CAS

Code access security (CAS) is a new feature provided by the .NET Common Language Runtime. CAS is the part of the .NET security model that determines whether or not a piece of code is allowed to run, and what resources it can use when it is running.

Example: CAS that will prevent a .NET web applet from formatting your hard disk.

The CAS security policy revolves around two key concepts:

- Code groups and permissions.

Each .NET assembly is a member of a particular code group, and each code group is granted the permissions specified in a named permission set.

Defining the CAS code groups:

Microsoft defines some default ones, but you can modify these and even create your own. To see the code groups defined on your system, run 'caspol –lg' from the command line. It lists the code groups on your machine. On my machine it looks like this:

Microsoft (R) .NET Framework CasPol 1.0.3705.0
Copyright (C) Microsoft Corporation 1998-2001. All rights reserved.

Security is ON
Execution checking is ON
Policy change prompt is ON

Level = Machine
Code Groups:

1.  All code: Nothing
  1.1.  Zone - MyComputer: FullTrust
     1.1.1.  StrongName - 00240000048000009400000006020000002400005253413100040
0000100010007D1FA57C4AED9F0A32E84AA0FAEFD0DE9E8FD6AEC8F87FB03766C834C99921EB23BE
79AD9D5DCC1DD9AD236132102900B723CF980957FC4E177108FC607774F29E8320E92EA05ECE4E82
1C0A5EFE8F1645C4C0C93C1AB99285D622CAA652C1DFAD63D745D6F2DE5F17E5EAF0FC4963D261C8
A12436518206DC093344D5AD293: FullTrust
     1.1.2.  StrongName - 00000000000000000400000000000000: FullTrust

  1.2.  Zone - Intranet: LocalIntranet
     1.2.1.  All code: Same site Web.
     1.2.2.  All code: Same directory FileIO - Read, PathDiscovery

  1.3.  Zone - Internet: Internet
     1.3.1.  All code: Same site Web.

  1.4.  Zone - Untrusted: Nothing
  1.5.  Zone - Trusted: Internet
     1.5.1.  All code: Same site Web.
Success

Note the hierarchy of code groups: The top of the hierarchy is the most general('All code'), which is then sub-divided into several groups, each on which in turn can be sub-divided. Also note that a sub group can be associated with a more permissive permission set than it's parent.

Defining the own code group:

By using caspol you can define your own code group.

For example, suppose you trust code from www.mydomain.com and you want it have full access to your system, but you want to keep the default restrictions for all other internet sites. To achieve this, you would add a new code group as a sub-group of the 'Zone - Internet' group, like this:
caspol -ag 1.3 -site www.mydomain.com FullTrust
Now if you run caspol -lg you will see that the new group has been added as group 1.3.1:
...
  1.3.  Zone - Internet: Internet
     1.3.1.  Site - www.mydomain.com: FullTrust
...
Note that the numeric label (1.3.1) is just a caspol invention to make the code groups easy to manipulate from the command-line. The underlying runtime never sees it.

Changing the permission set for a code group:

By using caspol, change the permission set for a code group. If you are the machine administrator, you can operate at the 'machine' level - which means not only that the changes you make become the default for the machine, but also that users cannot change the permissions to be more permissive. If you are a normal (non-admin) user you can still modify the permissions, but only to make them more restrictive. For example, to allow intranet code to do what it likes you might do this:
caspol -cg 1.2 FullTrust.

Note that because this is more permissive than the default policy (on a standard system), you should only do this at the machine level - doing it at the user level will have no effect.

Creating own permission set:

Usecaspol -ap, specifying an XML file containing the permissions in the permission set. When you have edited the sample, add it to the range of available permission sets like this:

aspol -ap samplepermset.xml

Then, to apply the permission set to a code group, do something like this:
caspol -cg 1.3 SamplePermSet (By default, 1.3 is the 'Internet' code group)

Trouble with CAS:

If u have any trouble with CAS, if u want to diagnose your problem, caspol has a couple of options that might help. First, you can ask caspol to tell you what code group an assembly belongs to, using caspol -rsg. Similarly, you can ask what permissions are being applied to a particular assembly using caspol -rsp.

Turn it off CAS:

If u want to turn it off CAS, u should be the administrator. By using this command u can turn it off CAS. Caspol –s off.

---

Get the freedom to save as many mails as you wish. Click here to know how.

MNC-Interview Questions

 

1.Why do you use Option Explicit.

 

    Using Option Explicit requires that all variables be declared before being used. (It is considered to be good     programming practice)

 

2.What are the data types in VBScript.

 

     VBScript consists of only one data type (Variant)

3.What is a session Object.

 

     Connection, Command, Recordset (There are actually more than 3 (Primary objects are (Connection,             Command, Field and Recordset) Secondary objects are (Parameters, Properties and Errors)))

   
4.What are the three Objects of ADO.

 

    A Session Object holds information relevant to a particular users session.

5.What are the lock-types available in ADO.Explain.

 

    adLockReadOnly (1) - Indicates read-only records. You cannot alter the data.
    adLockPessimistic (2) - Indicates pessimistic locking, record by record. The provider does what is                 necessary to ensure successful editing of the records, usually by locking records at the data source             immediately after editing.
    adLockOptimistic (3) - Indicates optimistic locking, record by record. The provider uses optimistic locking,     locking records only when you call the Update method.
    adLockBatchOptimistic (4) - Indicates optimistic batch updates. Required for batch update mode.
    adLockUnspecified (-1) - Does not specify a type of lock. For clones, the clone is created with the same         lock type as the original.

    Example:

    Code:

    Set Rs = Server.CreateObject("ADODB.Recordset")
    Rs.LockType = adLockReadOnly

6.What are the cursor types available in ADO.Explain.

 

    adOpenForwardOnly (0) - Default. Uses a forward-only cursor. Identical to a static cursor, except that you     can only scroll forward through records. This improves performance when you need to make only one pass through a Recordset.
adOpenKeyset (1) - Uses a keyset cursor. Like a dynamic cursor, except that you can't see records that other users add, although records that other users delete are inaccessible from your Recordset. Data changes by other users are still visible.
adOpenDynamic (2) - Uses a dynamic cursor. Additions, changes, and deletions by other users are visible, and all types of movement through the Recordset are allowed, except for bookmarks, if the provider doesn't support them.
adOpenStatic (3) - Uses a static cursor. A static copy of a set of records that you can use to find data or generate reports. Additions, changes, or deletions by other users are not visible.
adOpenUnspecified (-1) - Does not specify the type of cursor.

Example:

Code:

Set Rs = Server.CreateObject("ADODB.Recordset")
Rs.CursorType = adOpenDynamic

7.What is a COM component.

   

  A COM component can be any type of external or internal object that is called to perform an operation (uploading, error handling, etc…)

Example:

Code:

'Call a COM component to create a mailing object
Set objMail = Server.CreateObject("CDONTS.MailSender")

8.How do you register a COM component.

 

 regsvr32 path\componentname

Example: To register a component call Help.dll, located in C:\COMObjects folder

Code:

Regsvr32 "C:\COMObjects\Help.dll"

To unregister

Regsvr32 "C:\COMObjects\Help.dll" /u

 

9.What is a virtual root and how do you create one?.

 

  Better known as Virtual Directory. Allows you to create multiple website under 1 ip address. Allows you reference another location (folder) to include additional functionality.

To create one
1) Open IIS Manager
2) Right click the default site and "New">"Virtual Directory".
3) Type the name of the virtual directory and then browse to the location you would like to reference.

 

10.What is a database index, how do you create one, discuss it's pros and cons.

 

    Indexes in SQL Server are similar to the indexes in books. They help SQL Server retrieve the data quicker. Indexes are of two types. Clustered indexes and non-clustered indexes. When you create a clustered index on a table, all the rows in the table are stored in the order of the clustered index key. So, there can be only one clustered index per table. Non-clustered indexes have their own storage separate from the table data storage. Non-clustered indexes are stored as B-tree structures (so do clustered indexes), with the leaf level nodes having the index key and it's row locater. The row located could be the RID or the Clustered index key, depending up on the absence or presence of clustered index on the table. If you create an index on each column of a table, it improves the query performance, as the query optimizer can choose from all the existing indexes to come up with an efficient execution plan. At the same t ime, data modification operations (such as INSERT, UPDATE, DELETE) will become slow, as every time data changes in the table, all the indexes need to be updated. Another disadvantage is that, indexes need disk space, the more indexes you have, more disk space is used.

11.What is the default language of ASP.

 

    VBScript

12.How do you use multiple record sets( rs.NextRecordSet ).

 

      Using rs.NextRecordset

 

13.As soon as you fetch a record set, what operations would you perform.

 

      Check to make sure records were returned…if so, then manipulate them.

14.Define a transaction. What are acid properties of a transaction.

 

      A transaction is a process where either something completes or it fails depending on its requirements

    ACID properties of a transaction
    A - Atomicity = The entire sequence of actions must be either completed or aborted. The transaction cannot     be partially successful.
    C - Consistency = The transaction takes the resources from one consistent state to another.
    I - Isolation = A transaction's effect is not visible to other transactions until the transaction is committed.
    D - Durability = Changes made by the committed transaction are permanent and must survive system         failure.

   
15.How would you remotely administer IIS.

 

     Administer through the web browser or through the IIS Snap-in (Microsoft Suggestions [http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/q308/1/69.ASP&NoWebContent=1])

16.What is RAID? What is it used for.

 

    RAID (Redundant Array of Inexpensive Disks) is used to provide fault tolerance to database servers. (Basically for data protection just in case a hard drive or system fails)

 
17.What is the disadvantage of creating an index in every column of a database table.

 

     Disadvantage is it slows down the modification of data into those columns because every time data changes in the table, all the indexes need to be updated.

19.You have a query that runs slowly, how would you make it better.

 

      This is a very open ended question and there could be a lot of reasons behind the poor performance of a query. But some general issues that you could talk about would be: No indexes, table scans, missing or out of date statistics, blocking, excess recompilations of stored procedures, procedures and triggers without SET NOCOUNT ON, poorly written query with unnecessarily complicated joins, too much normalization, excess usage of cursors and temporary tables. Some of the tools/ways that help you troubleshooting performance problems are: SET SHOWPLAN_ALL ON, SET SHOWPLAN_TEXT ON, SET STATISTICS IO ON, SQL Server Profiler, Windows NT /2000 Performance monitor, Graphical execution plan in Query Analyzer. Download the white paper on performance tuning SQL Server from Microsoft web site.

 

19. What is a bit datatype?.What is it used for.
 

Bit data type consists of either 1 or 0 (on or off) is generally used as a boolean type where the answer is either true/false, on/off, yes/no, etc…

---

Forgot the famous last words? Access your message archive online. Click here.

Abstract Class & Interfaces ,oops

 What is similarities/difference between an abstract class and interface? 
        
      i.   Interfaces provide a form of multiple inheritance. A class can extend only one other class.  
     Interfaces are limited to public methods and constants with no implementation.  
  
     Abstract classes can have a partial implementation, protected parts, static methods, etc.  
     
      ii.    A Class may implement several interfaces.  
      
     But in case of abstract class, a class may extend only one abstract class.  
 
      iii. Interfaces are slow as it requires extra indirection to to find corresponding method in in the actual class.  
  
     Abstract classes are fast.   
  
     Similarities:  
 
     Neither Abstract classes or Interface can be instantiated. 
    
 How to define an abstract class? 
        
A class containing abstract method is called Abstract class. An Abstract class can't be instantiated.  
 
  Example of Abstract class: 
   abstract class testAbstractClass  
     {  
        protected String myString;  
        public String getMyString()  
          {  
            return myString;  
             }  
        public abstract string anyAbstractFunction(); 
     } 
    
    
 How to define an interface? 
        
Interface defines the methods but does not implement them. Interface can include constants.  
A class that implements the interfaces is bound to implement all the methods defined in Interface. 
 
  Example of Interface: 
 
  public interface sampleInterface  
    { 
       public void functionOne(); 
       public long CONSTANT_ONE = 1000;  
    }

 

 What is oops? 
    
 OOP is the common abbreviation for Object-Oriented Programming.   
 
 Explain the inheritance principle. 
        
Inheritance is the process by which one object acquires the properties of another object. 
 
 Explain the polymorphism principle. 
        
The meaning of Polymorphism is something like one name many forms.  
Polymorphism enables one entity to be used as as general category for different types of actions.  
The specific action is determined by the exact nature of the situation.  
The concept of polymorphism can be explained as "one interface, multiple methods".   
 
What are encapsulation, inheritance and polymorphism? 
     
Encapsulation is the mechanism that binds together code and data it manipulates and keeps both  safe from outside interference and misuse. 
  
   Inheritance is the process by which one object acquires the properties of another object. 
  
   Polymorphism is the feature that allows one interface to be used for general class actions.  
 
 
OBJECT 
     
Objects are the building blocks of OOP and are commonly defined as variables or data structures that encapsulate behavior and data in a programmed unit.  
Objects are items that can be individually created, manipulated, and represent real world things in an abstract way.  
 
CLASS

       
 A class is a template for an object. Suppose that someone builds a paper pattern for a shirt.  
All the shirts done with the same paper pattern will be identical (same design, size, etc.).  
In this sample, the paper pattern is the class and the shirt is the object. To build the same exact shirt over and over, you need the paper pattern as a template. 

 

 Another great example are house plans and blueprints. The plans and blueprints define the number of rooms,  the size of the kitchen, the number of floors, and more. In this real world sample, the house plans and blueprints are the class and the house is the object. In OOP you program a class as a template for a specific  

   
 
DELEGATE     
 
  A delegate is a type that references a method. Once a delegate is assigned a method, it behaves exactly like  that method. The delegate method can be used like any other method, with parameters and a return value, as in    this example: 
 
 
  C# Copy Codepublic delegate int PerformCalculation(int x, int y); 
 
SHADOWING 
     
  When two programming elements share the same name, one of them can hide, or shadow, the other one.  In such a situation, the shadowed element is not available for reference; instead, when your code uses the  shared name, the Visual Basic compiler resolves it to the shadowing element. 
 
  An element can shadow another element in two different ways. The shadowing element can be declared inside a subregion of the region containing the shadowed element, in which case the shadowing is accomplished through scope. Or a deriving class can redefine a member of a base class, in which case the shadowing is done through   inheritance. 
 
Events 
 
  An event is a way for a class to provide notifications when something of interest happens.
For example, a class that encapsulates a user interface control might define an event to occur when the user clicks on the control.

The control class does not care what happens when the button is clicked, but it does need to tell derived classes that the click event has occurred. The derived classes can then choose how to respond. 
 
 

 

 

---

Forgot the famous last words? Access your message archive online. Click here.

OOPS

  

 

Why Object Oriented approach?

 

A major factor in the invention of Object-Oriented approach is to remove some of the flaws encountered with the procedural approach. In OOP, data is treated as a critical element and does not allow it to flow freely. It bounds data closely to the functions that operate on it and protects it from accidental modification from outside functions. OOP allows decomposition of a problem into a number of entities called objects and then builds data and functions around these objects. A major advantage of OOP is code reusability.

 

 

Some important features of Object Oriented programming are as follows:

 

Emphasis on data rather than procedure

 

Programs are divided into Objects

 

Data is hidden and cannot be accessed by external functions

 

Objects can communicate with each other through functions

 

New data and functions can be easily added whenever necessary

 

Follows bottom-up approach

 

Concepts of OOP:

 

 

Objects

 

Classes

 

Data Abstraction and Encapsulation

 

Inheritance

 

Polymorphism

 

Briefly on Concepts:

 

Objects

 

Objects are the basic run-time entities in an object-oriented system. Programming problem is analyzed in terms of objects and nature of communication between them. When a program is executed, objects interact with each other by sending messages. Different objects can also interact with each other without knowing the details of their data or code.

 

Classes

 

A class is a collection of objects of similar type. Once a class is defined, any number of objects can be created which belong to that class.

 

Data Abstraction and Encapsulation

 

Abstraction refers to the act of representing essential features without including the background details or explanations. Classes use the concept of abstraction and are defined as a list of abstract attributes.

 

Storing data and functions in a single unit (class) is encapsulation. Data cannot be accessible to the outside world and only those functions which are stored in the class can access it.

 

Inheritance

 

Inheritance is the process by which objects can acquire the properties of objects of other class. In OOP, inheritance provides reusability, like, adding additional features to an existing class without modifying it. This is achieved by deriving a new class from the existing one. The new class will have combined features of both the classes.

 

Polymorphism

 

Polymorphism means the ability to take more than one form. An operation may exhibit different behaviors in different instances. The behavior depends on the data types used in the operation. Polymorphism is extensively used in implementing Inheritance.

 

Advantages of OOP

 

Object-Oriented Programming has the following advantages over conventional approaches:

 

 

OOP provides a clear modular structure for programs which makes it good for defining abstract datatypes where implementation details are hidden and the unit has a clearly defined interface.

 

OOP makes it easy to maintain and modify existing code as new objects can be created with small differences to existing ones.

 

OOP provides a good framework for code libraries where supplied software components can be easily adapted and modified by the programmer. This is particularly useful for developing graphical user interfaces.

---

Download prohibited? No problem. CHAT from any browser, without download.

ASP.NET Stage Management OverView

ASP.NET State Management Overview 

 

A new instance of the Web page class is created each time the page is posted to the server. In traditional Web programming, this would typically mean that all information associated with the page and the controls on the page would be lost with each round trip. For example, if a user enters information into a text box, that information would be lost in the round trip from the browser or client device to the server.

 

To overcome this inherent limitation of traditional Web programming, ASP.NET includes several options that help you preserve data on both a per-page basis and an application-wide basis.

 

These features are as follows:

 

View state

 

Control state

 

Hidden fields

 

Cookies

 

Query strings

 

Application state

 

Session state

 

Profile Properties

 

View state, control state, hidden fields, cookies, and query strings all involve storing data on the client in various ways. However, application state, session state, and profile properties all store data in memory on the server. Each option has distinct advantages and disadvantages, depending on the scenario.

 

Client-Based State Management Options

The following sections describe options for state management that involve storing information either in the page or on the client computer. For these options, no information is maintained on the server between round trips.

 

View State

The ViewState property provides a dictionary object for retaining values between multiple requests for the same page. This is the default method that the page uses to preserve page and control property values between round trips.

 

When the page is processed, the current state of the page and controls is hashed into a string and saved in the page as a hidden field, or multiple hidden fields if the amount of data stored in the ViewState property exceeds the specified value in the MaxPageStateFieldLength property. When the page is posted back to the server, the page parses the view-state string at page initialization and restores property information in the page.You can store values in view state as well.  

 

 

Control State

Sometimes you need to store control-state data in order for a control to work properly. For example, if you have written a custom control that has different tabs that show different information, in order for that control to work as expected, the control needs to know which tab is selected between round trips. The ViewState property can be used for this purpose, but view state can be turned off at a page level by developers, effectively breaking your control. To solve this, the ASP.NET page framework exposes a feature in ASP.NET called control state.

 

The ControlState property allows you to persist property information that is specific to a control and cannot be turned off like the ViewState property.

 

Hidden Fields

ASP.NET allows you to store information in a HiddenField control, which renders as a standard HTML hidden field. A hidden field does not render visibly in the browser, but you can set its properties just as you can with a standard control. When a page is submitted to the server, the content of a hidden field is sent in the HTTP form collection along with the values of other controls. A hidden field acts as a repository for any page-specific information that you want to store directly in the page.

 

Security Note 

It is easy for a malicious user to see and modify the contents of a hidden field. Do not store any information in a hidden field that is sensitive or that your application relies on to work properly.  

 

A HiddenField control stores a single variable in its Value property and must be explicitly added to the page.

 

In order for hidden-field values to be available during page processing, you must submit the page using an HTTP POST command. If you use hidden fields and a page is processed in response to a link or an HTTP GET command, the hidden fields will not be available.

 

Cookies

A cookie is a small amount of data that is stored either in a text file on the client file system or in-memory in the client browser session. It contains site-specific information that the server sends to the client along with page output. Cookies can be temporary (with specific expiration times and dates) or persistent.

 

You can use cookies to store information about a particular client, session, or application. The cookies are saved on the client device, and when the browser requests a page, the client sends the information in the cookie along with the request information. The server can read the cookie and extract its value. A typical use is to store a token (perhaps encrypted) indicating that the user has already been authenticated in your application.

 

Security Note 

The browser can only send the data back to the server that originally created the cookie. However, malicious users have ways to access cookies and read their contents. It is recommended that you do not store sensitive information, such as a user name or password, in a cookie. Instead, store a token in the cookie that identifies the user, and then use the token to look up the sensitive information on the server.

 

  

Query Strings

A query string is information that is appended to the end of a page URL. A typical query string might look like the following example:

 

 Copy Code

http://www.xyz.com/listwidgets.aspx?category=basic&price=100

In the URL path above, the query string starts with a question mark (?) and includes two attribute/value pairs, one called "category" and the other called "price."

 

Query strings provide a simple but limited way to maintain state information. For example, they are an easy way to pass information from one page to another, such as passing a product number from one page to another page where it will be processed. However, some browsers and client devices impose a 2083-character limit on the length of the URL.

 

Security Note 

Information that is passed in a query string can be tampered with by a malicious user. Do not rely on query strings to convey important or sensitive data. Additionally, a user can bookmark the URL or send the URL to other users, thereby passing that information along with it. For more information, see ASP.NET State Management Recommendations and How to: Protect Against Script Exploits in a Web Application by Applying HTML Encoding to Strings.

 

 

In order for query string values to be available during page processing, you must submit the page using an HTTP GET command. That is, you cannot take advantage of a query string if a page is processed in response to an HTTP POST command. For usage recommendations, see ASP.NET State Management Recommendations.

 

Server-Based State Management Options

ASP.NET offers you a variety of ways to maintain state information on the server, rather than persisting information on the client. With server-based state management, you can decrease the amount of information sent to the client in order to preserve state, however it can use costly resources on the server. The following sections describe three server-based state management features: application state, session state, and profile properties.

 

Application State

ASP.NET allows you to save values using application state — which is an instance of the HttpApplicationState class — for each active Web application. Application state is a global storage mechanism that is accessible from all pages in the Web application. Thus, application state is useful for storing information that needs to be maintained between server round trips and between requests for pages. For more information, see ASP.NET Application State Overview.

 

Application state is stored in a key/value dictionary that is created during each request to a specific URL. You can add your application-specific information to this structure to store it between page requests.

 

Once you add your application-specific information to application state, the server manages it. For usage recommendations, see ASP.NET State Management Recommendations.

 

Session State

ASP.NET allows you to save values by using session state — which is an instance of the HttpSessionState class — for each active Web-application session. Session state is similar to application state, except that it is scoped to the current browser session. If different users are using your application, each user session will have a different session state. In addition, if a user leaves your application and then returns later, the second user session will have a different session state from the first.

 

Session state is structured as a key/value dictionary for storing session-specific information that needs to be maintained between server round trips and between requests for pages. 

 

 

You can use session state to accomplish the following tasks:

 

Uniquely identify browser or client-device requests and map them to an individual session instance on the server.

 

Store session-specific data on the server for use across multiple browser or client-device requests within the same session.

 

Raise appropriate session management events. In addition, you can write application code leveraging these events.

 

Once you add your application-specific information to session state, the server manages this object. Depending on which options you specify, session information can be stored in cookies, on an out-of-process server, or on a computer running Microsoft SQL Server.

 

Profile Properties

ASP.NET provides a feature called profile properties, which allows you to store user-specific data. This feature is similar to session state, except that the profile data is not lost when a user's session expires. The profile-properties feature uses an ASP.NET profile, which is stored in a persistent format and associated with an individual user. The ASP.NET profile allows you to easily manage user information without requiring you to create and maintain your own database. In addition, the profile makes the user information available using a strongly typed API that you can access from anywhere in your application. You can store objects of any type in the profile. The ASP.NET profile feature provides a generic storage system that allows you to define and maintain almost any kind of data while still making the data available in a type-safe manner.

 

To use profile properties, you must configure a profile provider. ASP.NET includes a SqlProfileProvider class that allows you to store profile data in a SQL database, but you can also create your own profile provider class that stores profile data in a custom format and to a custom storage mechanism such as an XML file, or even to a web service.

 

Because data that is placed in profile properties is not stored in application memory, it is preserved through Internet Information Services (IIS) restarts and worker-process restarts without losing data .

 

---

Unlimited freedom, unlimited storage. Get it now

All about IIS.

 

IIS 6.0 supports the following authentication methods:

 

 Anonymous authentication.

 

This authentication method allows everyone access to the public areas of your Web sites, without asking for a user name or password.

 

Basic authentication.

 

This authentication method prompts the user for a user name and a password, also called credentials, which are sent unencrypted over the network.

 

Digest authentication.

 

This authentication method operates much like Basic authentication, except that passwords are sent across the network as a hash value for

additional security. Digest authentication is available

only on domains with domain controllers running Windows

server operating systems.

 

Advanced Digest authentication.

 

This authentication method is identical to Digest authentication, except

Advanced Digest authentication stores the client

credentials as a Message Digest (MD5) hash in Active

Directory on your domain controller running Windows Server

2003.

 

 Integrated Windows authentication.

 

 This authentication method uses hashing technology to scramble user names and passwords before sending them over the network.

 

 UNC authentication.

 

This authentication method passes users' credentials through to the computer with the Universal Naming Convention (UNC) share.

 

 NET Passport Authentication.

 

 This authentication method is a user-authentication service that lets Web site users create a single sign-in name and password for access to

all .NET Passport enabled Web sites and services. .NET

Passport enabled sites rely on the .NET Passport central

server to authenticate users; .NET Passport enabled sites

do not host and maintain their own proprietary

authentication systems.

 

 Certificate authentication.

 

This authentication method uses Secure Sockets Layer (SSL) certificates to

authenticate servers and clients.

---

Did you know? You can CHAT without downloading messenger. Click here

Some More on C#.

Interview Questions

C#

 

What's the implicit name of the parameter that gets passed into the class' set method?

Value, and its datatype depends on whatever variable we're changing.

 

How do you inherit from a class in C#?

Place a colon and then the name of the base class. Notice that it's double colon in C++.

 

Does C# support multiple inheritance?

No, use interfaces instead.

 

When you inherit a protected class-level variable, who is it available to? Classes in the same namespace.

 

Are private class-level variables inherited?

Yes, but they are not accessible, so looking at it you can honestly say that they are not inherited.

 

Describe the accessibility modifier protected internal.

It's available to derived classes and classes within the same Assembly (and naturally from the base class it's declared in).

 

C# provides a default constructor for me. I write a constructor that takes a string as a parameter, but want to keep the no parameter one. How many constructors should I write?

Two. Once you write at least one constructor, C# cancels the freebie constructor, and now you have to write one yourself, even if there's no implementation in it.

 

How's method overriding different from overloading?

 When overriding, you change the method behavior for a derived class. Overloading simply involves having a method with the same name within the class.

 

What does the keyword virtual mean in the method definition?

The method can be over-ridden.

 

Can you declare the override method static while the original method is non-static? No, you can't, the signature of the virtual method must remain the same, only the keyword virtual is changed to keyword override.

 

Can you override private virtual methods?

No, moreover, you cannot access private methods in inherited classes, have to be protected in the base class to allow any sort of access.

 

Can you prevent your class from being inherited and becoming a base class for some other classes?

Yes, that's what keyword sealed in the class definition is for. The developer trying to derive from your class will get a message: cannot inherit from Sealed class WhateverBaseClassName. It's the same concept as final class in Java.

 

Can you allow class to be inherited, but prevent the method from being over-ridden? Yes, just leave the class public and make the method sealed.

 

What's an abstract class?

 A class that cannot be instantiated. A concept in C++ known as pure virtual method. A class that must be inherited and have the methods over-ridden. Essentially, it's a blueprint for a class without any implementation.

 

When do you absolutely have to declare a class as abstract (as opposed to free-willed educated choice or decision based on UML diagram)?

 When at least one of the methods in the class is abstract. When the class itself is inherited from an abstract class, but not all base abstract methods have been over-ridden.

 

What's an interface class?

It's an abstract class with public abstract methods all of which must be implemented in the inherited classes.

 

Why can't you specify the accessibility modifier for methods inside the interface?

 They all must be public. Therefore, to prevent you from getting the false impression that you have any freedom of choice, you are not allowed to specify any accessibility, it's public by default.

 

Can you inherit multiple interfaces?

 Yes, why not.

 

And if they have conflicting method names?

It's up to you to implement the method inside your own class, so implementation is left entirely up to you. This might cause a problem on a higher-level scale if similarly named methods from different interfaces expect different data, but as far as compiler cares you're okay.

 

What's the difference between an interface and abstract class?

In the interface all methods must be abstract; in the abstract class some methods can be concrete. In the interface no accessibility modifiers are allowed, which is ok in abstract classes.

 

How can you overload a method?

 Different parameter data types, different number of parameters, different order of parameters.

 

If a base class has a bunch of overloaded constructors, and an inherited class has another bunch of overloaded constructors, can you enforce a call from an inherited constructor to an arbitrary base constructor?

Yes, just place a colon, and then keyword base (parameter list to invoke the appropriate constructor) in the overloaded constructor definition inside the inherited class.

 

What's the difference between System.String and System.StringBuilder classes?

 System.String is immutable; System.StringBuilder was designed with the purpose of having a mutable string where a variety of operations can be performed.

 

What's the advantage of using System.Text.StringBuilder over System.String?

 StringBuilder is more efficient in the cases, where a lot of manipulation is done to the text. Strings are immutable, so each time it's being operated on, a new instance is created.

 

Can you store multiple data types in System.Array?

No.

 

---

Now you can chat without downloading messenger. Click here to know how.