Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 3)
Customers download videos by using HTTP clients that support various content encodings. You need to configure caching on the DownloadVideo action to maximize performance. Which attribute should you add?
A. Option A
B. Option B
C. Option C
D. Option D
E. Option E
Answer: B
Q2. DRAG DROP - (Topic 1)
You need to implement security according to the business requirements.
How should you modify RunLogController? (To answer, drag the appropriate code segment to the correct location or locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Topic 2, Web Application
Background
You are developing an online shopping web application.
Business Requirements
A user is not required to provide an email address. If a user enters an email
address, it must be verified to be a valid email address.
Information about the first product on the product page must fade out over time to
encourage the user to continue browsing the catalog.
Administrators must be able to edit information about existing customers.
Administrators also must be able to specify a default product on the product page.
Technical Requirements
General:
The web store application is in a load-balanced web farm. The load balancer is not
configured to use server affinity.
The web store application is an ASP.NET MVC application written in Visual Studio
2012.
Products:
The value of the productId property must always be greater than 0.
The Products page for mobile devices must display to mobile users. The Products
page for desktop devices must display to desktop users.
Storage:
The data must be stored in a serialized XML data format.
Serialized objects must be schema-independent.
Exception handling:
Exceptions originating from IIS must display a page with support contact
information.
Some page links expire, and users who access these links encounter 404 errors.
Exceptions must be logged by using the WriteLog method of the Utility class.
Browser and device support:
The application must support image format conversions from .bmp to .jpeg for
mobile devices.
The application must support image format conversions from .bmp to .png for
desktop devices.
Application Structure
Q3. - (Topic 3)
You need to ensure that all the MVC controllers are secure.
Which code segment should you use as the body for the CreateController method in AdminVerifierFactory.es?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Q4. DRAG DROP - (Topic 4)
You are developing an ASP.NET MVC application.
Before an action is executed, information about the action must be written to a log. After
results are returned, information about the results also must be written to the log.
You need to log the actions and results.
You have the following code:
Which code segments should you include in Target 1, Target 2 and Target 3 to implement
the LogActionFilter class? (To answer, drag the appropriate code segments to the correct targets. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q5. - (Topic 4)
You are authoring unit tests.
The unit tests must test code that consumes sealed classes.
You need to create, maintain, and inject dependencies in the unit tests.
Which isolation method should you use?
A. T4 text templates and code generation
B. Stub types
C. Shim types
D. Hard-coded implementation
Answer: C
Explanation: http://msdn.microsoft.com/en-us/library/hh549176.aspx
Shim types are one of two technologies that the Microsoft Fakes Framework uses to let you easily isolate components under test from the environment. Shims divert calls to specific methods to code that you write as part of your test. Many methods return different results dependent on external conditions, but a shim is under the control of your test and can return consistent results at every call. This makes your tests much easier to write.
Q6. HOTSPOT - (Topic 4)
You are developing an ASP.NET MVC web application that enables users to open Microsoft Excel files.
The current implementation of the ExcelResult class is as follows.
You need to enable users to open Excel files. You have the following code:
Which code segments should you include in Target 1, Target 2 and Target 3 to implement the ExecuteResult method? To answer, select the appropriate option or options in the answer area.
Answer:
Q7. - (Topic 3)
You need to ensure that all customers can delete videos regardless of their browser capability.
Which code segment should you use as the body of the SendAsync method in the DeleteHandler class?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
Q8. - (Topic 4)
You are developing an ASP.NET MVC application that uses forms authentication. The application uses SQL queries that display customer order data.
You need to prevent all SQL injection attacks against the application.
How should you secure the queries?
A. Implement parameterization.
B. Pattern check the input.
C. Filter out prohibited words in the input.
D. Escape single quotes on string-based input parameters.
Answer: A
Explanation: With most development platforms, parameterized statements that work with parameters can be used (sometimes called placeholders or bind variables) instead of embedding user input in the statement. A placeholder can only store a value of the given type and not an arbitrary SQL fragment. Hence the SQL injection would simply be treated as a strange (and probably invalid) parameter value.
Reference: https://en.wikipedia.org/wiki/SQL_injection#Parameterized_statements
Q9. - (Topic 4)
You are developing an ASP.NET MVC application that will be deployed on a web farm.
Passwords must be stored in the web.config file and must not be readable or in a format
that is easily decodable
You need to encrypt the passwords that are stored in the web.config file.
Which command-line tool should you use?
A. Aspnet_regiis.exe
B. Ngen.exe
C. Aspnet_merge.exe
D. EdmGen.exe
Answer: A
Explanation: http://msdn.microsoft.com/en-us/library/zhhddkxy(v=vs.100).aspx
Q10. - (Topic 4)
You are designing an MVC web application.
The view must be as simple as possible for designers who do not have a technical
background.
You need to combine two existing models to meet the requirement.
Which component of the MVC framework should you use?
A. View
B. View Model
C. Controller
D. Model
Answer: B
Q11. Topic 1, Olympic Marathon
Background
You are developing an ASP.NET MVC application in Visual Studio 2012 that will be used by Olympic marathon runners to log data about training runs.
Business Requirements
The application stores date, distance, and duration information about a user's training runs. The user can view, insert, edit, and delete records.
The application must be optimized for accessibility.
All times must be displayed in the user's local time.
Technical Requirements
Data Access:
Database access is handled by a public class named
RunnerLog.DataAccess.RunnerLogDb.
All data retrieval must be done by HTTP GET and all data updates must be done by HTTP
POST.
Layout:
All pages in the application use a master layout file named \Views\Shared\_Layout.cshtml.
Models:
The application uses the \Models\LogModel.cs model.
Views:
All views in the application use the Razor view engine.
Four views located in \Views\RunLog are named: _CalculatePace.cshtml EditLog.cshtml GetLog.cshtml InsertLog.cshtml
The application also contains a \Views\Home\Index.cshtml view.
Controllers:
The application contains a \Controllers\RunLogController.cs controller.
Images:
A stopwatch.png image is located in the \Images folder.
Videos:
A map of a runner's path is available when a user views a run log. The map is implemented
as an Adobe Flash application and video. The browser should display the video natively if possible, using H264, Ogg, or WebM formats, in that order. If the video cannot be displayed, then the Flash application should be used.
Security:
You have the following security requirements: The application is configured to use forms authentication. Users must be logged on to insert runner data. Users must be members of the Admin role to edit or delete runner data. There are no security requirements for viewing runner data. You need to protect the application against cross-site request forgery. Passwords are hashed by using the SHA1 algorithm.
RunnerLog.Providers.RunLogRoleProvider.cs contains a custom role provider.
Relevant portions of the application files follow. (Line numbers are included for reference only.)
Application Structure
- (Topic 1)
You need to ensure that the application uses RunLogRoleProvider custom role provider.
How should you modify the web.config file? (To answer, drag the appropriate line of code to the correct location or locations. Each line of code may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q12. DRAG DROP - (Topic 4)
You are developing an ASP.NET MVC web application in Visual Studio 2012.
The application has a model named ReservationLocation that contains properties named City and State.
The view that displays reservations has a single text box named loc for entering the location information. The location is entered as city, state.
There are action methods that have ReservationLocation as a parameter type.
You need to ensure that the City and State properties are correctly populated.
How should you implement model binding for the ReservationLocation type? (To answer, drag the appropriate code segment to the correct location or locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q13. HOTSPOT - (Topic 3)
The designer for the website gave you the following image as the design for the page.
The normal color for the tab is *2da4c2, and the color when the mouse is over the tab is #ffd800.
The HTML that implements the navigation tab is as follows.
You need to implement the design.
What should you do? (To answer, select the appropriate options in the answer area.)
Answer:
Q14. - (Topic 2)
You are designing a Windows Communication Foundation (WCF) service that uses the Product class.
You need to update the class to meet the storage requirement.
What should you do? (Each correct answer presents part of the solution. Choose all that apply.)
A. Mark the Product class with the DataContract attribute.
B. Mark the public members of the Product class with the DataContractFormat attribute.
C. Mark the Product class with the CollectionDataContract attribute.
D. Mark the public members of the Product class with the DataMember attribute.
Answer: A,D
Explanation: So as of .NET 3.5 SP1, you don't have to add data contract or data member
attributes anymore - if you don't then the data contract serializer will serialize all public
properties on your class, just like the XML serializer would.
HOWEVER: by not adding those attributes, you lose a lot of useful capabilities:
. without [DataContract], you cannot define an XML namespace for your data to live
in . without [DataMember], you cannot serialize non-public properties or fields . without [DataMember], you cannot define an order of serialization (Order=) and the
DCS will serialize all properties alphabetically . without [DataMember], you cannot define a different name for your property (Name=) . without [DataMember], you cannot define things like IsRequired= or other useful attributes . without [DataMember], you cannot leave out certain public properties - all public properties will be serialized by the DCS
Q15. DRAG DROP - (Topic 4)
You are building an ASP.NET MVC web application.
The application will be viewed by users on their mobile phones.
You need to ensure that the page fits within the horizontal width of the device screens.
You have the following markup:
Which markup segments should you include in Target 1, Target 2 and Target 3 to complete the markup? (To answer, drag the appropriate markup segments to the correct targets. Each line of code may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q16. - (Topic 4)
You are designing a distributed application.
The application must store secure information that is specific to an individual user. The data must be automatically purged when the user logs off.
You need to save transient information in a secure data store.
Which data store should you use?
A. Session state
B. Database storage
C. Profile properties
D. Application state
Answer: B