1) What is the difference between login controls and Forms authentication?

Login control provides form authentication. If we implement for authentication through

form authentication then we do it through code. On the other hand, login control allows the easy
implementation on the basis of form authentication without writing much of code. Underneath the
control, the class used for login control is also FormAuthentication class. So instead of creating your
own set of user credential validations and issuing of authentication ticket, it is simpler to use a normal
login control.
● Forms authentication can be easily implemented using login controls without writing any code.
● Login control performs functions like prompting for user credentials, validating them and
issuing authentication just as the FormsAuthentication class.
● However, all that’s needs to be dne is to drag and drop the use control from the tool box to
have these checks performed implicitly.
● The FormsAuthentication class is used in the background for the authentication ticket and
ASP.NET membership is used to validate the user credentials.

2) What is Fragment Caching in ASP.NET?

Fragment caching allows to cache specific portions of the page rather than the whole page.
It is done by implementing the page in different parts by creating everything in form of user controls
and caching each user control individually.
● Fragment caching refers to the caching of individual user controls within a Web Form.
● Each user control can have independent cache durations and implementations of how the
caching behavior is to be applied.
● Fragment caching is useful when you need to cache only a subset of a page.
● Navigation bars, header, and footers are good candidates for fragment caching.

3) What is partial classess in .net?

Partial classes allow us to divide the class definition into multiple files (physically). Logically,
all the partial classes are treated as a single file by the compiler.
When there is a need to keep the business logic separate from the User Interface or when
there is some class which is big enough to have multiple number of developers implement the
methods in it, the class can be separated and written in different files as partial class.

The keyword partial must appear in each class.

//syntax for C#
Public partial class MyPartialClass1
{
//code
}
// this code could be in file1

Public partial class MyPartialClass1

{
//code
}
// this code could be in file2

4) What is a ViewState?
Viewstate is the mechanism that automatically saves the values of the page's items just before
rendering the page. It stores items added to a page’s ViewState property as hidden fields on the page.
Viewstate is used to maintain or retain values on postback. It helps in preserving a page.
Viewstate is internally maintained as a hidden field in encrypted form along with a key.
Advantages:
1. No server resources.
2. Viewstate ensures security because it stores the data in encrypted format.
3. Viewstates are simple. They are used by enabling or disabling the viewstate properties.
4. It is based on the wish of developer that they want to implement it at the page level or at
control level.
Disadvantages:
1. If large amount of data is stored on the page, then page load might cause a problem.
2. Does not track across pages. Viewstate information does not automatically transfer from page
to page.
Extra Points
● If a site happens to not maintain a ViewState, then if a user has entered some information in
a large form with many input fields and the page is refreshes, then the values filled up in the
form are lost.
● The same situation can also occur on submitting the form. If the validations return an error,
the user has to refill the form.
● Thus, submitting a form clears up all form values as the site does not maintain any state
called ViewState.
● In ASP .NET, the ViewState of a form is maintained with a built-in state management
technique keeps the state of the controls during subsequent postbacks by a particular user.
● The ViewState indicates the status of the page when submitted to the server. The status is
defined through a hidden field placed on each page with a <form runat="server"> control.
<input type="hidden" name="__VIEWSTATE" value="CareerRide">
● The ViewState option can be disabled by including the directive <%@ Page
EnableViewState="false"%> at the top of an .aspx page
● If a ViewState of a certain control has to be disabled, then set EnableViewState="false".

5) Difference between src and Code-Behind?

Src: is a way mention the name of the code-behind class to dynamically compile on the
request for a page.
Code-behind: is the logic written behind the UI design file. It specifies the name of the
compiled file that contains the class. Code-behind attribute is only used for.Net.

Extra Points
● With the ‘src’ attribute, the source code files are deployed and are compiled by the JIT as
 needed.
● Though the code is available to everyone with an access to the server (NOT anyone on the
web), this method is preferred as it does away with the compilation of the DLLs.
● ‘CodeBehind’ attribute just has the VS.NET associate the code file with the aspx file. This is
necessary since VS.NET automates the pre-compiling that is harder by hand.
● Due to this the ‘Src’ attribute is done away with having only a DLL to be deployed enhancing
the protection level even though it can be decompiled.

6) What is the difference between URL and URI?

A URL (Uniform Resource Locator) is the address of some resource on the Web. A resource
is nothing but a page of a site. There are other type of resources than Web pages, but that's the
easiest conceptually.
A URI is a unique identifier to usually a namespace. Though it looks like a URL but it doesn’t
have to necessarily locate any resource on the web. URI is a generic term. URL is a type of URI.
URI - Uniform Resource Identifier: it’s a string and its responsibility is to identify a resource
by meta-information. It gives information about only one resource.
URL - Uniform Resource Locator: identifies the resource on the net and tells it is obtainable
using what protocols.

7) What is the Pre-Compilation feature of ASP.NET 2.0?

Previously, in ASP.NET, the pages and the code used to be compiled dynamically and then
cached so as to make the requests to access the page extremely efficient. In ASP.NET 2.0, the pre-
compilation feature is used with which an entire site is precompiled before it is made available to
users.

There is a pre-defined folder structure for enabling the pre-compilation feature:

● App_Code: stores classes
● App_Themes: stores CSS files, Images, etc.
● App_Data: stores XML files, Text Files, etc.
● App_GlobalResources: stores all the resources at global level E.g. resx files, etc
● App_LocalResources: stores all the resources at local/Page level

It is a process where things that can be handled before compilation are prepared in order to
reduce the deployment time, response time, increase safety. It’s main aim to boost performance.
It also helps in informing about the compilation failures.
During development, it allows you to make changes to the web pages and reuse it using the
same web browser to validate the changes without compiling the entire website.
During deployment, it generates the entire website folder structure in the destination. All the
static files are copied to the folder and bin directory would later on contain the compiled dll.

8) How can we create custom controls in ASP.NET?

Custom controls are user defined controls. They can be created by grouping existing
controls, by deriving the control from System.Web.UI.WebControls.WebControl or by enhancing the
functionality of any other custom control. Custom controls are complied into DLL’s and thus can be
referenced by as any other web server control.

Basic steps to create a Custom control:

1. Create Control Library
2. Write the appropriate code
3. Compile the control library
4. Copy to the DLL of the control library to the project where this control needs to be used
5. The custom control can then be registered on the webpage as any user control through the
@Register tag.

9) What is an application domain?

It's a way in CLR to maintain a boundary between various applications to ensure that they do
not interfere in working of any other application. CLR acts as a mini operating system where a single
process may have various application domains.
● An operating system process can have many ongoing application domains. Application
Domains keep an application separate.
● All objects created within the same application scope are created within the same application
domain.
● Multiple application domains can exist in a single operating system process,
● Distinct memory address space allocation by the OS is effective but expensive and it does not
satisfy to the numbers required for large web servers.
● However, the CLR isolates an application by managing the memory use of code running
within the application domain due to which the code cannot access memory outside the
boundaries of the domain.

10) Explain the two different types of remote object creation mode in .NET.
Ways in which object can be created using Remoting: -
SAO Server Activated Object (call mode): lasts the lifetime of the server. They are activated
as SingleCall/Singleton objects. It makes objects stateless. A SingleCall object gets created for each
request by client and A Singleton object is created once on the server and is shared by all the clients.
CAO (Client Activated Objects): CAO creates stateful objects. The object creation request is
based on the request by client side. Therefore, the lifetime is based on client and not server. Single
instance of object is created for every call.

11) Explain Singleton architecture of Remoting.

Singleton architecture is to be used when all the applications have to use or share same data.

12) Define LeaseTime, SponsorshipTime, RenewOnCallTime, LeaseManagePollTime.

Terms related to lifecycle of a remoting object.
The LeaseTime property protects the object so that the garbage collector does not destroy it
as remoting objects are beyond the scope of the garbage collector. Every object created has a default
leasetime for which it will be activated. Once the leasetime expires, the object is eligible again for
garbage collector and is eventually destroyed. Default value is 5 minutes.
Even though the leasetime of an object has expired, there still may be clients who would still
need the remoting object on the server. In such cases the leasemanager keeps a track of such clients
and asks them if they need the object and are ready to extend or sponsor the object to extend its
existence. This is done through SponsorshipTime property, which is then based on the sponsor.
The RenewOnCallTime property defines the duration for which a remoting object's lease is
extended if a sponsor is found. The default value is 2 minutes.
The LeaseManager class has a property PollTime, which defines the frequency at which the
LeaseManager polls the leases. Default is 10 seconds.

13) Briefly explain how to specify remoting parameters using config files.
The remoting parameters can be specified through both programming and in config files. All
the settings defined in config files are placed under <system.runtime.remoting>
<application> is placed under system.runtime.remoting but the name attribute of application
tag specifies if the parameter is for server or client. RemotingConfiguration.Configure is used to
access the configuration keys for remoting properties.

14) What is marshalling? Explain types of marshalling.

Marshaling is a process of transforming or serializing data from one application domain and
exporting it to another application domain.

Two types of marshalling

● Marshal by value: a copy of an object is created by the server and is passed and used by the
client.
● Marshal by reference: the client creates a proxy to access the object.

15) What is ObjRef object in remoting?

ObjRef is a searializable object returned by Marshal() that knows about location of the remote
object, host name, port number, and object name.

16) Explain the steps of acquiring a proxy object in web services.

Client communicates to UDI node to retrieve a list of available web services that the client has
access to.
Every service listed has a URI pointing to the service's DISCO or WSDL document, which is
needed to access the webservice and its 'webmethod" methods.
After interpreting the DISCO document, follow the URI for the WSDL document related to the
chosen webservice.
Client then adds and parses the WSDL document and creates a proxy object which can then
communicate with Webservice and access its "webmethod" methods.

17) Explain the steps to create a web services and consume it.
Steps to create and consume a webservice
Creation:
 1. Create a new website by selecting "ASP.NET Web Site" and giving it a suitable name.
2. service.cs file appears inside the solution with a default webmethod named as "HelloWorld()"
3. Right click on the webservice project and add a web reference instead of adding a normal
reference.
4. A window appears that displays a list of webservices knows to the solution.
5. Click on "Webservices in this solution"
6. a search progress bar appears and
7. Select the service that appears in the list
8. progress bar appears once again.
9. web method appears on the screen
10. Click on "Add reference" button. This would add localhost
11. solution would have App_WebReference folder

Consumption or Usage:
1. Add a UI (.aspx) to the webservice project
2. Add a button and a label to the form
3. Double click the button to see the click event of the button
4. Create an object of type service localhost.serviceName
5. Write code to display the value returned by the webmethod on the label
6. Execute the solution by setting the added aspx as the startpage.
7. click on the button and the message "Hello World" would be displayed on the label

18) Explain the difference between cache object and application object.

Application Object: Application variable/object stores an Object with a scope of availability of

the entire Application unless explicitly destroyed.
Caching Object: The lifetime of cache is throughout the lifetime of an application or is based
upon timeouts

19) What is Cache Callback in Cache?

The cache object has dependencies e.g. relationships to the file it stores. Cache items
remove the object when these dependencies change. As a work around we would need to simply
execute a callback method whenever items are removed from the cache to add the items back in
cache.
e.g.: We have a string variable string var="hello" and store it in cache. This item would be
removed from the cache if value is changed from "hello" to "bye". In such a case we need to simply
right a callback function which would add updated var back in cache as it’s been removed as a result
of its dependencies changing.

20) What is Scavenging?

A process where items are removed from cache in order to free the memory based on their
priority. A property called "CacheItemPriority" is used to figure out the priority of each item inside the
cache. This priority property is set when an item is added to the cache.
21) Explain the types of Caching using Cache object of ASP.NET.
Page output: Is used to fetch information or data at page level. It is best used when the site is
mainly static. Used by declaring the output page directive
Page fragment: Is used to cache the structure level information. It is used when parts of
pages change. For example: user control
Programmatic or data: Is used to fetch the information of an application quickly based on the
requirements.

22) Show with an example how to Cache different version of same page using ASP.NET Cache
object.
The ways to cache different versions on the same page using ASP.NET cache object is using
OutputCache object.

Three parameters of OutputCache, has 3 parameters:

● VarByParam: based on input parameters passed through HTTP POST/GET.
● VarByHeader: based on the page header content.
● VayByCustom: based on declaration of an attribute and overriding GetVaryByCustomString
handler.
● VarByControl: varies with the value of properties of ASP objects.

23) Explain how to implement Fragment Cache

Fragment cache is to store user controls individually within a web form in cache instead of
the whole webform as such. The idea is to simply have different cache parameters for different user
controls.

control1: <%@ OutputCache Duration="40" VaryByParam="none"%>

control2: <%@ OutputCache Duration="60" VaryByParam="none"%>

If control1 and control2 exist on a single webform together, the values of control1 and control2
would be cached for different durations based on @OutputCache directive.

24) Explain the various modes of storing ASP.NET session

Types of sessions:
InProc: The default way to use sessions. InProc is the fastest way to store and access
sessions.
OutProc:
i. State server: 15% slower than InProc. Session is serialized and stored in aspnet_state.exe
process. Stateserver sessions can be stored on a separate machine too.
ii. SQL Server: 25% slower than InProc. Used when data is to be serialized and stored in SQL
Server database.
Answer 2
In-Process state management:
 ● The In-Process type of Session state management stores the session in memory on the web
server.
● In order to have a user always reconnect to the same web-server, a sticky server is needed.
Out-of-Process state management:
● Out-of-Process Session state management stores data in an external data source.
● The external data source may be a SQL Server or a State Server service.
● Out-of-Process state management requires the objects in a session to be serializable..

25) What are the benefits and limitations of using hidden fields?
Advantages:
● Easy to implement
● Hidden fields are supported by all browsers
● Enables faster access of information because data is stored on client side
Disadvantages:
● Not secure because the data is stored on Client side.
● Decreases page performance if too many hidden fields
● Only support single value.

26) What are the benefits and limitations of using Hidden Frames?
Advantages:
● Hidden frames allow you to cache more than one data field.
● The ability to cache and access data items stored in different hidden forms.
Disadvantages:
● Not supported by all browsers
● Stored data is not secured as it is stored on client's machine in the form of hidden fields

27) What are benefits and limitations of using Cookies?

Advantages:
1. They are simple to use.
2. Light in size, thus occupy less memory.
3. Stores server information on client side
4. Data need not to be sent back to server.
5. Cookies persist for much longer period of time than a session.
Disadvantages:
1. Since they are stored on the client side in plain text, they are not secure.
2. Number of cookies that can be stored and their size is limited.
3. They don't work if security level is set too high in browser.
4. Some people might just disable cookies on their browsers.

28) What is QueryString? Benefits and limitations of using querystring.

Querystring is way to transfer information from one page to another through the URL.
QueryString is attached to the URL with "?".
Advantages:
 ● Supported by all the browsers
● No extra effort is needed to code.
● Easy to use.
Disadvantages:
● All the attributes and values are visible to the end user. Therefore, they are not secure.
● There is a limit to URL length of 255 characters.

29) What is Absolute and Sliding expiration in .NET?

Absolute and sliding expiration are two Time based expiration strategies.
Absolute Expiration: Cache in this case expires at a fixed specified date or time.
Example: Cache. Insert("ABC", ds, null, DateTime.Now.AddMinutes(1), Cache.NoSlidingExpiration);
The cache is set to expire exactly two minutes after the user has retrieved the data.
Sliding Expiration: the cache duration increases in this case by the specified sliding expiration
value every time the page is requested. More a page is requested it will remain in cache, whereas a
less requested page will not remain in cache.
Example: Cache.Insert("ABC", ds, null, Cache.NoAbsoluteExpiration,
TimeSpan.FromMinutes(1));

30) Explain the concepts and capabilities of cross page posting.

Cross Page Posting: It refers to the scenario where on event of some controls posts from
one page to another instead of a normal postback. Normal postback is when for e.g. a button (or any
control that postbacks) is clicked and web page is submits the page back to itself which means a
return trip. In Cross page posting, on click of a button there would be no return trip.
Cross-page posting is done at the control level. It is possible to create a page that posts to
different pages depending on what button the user clicks on. It is handled by done by changing the
postbackurl property of the controls.

31) Explain how to access ViewState value of this page in the next page.
PreviousPage property is set to the page property of the nest page to access the viewstate value of
the page in the next page. Page poster = this.PreviousPage;
Once that is done, a control can be found from the previous page and its state can be read.

Label posterLabel = poster.findControl("myLabel");

string lbl = posterLabel.Text;

32) What is SQL Cache Dependency in ASP.NET?

SQL Cache Dependency in ASP.NET: It is the mechanism where the cache object gets
invalidated when the related data or the related resource is modified. It is a feature in SQL Server
2005 and SQL Server 2000.

3 types of SQL-cache dependencies exist:

● Other cache items.
● Files/folders.
 ● Dependencies on a database query.

33) Explain the concepts of Post Cache Substitution in .NET

Post Cache Substitution: It works opposite to fragment caching. The entire page is cached,
except what is to be kept dynamic. When [OutputCache] attribute is used, the page is cached on both
the server and the client. Whereas, you use in case of post cache substitution the page is cached on
the server only. HttpResponse.WriteSubstitution method is a way to implement it.

34) Explain the use of localization and Globalization.

Users of different countries, use different languages and others settings like currency, and dates.
Therefore, applications are needed to be configurable as per the required settings based on cultures,
regions, countries.
Globalization: Is a way of writing the executables in a way that they are culture or language neutral.
The culture and language details specific details should be kept configurable. The main part
of Globalization is to find out the locale-sensitive resources that are needed to be kept configurable
and to segregate these resources from the executable code.
Localization: Is the task to customize the application. The main part of localization is the
translation of resources found in globalization.

35) Explain the concepts of CODE Page approach. What are the disadvantages of this
approach?
Code Page was used before Unicode came into existence. It was a technique to represent characters
in different languages. It was a different interpretation of ASCII set which means it kept 128 characters
for English and rest 128 were specifically tailored for other languages.

Disadvantages:
● Languages like Japanese and Chinese having more than 5000 characters were difficult to
represent n 128 character set.
● Clients also need to have a support for code page.
● It‘s representation is done on the basis of operating system.

36) What are resource files and explain how do we generate resource files?
Resource files are files in XML format. They contain all the resources needed by an
application. These files can be used to store string, bitmaps, icons, fonts.

Steps to generate a resource file:

1. Open the web page in the design view.
2. Click Tools
3. Select generate local resource
4. resx file generated in the solution explorer
5. Type in the resources. The file contains the key and value pairs.
6. Save the file.
37) What are Satellite assemblies and how to generate Satellite assemblies?
Satellite Assemblies are language-specific assemblies and are used for language-specific resources
for an application. Each assembly of this kind has a separate language specific ID and is installed in a
language-specific subdirectory for each language.
To support the feature of multiple languages, we need to create different modules that are
customized on the basis of localization. These assemblies created on the basis of different modules
are knows as satellite assemblies.

Steps to generate satellite assemblies:

1. Set the paths for resgen and al.exe:
2. Create a .resources file.
3. Create the satellite assembly.
4. The assembly should have the naming convention for .NET to be able to search for it.
5. Specify the settings for culture.
6. Put the satellite assembly in the appropriate folder.
7. Once the satellite assembly is created, physically copy it to the appropriate directory.
8. Repeat the process for each language in which you are creating an assembly.

38) Define AL.EXE and RESGEN.EXE.

Al.exe: It embeds the resources into a satellite assembly. It takes the resources in .resources
binary format.
resgen.exe:The input for Al.exe is generally plain text or XML-based resource files i.e. in .resx
format. resgen.exe is used to convert such resources to the .resource in binary format which makes
then compatible with al.exe.

39) Explain the concepts of resource manager class.

ResourceManager class: It provides convenient access to resources that are culture-correct. The
access is provided at run time.
This class provides resource withdrawal when a localized resource does not exist. It helps
in resource serialization, and provides access to resources that are not packaged in your assembly.
It is very much possible to derive classes from ResourceManager class and create our own custom
resource solutions.

40) What is Windows communication foundation, WCF?

WCF is a framework that builds applications that can inter-communicate based on service oriented
architecture consuming secure and reliable web services. This also helps in Distributed computing.
The WCF also brings together the various communication models into a single model.

41) Explain the important principle of SOA.

A service-oriented architecture is collection of services which communicate with one another other.
The communication can range from simple data passing to two or more services organizing some
activity.
42) Explain the components of WCF - Service class, Hosting environment, END point.

WCF Service is composed of three components:

● Service class: It implements the service needed.
● Host environment: is an environment that hosts the developed service.
● Endpoints: are the connection points for the clients to connect to the service. Clients find the
end points through three components like service contract, binding, and address.

43) Difference between WCF and Web Services

WCF can create services similar in concept to ASMX, but has much more capabilities. WCF is much
more efficient than ASP.Net coz it is implemented on pipeline. WCF is more secure, reliable. As WCF
is implemented on a different pipeline it does not have all Http capabilities (Http session, cache etc).

44) What are different bindings supported by WCF?

1. BasicHttpBinding
2. WSHttpBinding
3. WSDualHttpBinding
4. WSFederationHttpBinding
5. NetTcpBinding
6. NetNamedPipeBinding
7. NetMsmqBinding
8. NetPeerTcpBinding
9. MsmqIntegrationBinding

45) What is duplex contract in WCF?

Duplex contract: It enables clients and servers to communicate with each other. The calls can
be initiated independently of the other one. The duplex contract is one the message patterns available
to Windows Communication Foundation (WCF) services. It comprises of two one-way contracts.

46) Different transaction isolation levels in WCF

1. Read Uncommitted: - Also known as Dirty isolation level. It makes sure that corrupt Data
cannot be read. This is the lowest isolation level
2. Read Committed: - It ensures not to read the data that has been changed by any other
application and is not yet committed. It is the default level.
3. Repeatable Read: - It stops the usage of dirt read and non-repeatable read. It states that data
fetched through a query will be locked and will not be updated by any other transaction.
4. Serializable: - It does not allow any modification and addition of new data till the transaction is
completed. This is considered to be a very restrictive level.
5. Snapshot: - It raises error on modifying a data that has already been changed by any
transaction.

47) What are Volatile and Dead letter queues?

Volatile Queues: There are scenarios in the project when you want the message to deliver in
proper time. The timely delivery of message is very more important and to ensure they are not lost is
important too. Volatile queues are used for such purposes.
Dead-Letter Queues: Queues are needed so that client and server are not required to run
at the same time when the message is sent. When a message lies inside a queue for a long time
on the server and becomes invalid after some time period, then such messages are not to be sent
to the client. All these messages are sent to dead-letter queue. Therefore, dead-letter queues are
responsible for storing messages that fail timely delivery.

48) What is Windows workflow foundation?

Windows Workflow Foundation (WF): It is a platform for building, managing and executing workflow-
enabled applications, for designing and implementing a programming model for controlling and
communicating with workflows, a workflow execution engine and more.

49) Explain the types of Workflow in Windows Workflow Foundation.

There are 3 types of workflows in WWF:

Sequential Workflow: The sequential workflow style executes a set of contained activities in
order, one by one and does not provide an option to go back to any step.
State Machine Workflow: It represents the workflow in the form of a state machine containing
set of states, each of them receiving events. These events lead to transition from one state to another
one.
Rules-driven Workflow: It is based on Sequential/StateMachine workflow.

50) What are XOML files?

XOML is an acronym for Extensible Object Markup Language. XOML files are the markup files. They
are used to declare the workflow and are then compiled with the file containing the implementation
logic. XOML file is used separately to ensure code-separation workflow authoring

51) How to make an application offline in ASP.NET 2.0.

Microsoft's Internet Information Services web server software is used to make an application offline.
The IIS is instructed to route all incoming requests for the web site to another URL automatically.

Steps for application configuration:

1. In the properties of IIS manager, choose Virtual Directory tab and indicate that the content for
this application should come from "A redirection to a URL."
2. Then enter the same URL to redirect.

Ways to take an asp.net application offline:

1. Stop IIS server.
2. Redirect your website to an ErrorPage.htm file which displays appropriate information/
feedback to users requesting the website.
3. In the web.config look for and set it to false. This will return a default ASP.Net 4040 status
page to the requesting end users.
 4. <httpRuntime enable="false" />
5. Add to App_Offline.htm page to the root of the website. To bring the application back up,
simply delete this file.

52) What are script injection attacks?

Script injection attacks called Cross-site scripting (XSS) attacks exploit vulnerabilities in Web page
validation by injecting client-side script code.
This code executes on the user’s browser after the browser downloads the script code from a trusted
site and then the browser has no way of determining the legitimacy code.
Script injection attacks occur when an end user tries to fill in malicious code in the form or
input fields of a form to access database or change it or destroy it. The malicious code tries to fool the
application, that it was just another end user. The technique involves submitting contents wrapped in
<script>, <object>, <applet>, <embed>, <frame>, <link> etc tags.
Request validation and validating the input provided by the end user are a solution to such attacks.
One can use the following in the web.config for validating requests for all pages in the application.

<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<pages validateRequest="false"/>
</system.web>
</configuration>

53) What is Authentication in ASP.NET?

Authentication is the process of verifying user’s details and find if the user is a valid user to the
system or not. This process of authentication is needed to provide authority to the user. ASP.NET
implements authentication through authentication providers. Each provider has OnAuthenticate event.
It allows building a custom authorization scheme.

54) What is Authorization in ASP.NET?

Authorization is a process that takes place based on the authentication of the user. Once
authenticated, based on user’s credentials, it is determined what rights des a user have. In ASP.NET,
there are two ways to authorize access to a given resource:
● File authorization
● URL authorization

55) Overview of the .NET Compact Framework

.NET Compact Framework is a scaled down versions of .NET framework for supporting Windows CE
based mobile and embedded devices like mobile phones, PDA’s, factory controllers etc. It uses some
of the libraries of .NET framework as it is and also includes some special libraries for supporting
mobile devices. Some includes libraries are not the exact .NET libraries but a scaled down version of
those for reducing space needs.
56) What is Language Integrated Query (LINQ)?
LINQ is a set of extensions to .NET Framework that encapsulate language integrated query, set and
other transformation operations. It extends VB, C# with their language syntax for queries. It also
provides class libraries which allow a developer to take advantages of these features.