Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
P.S. Best Quality 70-486 pack are available on Google Drive, GET MORE: https://drive.google.com/open?id=1WFCwXTbCJpEqiS8IdqIMF9wkLzCViejJ
Question No: 1
You are developing an ASP.NET MVC application that uses forms authentication. The user database contains a user named LibraryAdmin.
You have the following requirements:
You need to implement the controller to meet the requirements.
Which code segment should you use? (Each correct answer presents a complete solution. Choose all that apply.)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A,C
Question No: 2
You are developing an ASP.NET MVC application that uses forms authentication to verify that the user is logged in.
Authentication credentials must be encrypted and secure so no user identity is exposed.
You need to ensure that user credentials are persisted after users log on.
Where should you store the credentials? (Each correct answer presents a complete solution. Choose all that apply.)
A. In Session on the server
B. In a cookie stored in the browser
C. In ViewData in the application
D. In TempData on the server
Answer: A,B
Explanation:
Server sessions and cookies can both be configured to secure and they both persist after the users log on.
Incorrect:
Not C: ViewData's life only lasts during current http request.
Not D: TempData is a bucket where you can dump data that is only needed for the following request. That is, anything you put into TempData is discarded after the next request completes.
Question No: 3
You need to add a method to the ProductController class to meet the exception handling requirements for logging.
Which code segment should you use?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Question No: 4
You need to implement the requirements for handling IIS errors. What should you do?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A
Topic 3, Video Transcoding ServiceBackground
You are developing a video transcoding service. This service is used by customers to upload video files, convert video to other formats, and view the converted files. This service is used by customers all over the world.
Business Requirements
The user-facing portion of the application is an ASP.NET MVC application. It provides an interface for administrators to upload video and schedule transcoding. It also enables administrators and users to download the transcoded videos.
When videos are uploaded, they are populated with metadata used to identify the video. The video metadata is gathered by only one system when the video upload is complete.
Customers require support for Microsoft Internet Explorer 7 and later. The application contains a header that is visible on every page.
If the logged-on user is an administrator, then the header will contain links to administrative functions. This information is read from a cookie that is set on the server. The administrative links must not be present if an error condition is present.
Technical Requirements User Experience:
u2711 The front-end web application enables a user to view a list of videos.
u2711 The main view of the application is the web page that displays the list of videos.
u2711 HTML elements other than the list of videos are changed with every request requiring the page to reload.
Compatibility:
u2711 Some customers use browsers that do not support the HTTP DELETE verb.
u2711 These browsers send a POST request with an HTTP header of X-Delete when the intended action is to delete.
Transcoding:
u2711 The video transcoding occurs on a set of Windows Azure worker roles.
u2711 The transcoding is performed by a third-party command line tool named transcode.exe. When the tool is installed, an Environment variable named transcode contains the path to the utility.
u2711 A variable named license contains the license key. The license for the transcoding utility requires that it be unregistered when it is not in use.
u2711 The transcoding utility requires a significant amount of resources. A maximum of 10 instances of the utility can be running at any one time. If an instance of the role cannot process an additional video, it must not prevent any other roles from processing that video.
u2711 The utility logs errors to a Logs directory under the utilities path.
u2711 A local Azure directory resource named perf is used to capture performance data.
Development:
u2711 Developers must use Microsoft Remote Desktop Protocol (RDP) to view errors generated by the transcode.exe utility.
u2711 An x509 certificate has been created and distributed to the developers for this purpose.
u2711 Developers must be able to use only RDP and not any other administrative
functions.
Application Structure
Question No: 5
You create an ASP.NET MVC application. You host the application by using the Open Web
Interface for .NET (OWIN). You run the following command by using the NuGet Package Manager console:
install-package Microsoft.AspNet.SignalR
You plan to implement real-time push notifications from the server using ASP.NET SignalR. You need to complete the ASP.NET SignalR implementation.
Which three steps should you perform? Each correct answer presents part of the solution.
A. Create a hub class to push content to clients.
B. Create a class that derives from the PersistentConnection class. Use the derived class to push content to clients.
C. Use the SignalR jQuery library in a web page to send messages to the hub and display updates from the hub.
D. Map a SignalR hub to the app builder pipeline by using an OWIN startup class.
E. Start the SignalR hub asynchronously and respond to the appropriate callback methods.
Answer: A,C,D
Explanation:
A: In Solution Explorer, right-click the project, select Add | New Folder, and add a new folder named Hubs.
Right-click the Hubs folder, click Add | New Item, select the Visual C# | Web | SignalR node in the Installed pane, select SignalR Hub Class (v2) from the center pane, and create a new hub named ChatHub.cs. You will use this class as a SignalR server hub that sends messages to all clients.
C: Use the SignalR jQuery library in a web page to send messages and display updates from the hub.
D: Create an OWIN startup class to configure the application.
References: https://www.asp.net/signalr/overview/getting-started/tutorial-getting-started-with-signalr-and-mvc
Question No: 6
You are developing an ASP.NET MVC application that enables you to edit and save a student object.
The application must not retrieve student objects on an HTTP POST request. You need to implement the controller.
Which code segment should you use? (Each correct answer presents a complete solution. Choose all that apply.)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C,D
Question No: 7
You are developing an ASP.NET MVC application that enables you to edit and save a student object.
The application must not retrieve student objects on an HTTP POST request. You need to implement the controller.
Which code segment should you use? (Each correct answer presents a complete solution. Choose all that apply.)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: A,C
Question No: 8
You are developing an Azure worker role. You enable crash dump collection for the role. When the role starts, an external application stops responding.
You need to download the crash dump to determine why the application stops responding.
From which two locations can you download the crash dump? Each correct answer presents a complete solution.
A. Azure Blob storage
B. the temp folder on the virtual machine that is running the role instance
C. Azure file storage
D. the DiagnosticStore local resource folder on the virtual machine that is running the role instance
Answer: A,D
Explanation:
When you enable collection of crash dumps, the resulting data is written to the
CrashDumps directory in the DiagnosticStore local resource that is automatically configured for your role.
When crash dump data is transferred to persistent storage, it is stored to the wad-crash- dumps Blob container.
Question No: 9
You are preparing for the deployment of an ASP.NET MVC application. You need to generate a deployment manifest.
Which command-line tool should you use?
A. Mage.exe
B. Ngen.exe
C. ALexe
D. Resgen.exe
Answer: A
Explanation:
The Manifest Generation and Editing Tool (Mage.exe) is a command-line tool that supports the creation and editing of application and deployment manifests.
Incorrect:
Not B: The Native Image Generator (Ngen.exe) is a tool that improves the performance of managed applications. Ngen.exe creates native images
Not C: Al.exe generates a file with an assembly manifest, not an deployment manifest, from one or more files that are either resource files or Microsoft intermediate language (MSIL) files.
Not D: Resgen.exe, the Resource File Generator, converts text (.txt or .restext) files and XML-based resource format (.resx) files to common language runtime binary (.resources) files that can be embedded in a runtime binary executable or compiled into satellite assemblies.
References: http://www.devcurry.com/2011/02/important-net-framework-40-command- line.html
Question No: 10
You are developing an ASP.NET MVC application that uses forms authentication. The application uses SQL queries that display customer order data.
Logs show there have been several malicious attacks against the servers.
You need to prevent all SQL injection attacks from malicious users against the application. How should you secure the queries?
A. Check the input against patterns seen in the logs and other records.
B. Escape single quotes and apostrophes on all string-based input parameters.
C. Implement parameterization of all input strings.
D. Filter out prohibited words in the input submitted by the users.
Answer: C
Explanation:
SQL Injection Prevention, Defense Option 1: Prepared Statements (Parameterized Queries)
The use of prepared statements (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.
Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker.
P.S. Easily pass 70-486 Exam with Certleader Best Quality Dumps & pdf vce, Try Free: https://www.certleader.com/70-486-dumps.html (210 New Questions)