ASP.NET Interview Questions and Answers (Most Frequently Asked Questions)

Here is a short list of some of the most frequently asked questions in ASP.NET interviews. I hope you will find it useful. Best of Luck.

What is Fragment Caching in ASP.NET?

Fragment caching refers to the caching of individual user controls within a Web Form. Each user control can have independent cache durations and implementations of how the caching behavior is to be applied.Fragment caching is useful when you need to cache only a subset of a page. Navigation bars, header, and footers are good candidates for fragment caching.

Explain how to pass a querystring from an .asp page to aspx page.

To send parameter:

Response.Redirect("Default.aspx?Param1=" + this.formTextfieldParam1.Text + "&Param2=" + this. formTextfieldParam2.Text);

To receive this parameter:

this.form2TextField1.Text = Request.QueryString["Param1"];

this. form2TextField2.Text = Request.QueryString["Param2"];

Describe how Passport authentication works.

ASP.NET application with Passport authentication implemented checks the user’s machine for a current passport authentication cookie. If it is not available, ASP.NET directs the user to a Passport sign-on page. The Passport service authenticates the user, stores and authentication cookie on the user’s computer and direct the user to the requested page.

What is Authorization in ASP.NET?

Authorization is a process that takes place based on the authentication of the user. Once authenticated, based on user’s credentials, it is determined what rights des a user have. In ASP.NET, there are two ways to authorize access to a given resource:

a. File authorization

b. URL authorization

What is Authentication in ASP.NET?

Authentication is the process of verifying user’s details and find if the user is a valid user to the system or not. This process of authentication is needed to provide authority to the user. ASP.NET implements authentication through authentication providers. Each provider has OnAuthenticate event. It allows building a custom authorization scheme.

What are script injection attacks?

Script injection attacks occur when an end user tries to fill in malicious code in the form or input fields of a form to access database or change it or destroy it. The malicious code tries to fool the application, that it was just another end user. The technique involves submitting contents wrapped in <script>, <object>, <applet>, <embed>, <frame>, <link> etc tags.

Request validation and validating the input provided by the end user are a solution to such attacks. One can use the following in the web.config for validating requests for all pages in the application.

<configuration>

     <appSettings/>

     <connectionStrings/>

     <system.web>

           <pages validateRequest="false"/>

     </system.web>

</configuration>

How to make an application offline in ASP.NET?

Ways to take an asp.net application offline:

Stop IIS server.

Redirect your website to an ErrorPage.htm file which displays appropriate information/feedback to users requesting the website.

In the web.config look for and set it to false. This will return a default ASP.Net 4040 status page to the requesting end users.

<httpRuntime enable="false" />

Add to App_Offline.htm page to the root of the website. To bring the application back up, simply delete this file.

Difference between WCF and Web Services.

WCF can create services similar in concept to ASMX, but has much more capabilities. WCF is much more efficient than ASP.Net coz it is implemented on pipeline. WCF is more secure, reliable. As WCF is implemented on a different pipeline it does not have all Http capabilities (Http session, cache etc).

Define AL.EXE and RESGEN.EXE.

Al.exe: It embeds the resources into a satellite assembly. It takes the resources in .resources binary format.

resgen.exe:The input for Al.exe is generally plain text or XML-based resource files i.e. in .resx format. resgen.exe is used to convert such resources to the .resource in binary format which makes then compatible with al.exe.

What are resource files and explain how do we generate resource files?

Resource files are files in XML format. They contain all the resources needed by an application. These files can be used to store string, bitmaps, icons, fonts.

Steps to generate a resource file:

a. Open the web page in the design view.

b. Click Tools

c. Select generate local resource

d. .resx file generated in the solution explorer

e. Type in the resources. The file contains the key and value pairs.

f. Save the file.

Explain the use of localization and Globalization.

Users of different countries, use different languages and others settings like currency, and dates. Therefore, applications are needed to be configurable as per the required settings based on cultures, regions, countries.

Globalization: Is a way of writing the executable in a way that they are culture or language neutral.

The culture and language details specific details should be kept configurable. The main part of Globalization is to find out the locale-sensitive resources that are needed to be kept configurable and to segregate these resources from the executable code.

Localization: Is the task to customize the application. The main part of localization is the translation of resources found in globalization.

Explain the concepts of Post Cache Substitution in .NET.

Post Cache Substitution: It works opposite to fragment caching. The entire page is cached, except what is to be kept dynamic. When [OutputCache] attribute is used, the page is cached on both the server and the client. Whereas, you use in case of post cache substitution the page is cached on the server only. HttpResponse.WriteSubstitution method is a way to implement it.

What is SQL Cache Dependency in ASP.NET?

SQL Cache Dependency in ASP.NET: It is the mechanism where the cache object gets invalidated when the related data or the related resource is modified. It is a feature in SQL Server 2005 and SQL Server 2000.

Three types of SQL-cache dependencies exist:

a. Other cache items.

b. Files/folders.

c. Dependencies on a database query.

Explain how to access ViewState value of this page in the next page.

PreviousPage property is set to the page property of the nest page to access the viewstate value of the page in the next page. Page poster = this.PreviousPage;

Once that is done, a control can be found from the previous page and its state can be read.

Label posterLabel = poster.findControl("myLabel");

string lbl = posterLabel.Text;

Explain the concepts and capabilities of cross page posting.

Cross Page Posting: It refers to the scenario where on event of some controls posts from one page to another instead of a normal postback. Normal postback is when for e.g. a button (or any control that postbacks) is clicked and web page is submits the page back to itself which means a return trip. In Cross page posting, on click of a button there would be no return trip.

Cross-page posting is done at the control level. It is possible to create a page that posts to different pages depending on what button the user clicks on. It is handled by done by changing the postbackurl property of the controls.

What is QueryString? Benefits and limitations of using querystring.

Querystring is way to transfer information from one page to another through the URL. QueryString is attached to the URL with "?".

Advantages:

a. Supported by all the browsers

b. No extra effort is needed to code.

c. Easy to use.

Disadvantages:

a. All the attributes and values are visible to the end user. Therefore, they are not secure.

b. There is a limit to URL length of 255 characters.

What are benefits and limitations of using Cookies?

Advantages:

a. They are simple to use.

b. Light in size, thus occupy less memory.

c. Stores server information on client side

d. Data need not to be sent back to server.

e. Cookies persist for much longer period of time than a session.

Disadvantages:

a. Since they are stored on the client side in plain text, they are not secure.

b. Number of cookies that can be stored and their size is limited.

c. They don't work if security level is set too high in browser.

d. Some people might just disable cookies on their browsers.

What are the benefits and limitations of using Hidden Frames?

Advantages:

a. Hidden frames allow you to cache more than one data field.

b. The ability to cache and access data items stored in different hidden forms.

Disadvantages:

a. Not supported by all browsers.

b. Stored data is not secured as it is stored on client's machine in the form of hidden fields.

What are the benefits and limitations of using hidden fields?

Advantages:

a. Easy to implement

b. Hidden fields are supported by all browsers

c. Enables faster access of information because data is stored on client side

Disadvantages:

a. Not secure because the data is stored on Client side.

b. Decreases page performance if too many hidden fields

c. Only support single value.

What are the different types of Session state management options available with ASP.NET?

In-Process state management:

The In-Process type of Session state management stores the session in memory on the web server.

In order to have a user always reconnect to the same web-server, a sticky server is needed.

Out-of-Process state management:

Out-of-Process Session state management stores data in an external data source.

The external data source may be a SQL Server or a State Server service.

Out-of-Process state management requires the objects in a session to be serializable.

Explain the difference between cache object and application object.

Application Object: Application variable/object stores an Object with a scope of availability of the entire Application unless explicitly destroyed.

Caching Object: The lifetime of cache is throughout the lifetime of an application or is based upon timeouts.

Explain the steps to create a web services and consume it.

Creation:

a. Create a new website by selecting "ASP.NET Web Site" and giving it a suitable name.

b. service.cs file appears inside the solution with a default webmethod named as "HelloWorld()"

c. Right click on the webservice project and add a web reference instead of adding a normal reference.

d. A window appears that displays a list of webservices knows to the solution.

e. Click on "Webservices in this solution"

f. a search progress bar appears and

g. Select the service that appears in the list

h. progress bar appears once again.

i. web method appears on the screen

j. Click on "Add reference" button. This would add localhost

k. solution would have App_WebReference folder

Consumption or Usage:

a. Add a UI (.aspx) to the webservice project

b. Add a button and a label to the form

c. Double click the button to see the click event of the button

d. Create an object of type service localhost.serviceName

e. Write code to display the value returned by the webmethod on the label

f. Execute the solution by setting the added aspx as the startpage.

g. click on the button and the message "Hello World" would be displayed on the label

What is ObjRef object in remoting?

ObjRef is a searializable object returned by Marshal() that knows about location of the remote object, host name, port number, and object name.

What is marshalling? Explain types of marshalling.

Marshaling is a process of transforming or serializing data from one application domain and exporting it to another application domain.

Two types of marshalling:

Marshal by value: a copy of an object is created by the server and is passed and used by the client.

Marshal by reference: the client creates a proxy to access the object.

Briefly explain how to specify remoting parameters using config files.

The remoting parameters can be specified through both programming and in config files. All the settings defined in config files are placed under <system.runtime.remoting>

<application> is placed under system.runtime.remoting but the name attribute of application tag specifies if the parameter is for server or client. RemotingConfiguration.Configure is used to access the configuration keys for remoting properties.

Explain Singleton architecture of Remoting.

Singleton architecture is to be used when all the applications have to use or share same data.

What is the difference between URL and URI?

A URL (Uniform Resource Locator) is the address of some resource on the Web. A resource is nothing but a page of a site. There are other type of resources than Web pages, but that's the easiest conceptually. 

A URI is a unique identifier to usually a namespace. Though it looks like a URL but it doesn’t have to necessarily locate any resource on the web.

URI is a generic term. URL is a type of URI.

What is an application domain?

It's a way in CLR to maintain a boundary between various applications to ensure that they do not interfere in working of any other application. CLR acts as a mini operating system where a single process may have various application domains.

How can we create custom controls in ASP.NET?

Custom controls are user defined controls. They can be created by grouping existing controls, by deriving the control from System.Web.UI.WebControls.WebControl or by enhancing the functionality of any other custom control. Custom controls are compiled into DLL’s and thus can be referenced by as any other web server control.

Basic steps to create a Custom control:

1. Create Control Library

2. Write the appropriate code

3. Compile the control library

4. Copy to the DLL of the control library to the project where this control needs to be used

5. The custom control can then be registered on the webpage as any user control through the @Register tag.

What is the Pre-Compilation feature of ASP.NET?

Previously, in ASP.NET, the pages and the code used to be compiled dynamically and then cached so as to make the requests to access the page extremely efficient. In ASP.NET 2.0, the pre-compilation feature is used with which an entire site is precompiled before it is made available to users.

There is a pre-defined folder structure for enabling the pre-compilation feature:

App_Code: stores classes

App_Themes: stores CSS files, Images, etc.

App_Data: stores XML files, Text Files, etc.

App_GlobalResources: stores all the resources at global level E.g. resx files, etc

App_LocalResources: stores all the resources at local/Page level

Difference between src and Code-Behind.

With the ‘src’ attribute, the source code files are deployed and are compiled by the JIT as needed. Though the code is available to everyone with an access to the server (NOT anyone on the web), this method is preferred as it does away with the compilation of the DLLs.

‘CodeBehind’ attribute just has the VS.NET associate the code file with the aspx file. This is necessary since VS.NET automates the pre-compiling that is harder by hand.

Due to this the ‘Src’ attribute is done away with having only a DLL to be deployed enhancing the protection level even though it can be decompiled.

What is ViewState? Explain its benefits and limitations.

Viewstate is used to maintain or retain values on postback. It helps in preserving a page. Viewstate is internally maintained as a hidden field in encrypted form along with a key.

Advantages:

i) No server resources.

ii) Viewstate ensures security because it stores the data in encrypted format.

iii) Viewstates are simple. They are used by enabling or disabling the viewstate properties.

iv) It is based on the wish of developer that they want to implement it at the page level or at control level.

Disadvantages:

i) If large amount of data is stored on the page, then page load might cause a problem.

ii) Does not track across pages. Viewstate information does not automatically transfer from page to page.

What is the difference between login controls and Forms authentication?

Forms authentication can be easily implemented using login controls without writing any code. Login control performs functions like prompting for user credentials, validating them and issuing authentication just as the FormsAuthentication class. However, all that’s needs to be dne is to drag and drop the use control from the tool box to have these checks performed implicitly. The FormsAuthentication class is used in the background for the authentication ticket and ASP.NET membership is used to validate the user credentials.

What is a partial class in .net?

When there is a need to keep the business logic separate from the User Interface or when there is some class which is big enough to have multiple numbers of developers implement the methods in it, the class can be separated and written in different files as partial class.

The keyword partial must appear in each class.

//syntax for C#

Public partial class MyPartialClass1

{

         //code

}

// this code could be in file1

Public partial class MyPartialClass1

{

         //code

}

// this code could be in file2

Explain the advantages of Passport authentication.

User doesn’t have to remember separate user names and passwords for various Web sites. User can maintain his or her profile information in a single location. Passport authentication also avail access to various Microsoft services, such as Passport Express Purchase.

What is caching?

Caching is the technique of storing frequently used items in memory so that they can be accessed more quickly. By caching the response, the request is served from the response already stored in memory. It’s important to choose the items to cache wisely as Caching incurs overhead. A Web form that is frequently used and does not contain data that frequently changes is good for caching. A cached web form freezes form’s server-side content and changes to that content do not appear until the cache is refreshed. The @OutputCache directive’s Duration attribute determines how long the page is cached. If the duration attribute is set to 60 seconds, the Web form is cached for 60 seconds; the server loads the response in memory and retains that response for 60 seconds. Any requests during that time receive the cached response. Once the cache duration has expired, the next request generates a new response and cached for another 60 seconds.

What are XOML files?

XOML is an acronym for Extensible Object Markup Language. XOML files are the markup files. They are used to declare the workflow and are then compiled with the file containing the implementation logic. XOML file is used separately to ensure code-separation workflow authoring.

What is Windows workflow foundation?

Windows Workflow Foundation (WF): It is a platform for building, managing and executing workflow-enabled applications, for designing and implementing a programming model for controlling and communicating with workflows, a workflow execution engine and more.

Explain how to implement Fragment Cache.

Fragment cache is to store user controls individually within a web form in cache instead of the whole webform as such. The idea is to simply have different cache parameters for different user controls.

control1: <%@ OutputCache Duration="40" VaryByParam="none"%>

control2: <%@ OutputCache Duration="60" VaryByParam="none"%>

If control1 and control2 exist on a single webform together, the values of control1 and control2 would be cached for different durations based on @OutputCache directive.

Explain the types of Caching using Cache object of ASP.NET.

Page output: Is used to fetch information or data at page level. It is best used when the site is mainly static. Used by declaring the output page directive.

Page fragment: Is used to cache the structure level information. It is used when parts of pages change. For example: user control.

Programmatic or data: Is used to fetch the information of an application quickly based on the requirements.

What is Scavenging?

A process where items are removed from cache in order to free the memory based on their priority. A property called "CacheItemPriority" is used to figure out the priority of each item inside the cache. This priority property is set when an item is added to the cache.

What is Cache Callback in Cache?

The cache object has dependencies e.g. relationships to the file it stores. Cache items remove the object when these dependencies change. As a work around we would need to simply execute a callback method whenever items are removed from the cache to add the items back in cache.

e.g.: We have a string variable string var="hello" and store it in cache. This item would be removed from the cache if value is changed from "hello" to "bye". In such a case we need to simply right a callback function which would add updated var back in cache as it’s been removed as a result of its dependencies changing.