The RenderPage method allows you to render the URL passed to it as a parameter.

You should not use the following code segment: @Scripts.Url(“List.cshtml”)  The Url method of the Scripts class allows you to render a version-stamped URL based on the URL passed to it as a parameter.

You should not use the following code segment: @RenderSection(“body”) . The RenderSection method allows you to render partial markup. The parameter to the method specifies the name of the section that is defined by the @section markup. In this scenario, no sections are specified.

 

Question #  5  You need to ensure that the link to the video is displayed for users whose browser does not support playing the video natively. we are talking about data in the file Views\Video\Watch.cshtml

  1. href=”[email protected]” />
  2. @Html.ActionLink(“~/VideoService.asmx?Id={0}”, “Id”);
  3. title=”[email protected]
  4.  src=”[email protected]

You should use first option #1 The video element is an HTML5 semantic element that displays video natively. It allows multiple child source elements and one additional content element. Each source element typically specifies a different encoding. It attempts to play each source element in succession until it finds one that the browser supports, and it uses the additional content element as a fallback if the browser does not support any of the source elements.

Explanation :

The Html.ActionLink option# 2  method allows you to display a link to a controller action and does not allow the display a link to video.

The title attribute option# 3 specifies the tool tip for an element.

The src attribute  in option# 4 does not allow the video element to display a link

Question #  6  You create the following controller class:
public class VideoController : Controller
{
}
You need to create the action that allows users to watch videos.

You should use the second option . Action methods that display views must return a ViewResult instance. ViewResult is derived from ActionResult, so you can use ActionResult as the return value for an action method. This code first finds the video that matches the specified ID. It then calls the View method, passing to it the found Video instance. This works because the Watch view uses the Video class as its model

Explanation :

The third and fourth method return void but the view expect

The first option is also not correct because it is returning int to view while view expect a model .

Question # 7 we made appropriate changes to the definition of WatermarkIcon Writer class so that can be used as a route handler.You need to ensure that the ProcessRequest method of the WatermarkIconWriter class is called when users request files from the images subfolder.

we should use last option code creates a new Route instance, passing to it the URL pattern as the first parameter and the WatermarkIconWriter instance as the second parameter – sets the RouteExistingFiles property of the RouteCollection class to true. This is necessary because by default ASP.NET Routing does not process physical files in the routing pipeline – Finally we add the route to the route table.

Explanation :

The first option(MapPageRoute method allows you to specify a page to handle a specific URL pattern. In this scenario, you are using a custom route handler. Therefore, you must call the Add method of the RouteCollection class) and third option should not be used as set RouteExistingFiles property to false which will prevents physical files from being processed by ASP.NET Routing

In Second option we are defining a custom route and we are not adding it to route table . we must call Add method of the RouteCollection Class.

Question # 8 You need to meet the following technical requirement for unhandled exceptions.

Unhandled exceptions must be sent to an e-mail address in the support department. (Your solution must not require you to write custom code).

  1. ASP.NET tracing
  2. Health monitoring
  3. IntelliTrace
  4. Diagnostic tracing

You should enable health monitoring. You can configure health monitoring to send an e-mail whenever unhandled exceptions occur. It does not require you to write custom code.

Explanation :

You should not use third option it  enable IntelliTrace. This feature allows Visual Studio to record events while an application is running.

You should not use first option it enable ASP.NET tracing. This requires you to write custom code to catch unhandled exceptions and send an e-mail when they occur

You should not use fourth option it enable diagnostic tracing. This requires you to write custom code

Question # 9  

Req : authenticate users against a claims-based service by using client certificates.You need to configure the authentication element in the Web.config file. Which configuration should you use based on requirement ?

  1. <authentication mode=”Windows”/>
  2. <authentication mode=”None”/>
  3. <authentication mode=”Passport”/>
  4. <authentication mode=”Forms”/>

we should use second option .This disables ASP.NET authentication for the application, which is necessary for the application to use the claims-based security token service.

Explanation :

we should not use option# 1 as it configures the application to use Windows authentication. However, in this scenario, the application uses a claims-based security token service that accepts client certificates.

you should not use option#4 as it uses form authentication which displays a login page for the user to enter credentials. However, in this scenario, the application uses a claims-based security token service that accepts client certificates.

you should not use option#3 since it use passport authentication which configures the application to use Microsoft authentication, which uses a separate hosted service to collect user credentials and send back a token. However, in this scenario, the application uses a claims-based security token service that accepts client certificates.

Question# 10 You need to remove all R-rated videos from the list if a user is under age 18. You write the following code to determine if a user is at least 18.

The second code snippet should be used – code first casts the current principal to a ClaimsPrincipal instance. The ClaimsPrincipal class represents an authenticated user with attached claims. The code then finds the first claim of type date of birth. The URI for this claim type is http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dateofbirth. However, you can use the ClaimTypes.DateOfBirth field to retrieve a shortcut to this claim type. Next the code accesses the value of the claim through the Value property of the returned Claim instance. It then converts the value to a DateTime instance so that it can be passed to the IsAdult method. Finally, it filters the videos by removing those with an R rating if the user is not at least age 18.

 

Question# 11 You need to meet the technical requirement for eavesdropping.  Which security feature should you use?

  1. Secure Sockets Layer (SSL)
  2. Anti-forgery tokens  – This helps prevent replay attacks, but it does not prevent eavesdropping.
  3. Symmetric encryption –  This relies on shared keys to encrypt and decrypt data. If a hacker obtains the shared key, the hacker can decrypt the encrypted videos.
  4. HTTP request validation – Request validation helps prevent cross-site scripting (XSS) attacks

You should use Secure Sockets Layer (SSL). SSL prevents eavesdropping by encrypting the communication between the client and server

 

Leave a Reply

Your email address will not be published. Required fields are marked *