Do you know that? 83% freelancers are paid after the agreed-upon date next

Contact Email:

See right interview answers on 30 common job interview questions

Collapse | Expand

1. Advantages and disadvantages of using cookies


Cookies are stored in client thus no burden as far as space is concern

Cookies are light weight and involves no complexities while using


Most browsers have put a check on the size of a cookie.

Cookies can be disabled on the client thus limiting the use of cookies

Cookies are tampered prone and thus associate security concern

Cookies can expire thus leading to inconsistency

2. Advantages and disadvantages of using Session State.

The advantages of using session state are as follows:
It is easy to implement.
It ensures data durability, since session state retains data even if ASP.NET work process restarts asdata in Session State is stored in other process space.
It works in the multi-process configuration, thus ensures platform scalability.

The disadvantages of using session state are:
Since data in session state is stored in server memory, it is not advisable to use session state when working with large sum of data. Session state variable stays in memory until you destroy it, so too many variables in the memory effect performance.

3. Advantages of Caching

It increases performance of the application by serving user with cached output.
It decreases server round trips for fetching data from database by persisting data in the memory.
It greatly reduces overhead from server resources.

4. Advantages of using Master Page in ASP.NET

Master pages enables consistent and standardized layout to the website.
You can make layout changes of the site in the master page instead of making change in the pages.
It is very easy to implement.

5. Application state variables

The data stored in these variables is available to all the users i.e. all the active sessions.

6. Authentication and authorization.

- Authentication is the process of verifyng the identity of a user using some credentials like username and password while authorization determines the parts of the system to which a particular identity has access.
- Authentication is required before authorization.

For e.g. If an employee authenticates himself with his credentials on a system, authorization will determine if he has the control over just publishing the content or also editing it.

7. Briefly explain how to specify remoting parameters using config files.

The remoting parameters can be specified through both programming and in config files. All the settings defined in config files are placed under <system.runtime.remoting>

<application> is placed under system.runtime.remoting but the name attribute of application tag specifies if the parameter is for server or client. RemotingConfiguration.Configure is used to access the configuration keys for remoting properties.

8. Can we validate a DropDownList by RequiredFieldValidator?

Yes, we can validate a DropDownList by RequiredFieldValidator. To perform this validation, we have to set the InitialValue property of RequiredFieldValidator control.

9. Can you explain the basic use of DataView?

DataView is used for sorting and searching data within datatable.

It has got following methods:

Find - returns the index of the row
FindRow - Returns a collection of DataRow
AddNew - Add a new row to the DataView object
Delete - Deletes the specific row from DataView object

10. Can you explain the importance of Finalize method in .NET?

Clean up activities are entrusted to .NET Garbage collector in .NET. But unmanaged resources such as File, COM object etc. are beyond the scope of Garbage collector. For these type of objects, we have Finalize method where clean up code for unmanaged resources can be put.

11. Client-side and server-side validations in Web pages.

- Client-side validations happends at the client's side with the help of JavaScript and VBScript. This happens before the Web page is sent to the server.
- Server-side validations occurs place at the server side.

12. Concept, capabilities and features ADO.NET

It is data-access technology, primarily disconnected and designed to provide efficient, scalable dataaccess.
The disconnected data is represented within aDataSetobject.
A data provider is a set of classes that provide access to databases. The main components of data provider are:

Visual Studio .NET includes two data providers:
SQL Data Provider
OleDb Data Provider

Two additional data providers are included in Visual Studio .NET 2003:
ODBC Data Provider
Oracle Data Provider

13. Define access modifiers.

Access modifiers are used to control the scope of type members.
There arefive access modifiersthatprovide varying levels of access.
Public(public),Friend(internal),Private(private),Protected(protected), andProtected Friend(protected internal)

14. Define ADO.NET Dataset.

A Dataset can represent an entire relational database in memory, complete with tables, relations, and views. A dataset is designed to work without any continuing connection to the original data source.
You can use For Each loops to move through the data in the dataset.

15. Define AL.EXE and RESGEN.EXE.

Al.exe: It embeds the resources into a satellite assembly. It takes the resources in .resources binary format.
resgen.exe:The input for Al.exe is generally plain text or XML-based resource files i.e. in .resx format. resgen.exe is used to convert such resources to the .resource in binary format which makes then compatible with al.exe.

16. Define application state variable and session state variable.

These objects provide two levels of scope:

Application State
Data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.

Session State
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application's configuration settings. By default, SessionID values are stored in a cookie.

17. Define authentication and authorization.

Authorization: The process of granting access privileges to resources or tasks within an application.

Authentication: The process of validating the identity of a user.

18. Define Caching in ASP.NET.

Caching technique allows to store/cache page output or application data on the client. The cached information is used to serve subsequent requests that avoid the overhead of recreating the same information. This enhances performance when same information is requested many times by the user.

19. Define caching.

Caching is the technique of storing frequently used items in memory so that they can be accessed more quickly. Caching technique allows to store/cache page output or application data on the client on the server. The cached information is used to serve subsequent requests that avoid the overhead of recreating the same information. This enhances performance when same information is requested many times by the user.

20. Define Client-side state management and Server-side state management.

Client-side state management
This maintains information on the client's machine using Cookies, View State, and Query Strings.

A cookie is a small text file on the client machine either in the client's file system or memory of client browser session. Cookies are not good for sensitive data. Moreover, Cookies can be disabled on the browser. Thus, you can't rely on cookies for state management.

View State
Each page and each control on the page has View State property. This property allows automatic retention of page and controls state between each trip to server. This means control value is maintained between page postbacks. Viewstate is implemented using _VIEWSTATE, a hidden form field which gets created automatically on each page. You can't transmit data to other page using view state.


Querystring can maintain limited state information. Data can be passed from one page to another with the URL but you can send limited size of data with the URL. Most browsers allow a limit of 255 characters on URL length.

Server-side state management
This kind of mechanism retains state in the server.

Application State
The data stored inan application object can be shared by all the sessions of the application. The application object stores data in the key value pair.

Session State
Session state stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application's configuration settings. By default, SessionID values are stored in a cookie.

Database can be used to store large state information. Database support is used in combination with cookies or session state.

21. Define Common Type System.

.Net allows developers to write program logic in at least 25 languages. The classes written in one language can be used by other languages in .Net. This service of .Net is possible through CTS which ensure the rules related to data types that all language must follow. It provides set of types that are used by all .NET languages and ensures .NET language type compatibility.

22. Define cookie.

A cookie is a small file on the client computer that a web application uses to maintain current session information. Cookies are used to identity a user in a future session.

23. Define Error Events.

ASP.NET supports events that occur when any unhandled exception occurs inan application. These events are called as Error Events.

ASP.NET provides two such events to handle exceptions

  • Page_Error : This is page event and is raised when any unhandled exception occur in the page.
  • Application_Error: This is application event and is raised for all unhandled exceptions in the ASP.NET application and is implemented in global.asax

The Error events have two methods to handle the exception:

  • GetLastError: Returns the last exception that occurred on the server.
  • ClearError: This method clear error and thus stop the error to triggersubsequent error event.

24. Define Exception handling in ASP.NET.

Exceptions or errors are unusual occurrences that happen within the logic of an application. The CLR has provided structured way to deal with exceptions using Try/Catch block. ASP.NET also supportsexceptionhandling through server events such as Page_Error and Application_Error events.

25. Define Globalization and Localization.

Globalization is the process of creating multilingual application by defining culture specific features like currency, date and time format, calendar and other issues. Localization is the process of accommodating cultural differences in an application.

26. Define HTML and XML

HTML: It has predefined elements names '<h1>', '<b>' etc
XML: You can create your own elements with syntax much stricter than HTML.

27. Define LeaseTime, SponsorshipTime, RenewOnCallTime, LeaseManagePollTime.

Terms related to lifecycle of a remoting object.

The LeaseTime property protects the object so that the garbage collector does not destroy it as remoting objects are beyond the scope of the garbage collector. Every object created has a default leasetime for which it will be activated. Once the leasetime expires, the object is eligible again for garbage collector and is eventually destroyed. Default value is 5 minutes.

Even though the leasetime of an object has expired, there still may be clients who would still need the remoting object on the server. In such cases the leasemanager keeps a track of such clients and asks them if they need the object and are ready to extend or sponsor the object to extend its existence. This is done through SponsorshipTime property, which is then based on the sponsor.

The RenewOnCallTime property defines the duration for which a remoting object's lease is extended if a sponsor is found. The default value is 2 minutes.

The LeaseManager class has a property PollTime, which defines the frequency at which the LeaseManager polls the leases. Default is 10 seconds.

28. Define MSIL.

MSIL is the Microsoft Intermediate Language. All .Net languages' executable exists as MSIL which gets converted into machine specific language using JIT compiler just before execution.

29. Define Multiple Master Page.

In ASP.NET, you can have multiple master pages each for a different purpose. You can provide users several layout options using Multiple Master Page. You can define Master Page at multiple places in the web application.

You can specify page-level using the @Page dierective.
You can specify using the Web.config.

Remember that the definition closest to the user wins that means page-level definition supersedes site-level definition.

30. Define namespace.

Namespaces are the way to organize programming code. It removes the chances of name conflict. It is quite possible to have one name for an item accidentally in large projects those results into conflict. By organizing your code into namespaces, you reduce the chance of these conflicts. You can create namespaces by enclosing a class in a Namespace...End Namespace block.

You can use namespaces outside your project by referring them using References dialog box. You can use Imports or using statement to the code file to access members of the namespaces in code.

31. Define Resource Files and Satellite Assemblies.

Resource Files:

A resource file contains non-executable data that are used by the application and deployed along with it. Bitmaps, Icons etc are the examples of resource files. In ASP.NET, resource files are used to make application to support multiple cultures. You can create resource files each of them correspond to specific locale or culture of the application. You can use resgen utility to compile resource file into an assembly. You can create a satellite assembly from a compiled resource file using the AL utility provided with Microsoft .NET SDK.

Advantages of resource files are as follows.
It supports Globalization features in ASP.NET.
You can have culture based information separate from the content and logic of the application.
You can change resource content without effecting application's code.

Satellite Assemblies
Satellite Assemblies are the special kinds of assemblies that exist as DLL and contain culture-specific resources in a binary format. They store compiled localized application resources. They can be created using the AL utility and can be deployed even after deployment of the application.
Satellite Assemblies encapsulate resources into binary format and thus make resources lighter and consume lesser space on the disk.

Note: Resource-only assemblies can contain any resource, such as images and text. Satellite assemblies contain only culture-specific resources.

32. Define Resource Files.

Resource files contains non-executable data like strings, images etc that are used by an application and deployed along with it. You can changes these data without recompiling the whole application.

33. Define Satellite Assemblies.

Satellite Assemblies are the special kinds of assemblies that exist as DLL and contain culturespecific resources in a binary format. They store compiled localized application resources. They can be created using the AL utility and can be deployed even after deployment of the application. Satellite Assemblies encapsulate resources into binary format and thus makes resources lighter and consume lesser space on the disk.

34. Define secured sockets layer.

Secured Socket Layer (SSL) ensures a secured web application by encrypting the data sent over internet. When an application is using SSL facility, the server generates an encryption key for the session and page is encrypted before it sent. The client browse uses this encryption key to decrypt the requested Web page.

35. Define Server-side and Client-side code in ASP.NET.

Server-side code runs on the server.
Client-side code runs on the client's browser.

36. Define session in ASP.NET.

A session starts when the browser first request a resources from within the application. The session gets terminated when either browser closed down or session time out has been attained. The default time out for the session is 20 minutes.

37. Define Session, SessionId and Session State in ASP.NET.

A session is the duration of connectivity between a client and a server application.

SessionId is used to identify request from the browser. By default, value of SessionIdis stored in a cookie. You can configure the application to store SessionId in the URL for a "cookieless" session.

38. Define the steps to set up validation control.

Following are the steps to set up validation control

Drag a validation control on a web form.
Set the ControlToValidate property to the control to be validated.
If you are using CompareValidator, you have to specify the ControlToCompare property.
Specify the error message you want to display using ErrorMessage property.
You can use ValidationSummary control to show errors at one place.

39. Define Tracing.

Tracing is the way to maintain events in an application. It is useful while the application is in debugging or in the testing phase. The trace class in the code is used to diagnose problem. You can use trace messages to your project to monitor events in the released version of the application. The trace class is found in the System.Diagnostics namespace. ASP.NET introduces tracing that enables you to write debug statements in your code, which still remain in the code even after when it is deployed to production servers.

40. Define Unit testing, Integration testing, Regression testing.

Unit testing ensures that each piece of code works correctly.
Integration testing ensures each module work together without errors.
Regression test ensures new code did not break previously working code.

41. Define Validation Control in ASP.NET.

The validation control is used to implement page level validity of data entered in the server controls. This check is done before the page is posted back to the server thus avoid round trip to the server. If data does not pass validation, it will display an error message to the user.

42. Define View State.

ASP.NET preserves data between postback events using view state. You can save a lot of coding using view state in the web form. ViewState serialize the state of objects and store in a hidden field on the page. It retains the state of server-side objects between postbacks. It represents the status of the page when submitted to the server. By default, view state is maintained for each page. If you do not want to maintain the ViewState, include the directive <%@ Page EnableViewState="false" %> at the top of an .aspx page or add the attribute EnableViewState="false" to any control. ViewState exist for the life of the current page.

43. Define ViewState in ASP.NET

It allows the state of objects (serializable) to be stored in a hidden field on the page.
It is transported to the client and back to the server, and is not stored on the server or any other external source.
It is usedto retain the state of server-side objects between postbacks.

44. Define Virtual folder.

It is the folder that contains web applications. The folder that has been published as virtual folder by IIS can only contain web applications.

45. Define Windows and Forms authentication.

Windows authentication is the default authentication method of the ASP.NET application. It uses security scheme of windows operating system of corporate network. Windows authentication uses user names, passwords, and permissions of network resources and Web applications. User lists for Windows authentication are included in theelement of Web.config.
Form authentication allows creating own database of users in the application's Web.config file or in a separate user database and validate the identity of the users when they visit Web site. Users do not have to be member of a domain-based network to have access to your application.

46. Defineglobal.asax in ASP.NET.

The Global.asax is including the Global.asax.cs file.
You can implement application and session level eventsusing global.asa

47. Defineinline code and code behind

Inline code written along side the html in a page.
Code-behind is code written in a separate file and referenced by the .aspx page.

48. Describe Boxing and Unboxing.

Boxing allows you to treat a value type the same as a reference type.
Unboxing converts a boxed reference type back to a value type.

49. Describe exception handling in ASP.NET.

Exception handling correct unusual occurrences and prevent application from getting terminated. You can use Try(try) block and Error event procedures to handle exceptions.

50. Describe how ASP.NET maintains process isolation for each Web application

In ASP.NET, when IIS receives a request, IIS uses aspnet_isapi.dll to call the ASP.NET worker process (aspnet_wp.exe). The ASP.NET worker process loads the Web application's assembly, allocating one process space, called the application domain, for each application. This is the how ASP.NET maintains process isolation for each Web application.

51. Describe how Passport authentication works.

ASP.NET application with Passport authentication implemented checks the user's machine for a current passport authentication cookie. If it is not available, ASP.NET directs the user to a Passport sign-on page. The Passport service authenticates the user, stores an authentication cookie on the user's computer and direct the user to the requested page.

52. Describe how the ASP.NET authentication process works.

ASP.NET runs inside the process of IIS due to which there are two authentication layers which exist in the system.

First authentication happens at the IIS level and the second at ASP.NET level per the WEB.CONFIG file.


At first, IIS ensures that the incoming request is from an authenticated IP address.
Otherwise the request is rejected.

By default IIS allows anonymous access due to which requests are automatically authenticated.

However, if this is changed, IIS performs its own user authentication too. checks if impersonation is enabled if a request is passed to by an authenticated user. If it is enabled, acts itself as an authenticated user else it acts with its own configured account.

Finally the OS resources are requested by the identity obtained from previous step.
The user is granted the resources if the authentication is successful else the resources are denied.

Resources can include page, code access security features to extend authorization step to disk files, registry keys, etc.

53. Describe in brief .NET Framework and its components.

.NET Framework provides platform for developing windows and web software. ASP.NET is a part of .Net framework and can access all features implemented within it that was formerly available only through windows API. .NET Framework sits in between our application programs and operating system.

The .Net Framework has two main components:

.Net Framework Class Library: It provides common types such as data types and object types that can be shared by all .Net compliant language.

The Common language Runtime: It provides services like type safety, security, code execution, thread management, interoperability services.

54. Describe state management in ASP.NET.

State management is a technique to manage a state of an object on different request.

The HTTP protocol is the fundamental protocol of the World Wide Web. HTTP is a stateless protocol means every request is from new user with respect to web server. HTTP protocol does not provide you with any method of determining whether any two requests are made by the same person.

Maintaining state is important in any web application. There are two types of state management system in ASP.NET.

- Client-side state management
- Server-side state management

55. Describe the application event handlers in ASP.NET

Following are the application event handlers:

Application_Start: This event occurs when the first user visits a page of the application.
Application_End: This event occurs when there are no more users of the application.
Application_BeginRequest: This occurs at the beginning of each request to the server.
Application_EndRequest: occurs at the end of each request to the server.
Session_Start: This event occurs every time when any new user visits.
Session_End: occurs when the users stop requesting pages and their session times out.

56. Describe the complete lifecycle of a Web page?

When we execute a Web page, it passes from the following stages, which are collectively known as Web page lifecycle:

  • Page request - During this stage, ASP.NET makes sure the page either parsed or compiled and a cached version of the page can be sent in response
         • Start - During this stage sets the Request and Response page properties and the page check the page request is either a postback or a new request
         • Page Initialization - During this stage, the page initialize and the control's Unique Id property are set
         • Load - During this stage, if the request is postback, the control properties are loaded without loading the view state and control state otherwise loads the view state
         • Validation - During this stage, the controls are validated
         • Postback event handling - During this stage, if the request is a postback, handles the event
         • Rendering - During this stage, the page invokes the Render method to each control for return the output
         • Unload - During this stage, when the page is completely rendered and sent to the client, the page is unloaded.

57. Describe the disadvantage of cookies.

- Cookie can store only string value.
- Cookies are browser dependent.
- Cookies are not secure.
- Cookies can store small amount of data.

58. Describe the Events in the Life Cycle of a Web Application

A web application starts when a browser requests a page of the application first time. The request is received by the IIS which then starts ASP.NET worker process (aspnet_wp.exe). The worker process then allocates a process space to the assembly and loads it. An application_start event occurs followed by Session_start. The request is then processed by the ASP.NET engine and sends back response in the form of HTML. The user receives the response in the form of page.

The page can be submitted to the server for further processing. The page submitting triggers postback event that causes the browser to send the page data, also called as view state to the server. When server receives view state, it creates new instance of the web form. The data is then restored from the view state to the control of the web form in Page_Init event.

The data in the control is then available in the Page_load event of the web form. The cached event is then handled and finally the event that caused the postback is processed. The web form is then destroyed. When the user stops using the application, Session_end event occurs and session ends. The default session time is 20 minutes. The application ends when no user accessing the application and this triggers Application_End event. Finally all the resources of the application are reclaimed by the Garbage collector.

59. Describe the Master Page.

Master pages in ASP.NET works as a template that you can reference this page in all other content pages. Master pages enable you to define the look and feel of all the pages in your site in a single location. If you have done changes in master page, then the changes will reflect in all the web pages that reference master pages. When users request the content pages, they merge with the master page to produce output that combines the layout of the master page with the content from the content page.

ContentPlaceHolder control is available only on master page. You can use more than one ContentPlaceHolder control in master page. To create regions that content pages can fill in, you need to define ContentPlaceHolder controls in master page as follows:

<asp:ContentPlaceHolder ID=''ContentPlaceHolder1'' runat=''server''>


The page-specific content is then put inside a Content control that points to the relevant


<asp:Content ID=''Content1'' ContentPlaceHolderID=''ContentPlaceHolder1'' Runat=''Server''>

Note that theContentPlaceHolderIDattribute of the Content control points to the ContentPlaceHolder that is defined in the master page.

The master page is identified by a special @ Master directive that replaces the @ Page directive that is used for ordinary .aspx pages.

<%@ Master Language="C#" AutoEventWireup="true" CodeFile="CareerRide.master.cs" Inherits="CareerRide" %>

60. Describe the sequence of action takes place on the server when ASP.NET application starts first time

Following are the sequences:

IIS starts ASP.NET worker process - worker process loads assembly in the memory - IIS sends the request to the assembly - the assembly composes a response using program logic - IIS returns the response to the user in the form of HTML.

61. Describe the Server Control Events of ASP.NET.

ASP.NET offers many server controls like button, textbox, DropDownList etc. Each control can respond to the user's actions using events and event handler mechanism.

There are three types of server control events:

Postback events
This events sends the web page to the server for processing. Web page sends data back to the same page on the server.

Cached events
These events are processed when a postback event occurs.

Validation events
These events occur just before a page is posted back to the server.

62. Describe the steps to use Validation Control.

  • Draw a validation control on a Web form
  •  Set the ControlToValidate property to the control you want to validate.
  • Specify the ControlToCompare property with CompareValidator control.
  • Specify error message to the validation control's ErrorMessage property.
  • Specify error message to the validation control's Text property if you want to display a message other than the message in the ErrorMessage property.
  • Draw a ValidationSummary control on the Web form to display the error messages from the validation controls in one place.

63. Describe use of error pages in ASP.NET.

Error pages are used when exceptions are outside the scope of the application and the application can't respond directly to these exceptions. These types of exceptions are identified by HTTP response codes, which IIS can respond to by displaying custom error pages listed in your application's Web.config file.

64. Describe Web application's life cycle.

A Web application starts with the first request for a resource.
On request, Web forms are instantiated and processed in the server.
Server sends its response to the client.
Application ends once all client sessions end.

65. Difference between ASP.NET WebForms and ASP.NET MVC?

ASP.NET Web Forms uses Page controller pattern approach for rendering layout. In this approach, every page has it's own controller i.e. code-behind file that processes the request. On the other hand, ASP.NET MVC uses Front Controller approach. In this approach a common controller for all pages, processes the requests.

Please follow for detailed information on WebForms Vs MVC.

66. Difference between authentication and authorization.

Authentication is the process of verifying the identity of a user.

Authorization is process of checking whether the user has access rights to the system.

Authorization is the process of allowing an authenticated user access to resources.

Authentication always proceeds to Authorization.

67. Difference between Datagrid, Datalist and repeater


They are all ASP.NET data Web controls.

They have common properties like

 DataSource Property
DataBind Method

When the DataSource Property of a Datagrid is assigned to a DataSet then each DataRow present in the DataRow Collection of DataTable is assigned to a corresponding DataGridItem.


The HTML code generated has an HTML TABLEelement created for the particular DataRow and is a tabular representation with Columns and Rows. Datagrid has a in-built support for Sort, Filter and paging the Data.


An Array of Rows and based on the Template Selected and the RepeatColumn Property value The number DataSource records that appear per HTML

Repeater Control

The Datarecords to be displayed depend upon the Templates specified and the only HTML generated accordingly. Repeater does not have in-built support for Sort, Filter and paging the Data.

68. Difference between Gridlayout and FlowLayout.

GridLayout provides absolute positioning for controls placed on the page.

FlowLayout positions items down the page like traditional HTML. This approach results in pages that are compatible with a wider range of browsers.

69. Difference between Response.Redirect and Server.Transfer?

In case of Response.Redirect, a new request is generated from client-side for redirected page. It's a kind of additional round trip. As new request is generated from client, so the new URL is visible to user in browser after redirection.

While in case of Server.Transfer, a request is transferred from one page to another without making a round trip from client. For the end user, URL remains the same in browser even after transferring to another page.

70. Difference between Server.Transfer and response.Redirect.

Following are the major differences between them:-


  • The browser is directly redirected to another page
  • There is no round trip
  • A Server transfer is possible within a website
  • Information can be preserved in Server transfer through a parameter called preserveForm


  • The browser is requested to redirect to some other page through a message.
  • There is a round trip.
  • Response redirect is possible within two websites too.
  • A state can be maintained in Response redirect but has a lot of drawbacks

71. Difference between src and Code-Behind

With the 'src' attribute, the source code files are deployed and are compiled by the JIT as needed.
Though the code is available to everyone with an access to the server (NOT anyone on the web), this method is preferred as it does away with the compilation of the DLLs.

'CodeBehind' attribute just has the VS.NET associate the code file with the aspx file. This is necessary since VS.NET automates the pre-compiling that is harder by hand.

Due to this the 'Src' attribute is done away with having only a DLL to be deployed enhancing the protection level even though it can be decompiled.

Src: is a way mention the name of the code-behind class to dynamically compile on the request for a page.

Code-behind: is the logic written behind the UI design file. It specifies the name of the compiled file that contains the class. Code-behind attribute is only used for.Net. 

72. Difference between WCF and Web Services

WCF can create services similar in concept to ASMX, but has much more capabilities. WCF is much more efficient than ASP.Net coz it is implemented on pipeline. WCF is more secure, reliable. As WCF is implemented on a different pipeline it does not have all Http capabilities (Http session, cache etc).

73. Different transaction isolation levels in WCF

  • Read Uncommitted: - Also known as Dirty isolation level. It makes sure that corrupt Data cannot be read. This is the lowest isolation level
  • Read Committed: - It ensures not to read the data that has been changed by any other application and is not yet committed. It is the default level.
  • Repeatable Read: - It stops the usage of dirt read and non-repeatable read. It states that data fetched through a query will be locked and will not be updated by any other transaction.
  • Serializable: - It does not allow any modification and addition of new data till the transaction is completed. This is considered to be a very restrictive level.
  • Snapshot: - It raises error on modifying a data that has already been changed by any transaction.

74. Differentiate between a HyperLink control and a LinkButton control.

- A HyperLink control does not have the Click and Command events while the LinkButton control has them, which can be handled in the code-behind file of the Web page.

75. Differentiate between a page theme and a global theme?

- Page theme applies to a particular web pages of the project. It is stored inside a subfolder of the App_Themes folder.
- Global theme applies to all the web applications on the web server. It is stored inside the Themes folder on a Web server.

76. Differentiate between client-side and server-side validations in Web pages?

Client-side validations take place at the client end with the help of JavaScript and VBScript before the Web page is sent to the server. On the other hand, server-side validations take place at the server end.

77. Differentiate between Structure and Class.

- Structures are value type while Classes are reference type.
- Structures can not have constructor or destructors while Classes can have them.
- Structures do not support Inheritance while Classes do support Inheritance.

78. Early binding and late binding.

Early binding means calling a non-virtual method that is decided at a compile time while Late binding refers to calling a virtual method that is decided at a runtime.

79. Explain ASP.NET Web Forms.

- Web Forms are an extremely important part of ASP.NET.
- They are the User Interface (UI) elements which provide the desired look and feel to your web applications.
- Web Forms provide properties, methods, and events for the controls that are placed onto them.

80. Explain Automatic Memory Management in .NET.

Automatic memory management in .Net is through garbage collector which is incredibly efficient in releasing resources when no longer in use.

81. Explain client side state management system.

ASP.NET provides several techniques for storing state information on the client. These include the following:

-view stateASP.NET uses view state to track values in controls between page requests. It works within the page only. You cannot use view state value in next page.

-control state:You can persist information about a control that is not part of the view state. If view state is disabled for a control or the page, the control state will still work.

-hidden fields:It stores data without displaying that control and data to the user's browser. This data is presented back to the server and is available when the form is processed. Hidden fields data is available within the page only (page-scoped data).

-Cookies:Cookies are small piece of information that server creates on the browser. Cookies store a value in the user's browser that the browser sends with every page request to the web server.

-Query strings:In query strings, values are stored at the end of the URL. These values are visible to the user through his or her browser's address bar. Query strings are not secure. You should not send secret information through the query string.

82. Explain cookies with example.

A cookie is a small amount of data that server creates on the client. When a web server creates a cookie, an additional HTTP header is sent to the browser when a page is served to the browser. The HTTP header looks like this:

Set-Cookie: message=Hello. After a cookie has been created on a browser, whenever the browser requests a page from the same application in the future, the browser sends a header that looks like this:

Cookie: message=Hello

Cookie is little bit of text information. You can store only string values when using a cookie. There are two types of cookies:

- Session cookies
- Persistent cookies.

A session cookie exists only in memory. If a user closes the web browser, the session cookie delete permanently.

A persistent cookie, on the other hand, can available for months or even years. When you create a persistent cookie, the cookie is stored permanently by the user's browser on the user's computer.

Creating cookie

protected void btnAdd_Click(object sender, EventArgs e)
Response.Cookies[''message''].Value = txtMsgCookie.Text;

// Here txtMsgCookie is the ID of TextBox.
// cookie names are case sensitive. Cookie named message is different from setting a cookie named Message.

The above example creates a session cookie. The cookie disappears when you close your web browser. If you want to create a persistent cookie, then you need to specify an expiration date for the cookie.

Response.Cookies[''message''].Expires = DateTime.Now.AddYears(1);

Reading Cookies
void Page_Load()
if (Request.Cookies[''message''] != null)
lblCookieValue.Text = Request.Cookies[''message''].Value;
// Here lblCookieValue is the ID of Label Control.

83. Explain Culture and UICulture values.

- Culture value determines the functions like Date and Currency used to format data and numbers in a Web page.
- UICulture value determines the resources like strings or images loaded in a Web application for a Web page.

84. Explain different IIS isolation levels in ASP.NET- Low (IIS process A), Medium (Pooled), High (Isolated)

Low (IIS Process):

This is the fastest and the default IIS4 setting. ASP pages run in INetInfo.exe and so they are executed in-process. If ASP crashes, IIS too does and must be restarted.

Medium (Pooled):

This IIS setting is more reliable. In this if ASP crashes, IIS does not. In this, the ASP applications share the same process, so a web site can run with just IIS and ASP process. IIS5 supports this setting and is the default setting.

High (Isolated):

This setting runs in MTS.EXE in IIS4 and in DLLHOST.EXE in IIS5. If one ASP application crashes, IIS or other ASP applications don't crash. Each ASP application runs out-process in its own space.

85. Explain Exception handling in .Net.

Exceptions or errors are unusual occurrences that happen within the logic of an application. The CLR has provided structured way to deal with exceptions using Try/Catch block. ASP.NET supports some facilities to handling exceptions using events suck as Page_Error and Application_Error.

86. Explain Global Assembly Cache.

Global Assembly Cache is the place holder for shared assembly. If an assembly is installed to the Global Assembly Cache, the assembly can be accessed by multiple applications. In order to install an assembly to the GAC, the assembly must have to be signed with strong name.

87. Explain how a web application works.

A web application resides in the server and serves the client's requests over internet. The client access the web page using browser from his machine. When a client makes a request, it receives the result in the form of HTML which are interpreted and displayed by the browser.

A web application on the server side runs under the management of Microsoft Internet Information Services (IIS). IIS passes the request received from client to the application. The application returns the requested result in the form of HTML to IIS, which in turn, sends the result to the client.

88. Explain how authorization works in ASP.NET.

ASP.NET impersonation is controlled by entries in the applications web.config file.

Though the default setting is no impersonation, it can be explicitly set using:

<identity impersonate=''false''/>

With ASP.NET won't perform any authentication and would run with its own privileges. The default is an unprivileged account named ASPNET. It can be changed a setting in the processModel section of the machine.config file.

Disabling impersonation runs the entire request in the context of the account running ASP.NET (ASPNET account or the system account).

The second possible setting is to turn on impersonation.
<identity impersonate =''true''/>

Here, ASP.NET takes on the identity IIS passes to it. If anonymous access is allowed in IIS, then the IUSR_ComputerName account will be impersonated otherwise ASP.NET will take the authenticated user credentials and make requests for resources.

A particular identity can be specified to use all authenticated requests as:
<identity impersonate=''true'' username=''DOMAIN\username'' password=''password''/>

With this, the requests are made as the specified user. The password is assumed to be correct. The drawback is that you must embed the user's password in the web.config file in plain text which is a security risk.

89. Explain how to access ViewState value of this page in the next page.

PreviousPage property is set to the page property of the nest page to access the viewstate value of the page in the next page. Page poster = this.PreviousPage;
Once that is done, a control can be found from the previous page and its state can be read.
Label posterLabel = poster.findControl("myLabel");
string lbl = posterLabel.Text;

90. Explain how to distribute shared components as part of an installation program

Shared components should be included as a merge module within the setup project. Merge modules can't be installed by themselves. They can be installed only as part of an application installation.

91. Explain how to implement Fragment Cache

Fragment cache is to store user controls individually within a web form in cache instead of the whole webform as such. The idea is to simply have different cache parameters for different user controls.

control1:<%@ OutputCache Duration="40" VaryByParam="none"%>

control2:<%@ OutputCache Duration="60" VaryByParam="none"%>

If control1 and control2 exist on a single webform together, the values of control1 and control2 would be cached for different durations based on @OutputCache directive.

92. Explain how to pass a querystring from an .asp page to aspx page.

Consider the following URL:

http:// localhost/form.aspx?param1=career&param2=ride

This html addresses use QueryString property to pass values between pages.

From the URL above the information obtained is:

form.aspx: which is the destination page for your browser.
Param1 is the first parameter, the value of which is set to career
Param2 is the first parameter, the value of which is set to ride

The '?' marks the beginning of the QueryString
'&' is used as a separator between parameters.

private void formButtonSubmit_Click(object sender, System.EventArgs e)
Response.Redirect("form.aspx?Param1=" +
this.formTextfieldParam1.Text + "&Param2=" +
this. formTextfieldParam2.Text);

The above code is a submit button event handler and it sends the values of the query string to the second page.

The following code demonstrates how to retrieve these valus on the second page:
private void Page_Load(object sender, System.EventArgs e)
this.form2TextField1.Text = Request.QueryString["Param1"];
this. form2TextField2.Text = Request.QueryString["Param2"];

You can also use the following method to retrieve the parameters in the string:

for (int i =0;i < Request.QueryString.Count;i++)

From HTML in asp page:<ahref="abc.aspx?qstring1=test">Test Query String</a>

From server side code: <%response.redirect "webform1.aspx?id=11"%>

93. Explain how to retrieve property settings from XML .config file.

Create an instance of AppSettingsReader class, use GetValue method by passing the name of the property and the type expected. Assign the result to the appropriate variable.

94. Explain in brief each kind of caching in ASP.NET.

Page Output Caching
This type of caching is implemented by placing OutputCache directive at the top of the .aspx page at design time.
For example:
<%@OutputCache Duration= "30" VaryByParam= "DepartmentId"%>

The duration parameter specifies for how long the page would be in cache and the VaryByParam parameter is used to cache different version of the page.
The VaryByParam parameter is useful when we require caching a page based on certain criteria.

Page Fragment Caching
This technique is used to store part of a Web form response in memory by caching a user control.

Data Caching
Data Caching is implemented by using Cache object to store and quick retrieval of application data.
Cache object is just like application object which can be access anywhere in the application.
The lifetime of the cache is equivalent to the lifetime of the application.

95. Explain in what order a destructors is called.

Destructors are called in reverse order of constructors. Destructor of most derived class is called followed by its parent's destructor and so on till the topmost class in the hierarchy.

96. Explain login control and form authentication.

Login controls encapsulate all the features offered by Forms authentication. Login controls internally use FormsAuthentication class to implement security by prompting for user credentials validating them.

97. Explain login controls?

Login controls are built-in controls in ASP.Net for providing a login solution to ASP.NET application. The login controls use the membership system to authenticate a user credentials for a Web site.
  There are many controls in login controls.

  • ChangePassword control - Allows users to change their password.
         • CreateUserWizard control - Provides an interface to the user to register for that Web site.
         • Login control - Provides an interface for user authentication. It consists of a set of controls, such asTextBox, Label, Button, CheckBox, HyperLink.
         • LoginView control - Displays appropriate information to different users according to the user's status.
         • LoginStatus control - Shows a login link to users, who are not authenticated and logout link, who are authenticated
         • LoginName control - Displays a user name, if the user logs in.
         • PasswordRecovery control - Allows users to get back the password through an e-mail, if they forget.

98. Explain Managed code an Un-managed code.

Managed code runs under the safe supervision of common language runtime. Managed code carries metadata that is used by common language runtime to offer service like memory management, code access security, and cross-language accessibility.

Unmanaged code doesn't follow CLR conventions and thus, can't take the advantages of .Framework.

99. Explain serialization and deserialization.

- Serialization is the process of converting an object into a stream of bytes.
- Deserialization is the process of creating an object from a stream of bytes.

Both these processes are usually used to transport objects.

100. Explain server side state management system.

The following objects are used to store the information on the server:

- Application State:

This object stores the data that is accessible to all pages in a given Web application. The Application object contains global variables for your ASP.NET application.

- Cache Object:Caching is the process of storing data that is used frequently by the user. Caching increases your application's performance, scalability, and availability. You can catch the data on the server or client.

- Session State:Session object stores user-specific data between individual requests. This object is same as application object but it stores the data about particular user.

101. Explain Server-side scripting and Client-side scripting.

- Server side scripting - All the script are executed by the server and interpreted as needed.
- Client side scripting means that the script will be executed immediately in the browser such as form field validation, email validation, etc. It is usaullay carrried out in VBScript or JavaScript.

102. Explain Session state management options in ASP.NET.

ASP.NET provides In-Process and Out-of-Process state management. In-Process stores the session in memory on the web server. Out-of-Process Session state management stores data in an external data source such as SQL Server or a State Server service. Out-of-Process state management requires that all objects stored in session are serializable.

103. Explain Singleton architecture of Remoting.

Singleton architecture is to be used when all the applications have to use or share same data.

104. Explain the AdRotator Control?

The AdRotator is an ASP.NET control that is used to provide advertisements to Web pages. The AdRotatorcontrol associates with one or many advertisements, which randomly displays one by one at a time when the Web page is refreshed. The AdRotator control advertisements are associated with links; therefore, when you click on an advertisement, it redirects you to other pages. 
 The AdRotator control is associated with a data source, which is normally an xml file or a database table. A data source contains all the information, such as advertisement graphics reference, link, and alternate text. Therefore, when you use the AdRotator control, you should first create a data source and then associate it with the AdRotator control.

105. Explain the advantages of ASP.NET.

Following are the advantages of ASP.NET.

Web application exists in compiled form on the server so the execution speed is faster as compared to the interpreted scripts.

ASP.NET makes development simpler and easier to maintain with an event-driven, server-side programming model.

Being part of .Framework, it has access to all the features of .Net Framework.

Content and program logic are separated which reduces the inconveniences of program maintenance.

ASP.NET makes for easy deployment. There is no need to register components because the configuration information is built-in.

To develop program logic, a developer can choose to write their code in more than 25 .Net languages including VB.Net, C#, JScript.Net etc.

Introduction of view state helps in maintaining state of the controls automatically between the postbacks events.

ASP.NET offers built-in security features through windows authentication or other authentication methods.

Integrated with ADO.NET.

Built-in caching features.

106. Explain the advantages of Passport authentication.

User doesn't have to remember separate user names and passwords for various Web sites
User can maintain his or her profile information in a single location.
Passport authentication also avail access to various Microsoft services, such as Passport Express Purchase.

107. Explain the components of WCF - Service class, Hosting environment, END point.

WCF Service is composed of three components:

  • Service class:It implements the service needed.
  • Host environment:is an environment that hosts the developed service.
  • Endpoints:are the connection points for the clients to connect to the service. Clients find the end points through three components like service contract, binding, and address.

108. Explain the components of web form in ASP.NET

Server controls
The server controls are Hypertext Markup Language (HTML) elements that include a runat=server attribute. They provide automatic state management and server-side events and respond to the user events by executing event handler on the server.

HTML controls
These controls also respond to the user events but the events processing happen on the client machine.

Data controls
Data controls allow to connect to the database, execute command and retrieve data from database.

System components
System components provide access to system-level events that occur on the server.

109. Explain the concept of states in ASP.NET?

State is quite an innovative concept in Web development because it eliminates the drawback of losing state data due to reloading of a Web page. By using states in a Web application, you can preserve the state of the application either at the server or client end. The state of a Web application helps you to store the runtime changes that have been made to the Web application. For example, as already described earlier, a change in the data source of the Web application might be initiated by a user when he/she selects and saves some products in the shopping cart. 
 If you are not using states, these changes are discarded and are not saved. You may think that the whole concept of storing states is optional. However, under certain circumstances, using states with applications is imperative. For example, it is necessary to store states for Web applications, such as an e-commerce shopping site or an Intranet site of a company, to keep track of the requests of the users for the items they have selected on the shopping site or the days requested for vacation on the Intranet site.

110. Explain the concepts and capabilities of cross page posting.

Cross Page Posting: It refers to the scenario where on event of some controls posts from one page to another instead of a normal postback. Normal postback is when for e.g. a button (or any control that postbacks) is clicked and web page is submits the page back to itself which means a return trip. In Cross page posting, on click of a button there would be no return trip.

Cross-page posting is done at the control level. It is possible to create a page that posts to different pages depending on what button the user clicks on. It is handled by done by changing the postbackurl property of the controls.

111. Explain the concepts of application domain.

  • An operating system process can have many ongoing application domains. Application Domains keep an application separate.
  • All objects created within the same application scope are created within the same application domain.
  • Multiple application domains can exist in a single operating system process,
  • Distinct memory address space allocation by the OS is effective but expensive and it does not satisfy to the numbers required for large web servers.
  • However, the CLR isolates an application by managing the memory use of code running within the application domain due to which the code cannot access memory outside the boundaries of the domain.

112. Explain the concepts of CODE Page approach. What are the disadvantages of this approach?

Code Page was used before Unicode came into existence. It was a technique to represent characters in different languages. It was a different interpretation of ASCII set which means it kept 128 characters for English and rest 128 were specifically tailored for other languages.


a. Languages like Japanese and Chinese having more than 5000 characters were difficult to represent n 128 character set.

b. Clients also need to have a support for code page.

c. It's representation is done on the basis of operating system.

113. Explain the concepts of Post Cache Substitution in .NET

Post Cache Substitution:It works opposite to fragment caching. The entire page is cached, except what is to be kept dynamic. When [OutputCache] attribute is used, the page is cached on both the server and the client. Whereas, you use in case of post cache substitution the page is cached on the server only. HttpResponse.WriteSubstitution method is a way to implement it.

114. Explain the concepts of resource manager class.

ResourceManager class: It provides convenient access to resources that are culture-correct. The access is provided at run time.

This class provides resource withdrawal when a localized resource does not exist. It helps in resource serialization, and provides access to resources that are not packaged in your assembly. It is very much possible to derive classes from ResourceManager class and create our own custom resource solutions.

115. Explain the difference between cache object and application object.

Application Object:Application variable/object stores an Object with a scope of availability of the entire Application unless explicitly destroyed.

Caching Object:The lifetime of cache is throughout the lifetime of an application or is based upon timeouts

116. Explain the difference between dataset and datareader.

Dataset is a disconnected architecture whereas datareader is connected architecture

Dataset is the best choice when we need to access data from more than one table.

Dataset is handy when we need to move back while reading records.

Compare to datareader, using dataset has an adverse affect on speed

117. Explain the difference between Server control and HTML control.

Server events
Server control events are handled in the server whereas HTML control events are handled in the page.

State management
Server controls can maintain data across requests using view state whereas HTML controls have no such mechanism to store data between requests.

Browser detection
Server controls can detect browser automatically and adapt display of control accordingly whereas HTML controls can't detect browser automatically.

Server controls contain properties whereas HTML controls have attributes only.

118. Explain the differences between Server-side and Client-side code.

Server-side code executes on the server.
Client-side code executesin the client'sbrowser.

Server.Transfer and Response.Redirect.
Transfers page processing fromone pagedirectly to the next page.
No round-trip back to the client's browser.
Faster response with lesser overhead on the server.
Server.Transfer does not update the clientsurl historylist or current url.

Used to redirect the user's browserto another page or site.
Performs a trip back to the client where the client's browser is redirected to the new page.
The user's browser history list is updated to reflect the new address

119. Explain the different parts that constitute ASP.NET application.

Content, program logic and configuration file constitute an ASP.NET application.

Content files
Content files include static text, images and can include elements from database.

Program logic
Program logic files exist as DLL file on the server that responds to the user actions.

Configuration file
Configuration file offers various settings that determine how the application runs on the server.

120. Explain the important principle of SOA.

A service-oriented architecture is collection of services which communicate with one another other. The communication can range from simple data passing to two or more services organizing some activity.

121. Explain the purpose of EnableViewState property

It allows the page to save the users input on a form across postbacks.
It saves the server-side values for a given control into ViewState, which is stored as a hidden value on the page beforesending the page to the clients browser.
When the page is posted back to the server, the server control is recreatedwith the state stored in viewstate.

122. Explain the steps of acquiring a proxy object in web services.

  • Client communicates to UDI node to retrieve a list of available web services that the client has access to.
  • Every service listed has a URI pointing to the service's DISCO or WSDL document, which is needed to access the webservice and its 'webmethod" methods.
  • After interpreting the DISCO document, follow the URI for the WSDL document related to the chosen webservice.
  • Client then adds and parses the WSDL document and creates a proxy object which can then communicate with Webservice and access its "webmethod" methods.

123. Explain the steps to be followed to use Passport authentication.

1. Install the Passport SDK.
2. Set the application's authentication mode to Passport in Web.config.
3. Set authorization to deny unauthenticated users.
3. Use the PassportAuthentication_OnAuthenticate event to access the user's Passport profile to identify and authorize the user.
4. Implement a sign-out procedure to remove Passport cookies from the user's machine.

124. Explain the steps to create a web services and consume it.

Steps to create and consume a webservice


  • a. Create a new website by selecting "ASP.NET Web Site" and giving it a suitable name.
  • b. service.cs file appears inside the solution with a default webmethod named as "HelloWorld()"
  • c. Right click on the webservice project and add a web reference instead of adding a normal reference.
  • d. A window appears that displays a list of webservices knows to the solution.
  • e. Click on "Webservices in this solution"
  • f. a search progress bar appears and
  • g. Select the service that appears in the list
  • h. progress bar appears once again.
  • i. web method appears on the screen
  • j. Click on "Add reference" button. This would add localhost
  • k. solution would have App_WebReference folder

Consumption or Usage:

  • a. Add a UI (.aspx) to the webservice project
  • b. Add a button and a label to the form
  • c. Double click the button to see the click event of the button
  • d. Create an object of type service localhost.serviceName
  • e. Write code to display the value returned by the webmethod on the label
  • f. Execute the solution by setting the added aspx as the startpage.
  • g. click on the button and the message "Hello World" would be displayed on the label

125. Explain the two different types of remote object creation mode in .NET.

Ways in which object can be created using Remoting: -

SAO Server Activated Object (call mode):lasts the lifetime of the server. They are activated as SingleCall/Singleton objects. It makes objects stateless. A SingleCall object gets created for each request by client and A Singleton object is created once on the server and is shared by all the clients.

CAO (Client Activated Objects):CAO creates stateful objects. The object creation request is based on the request by client side. Therefore, the lifetime is based on client and not server. Single instance of object is created for every call.

126. Explain the types of Caching using Cache object of ASP.NET.

Page output:Is used to fetch information or data at page level. It is best used when the site is mainly static. Used by declaring the output page directive
  • Page fragment:Is used to cache the structure level information. It is used when parts of pages change. For example: user control
  • Programmatic or data:Is used to fetch the information of an application quickly based on the requirements.

127. Explain the types of Workflow in Windows Workflow Foundation.

There are 3 types of workflows in WWF:

Sequential Workflow:The sequential workflow style executes a set of contained activities in order, one by one and does not provide an option to go back to any step.

State Machine Workflow:It represents the workflow in the form of a state machine containing set of states, each of them receiving events. These events lead to transition from one state to another one.

Rules-driven Workflow:It is based on Sequential/StateMachine workflow.

128. Explain the use of DataAdapter.

-DataAdapter provides the bridge to connect command objects to a dataset object.

-It populates the table in the dataset from the data store and also pushes the changes in the dataset back into the data store.

Methods of DataAdapter:

Fill - Populates the dataset object with data from the data source
FillSchema - Extracts the schema for a table from the data source
Update - It is use to update the data source with the changes made to the content of the dataset

129. Explain the use of duration attribute of @OutputCache page directive.

The @OutputCache directive's Duration attribute determines how long the page is cached.
If the duration attribute is set to 60 seconds, the Web form is cached for 60 seconds; the server loads the response in memory and retains that response for 60 seconds.
Any requests during that time receive the cached response.
Once the cache duration has expired, the next request generates a new response and cached for another 60 seconds.

130. Explain the use of localization and Globalization.

Users of different countries, use different languages and others settings like currency, and dates. Therefore, applications are needed to be configurable as per the required settings based on cultures, regions, countries.

Globalization: Is a way of writing the executables in a way that they are culture or language neutral.
The culture and language details specific details should be kept configurable. The main part of Globalization is to find out the locale-sensitive resources that are needed to be kept configurable and to segregate these resources from the executable code.

Localization: Is the task to customize the application. The main part of localization is the translation of resources found in globalization. 

131. Explain the validation controls. How many validation controls in ASP.NET 4.0?

Validation controls are responsible to validate the data of an input control. Whenever you provide any input to an application, it performs the validation and displays an error message to user, in case the validation fails.

ASP.NET 4.0 contains the following six types of validation controls:

  • CompareValidator - Performs a comparison between the values contained in two controls.
         • CustomValidator - Writes your own method to perform extra validation.
         • RangeValidator- Checks value according to the range of value.
         • RegularExpressionValidator - Ensures that input is according to the specified pattern or not.
         • RequiredFieldValidator - Checks either a control is empty or not.
         • ValidationSummary - Displays a summary of all validation error in a central location.

132. Explain the various authentication mechanisms in ASP.NET.

ASP.NET supports 3 authentication mechanisms:

a. Windows Authentication: This is used for an intranet based application. Used to authenticate domain users within a network. By default windows authentication is used.

b. Form Authentication: It's a custom security based on roles and user accounts created specifically for an application.

c. Passport Authentication: This is based on hotmail passport account.

133. Explain the various modes of storing ASP.NET session.

Types of sessions:

  • InProc: The default way to use sessions. InProc is the fastest way to store and access sessions.
  • OutProc:
  i. State server: 15% slower than InProc. Session is serialized and stored in aspnet_state.exe process. Stateserver sessions can be stored on a separate machine too.
  ii. SQL Server: 25% slower than InProc. Used when data is to be serialized and stored in SQL Server database.

134. Explain the ways of authentication techniques in ASP.NET

Selection of an authentication provider is done through the entries in the web.config file for an application.

The modes of authentication are:

<authentication mode=''windows''>
<authentication mode=''passport''>
<authentication mode=''forms''>

Custom authentication needs installation of ISAPI filter in IIS. It compares incoming requests to a list of source IP addresses and a request is considered to be authenticated if it comes from an acceptable address.

135. Explain tracing in ASP.NET.

Tracing records unusual events while an application is running. It helps in observing problems during testing and after deployment. An application can write a message in case of unusual events to the trace log using Trace class.

136. Explain Try/catch blockof exception handling.

You can enclose code in Try/Catch/Finally block. You can catch all exceptions in the catch block. The third part of this block is finally. It is executed irrespective of the fact that an exception has been raised.

137. Explain ViewState.

- It is a .Net mechanism to store the posted data among post backs.
- It allows the state of objects to be stored in a hidden field on the page, saved on client side and transported back to server whenever required.

138. File-based dependency and key-based dependency.

- In file-based dependency, the dependency is on a file saved in a disk while in key-based dependency, you depend on another cached item.

139. Forms authentication

Using form authentication, ones own custom logic can be used for authentication.

ASP.NET checks for the presence of a special session cookie when a user requests a page for the application. Authentication is assumed if the cookie is present else the user is redirected to a web form.

140. Globalization and localization.

- Globalization is a technique to identify the part of a Web application that is different for different languages and separate it out from the web application while in localization you try to configure a Web application so that it can be supported for a specific language or locale.

141. How can we create custom controls in ASP.NET?

Custom controls are user defined controls. They can be created by grouping existing controls, by deriving the control from System.Web.UI.WebControls.WebControl or by enhancing the functionality of any other custom control. Custom controls are complied into DLL's and thus can be referenced by as any other web server control.

Basic steps to create a Custom control:

1. Create Control Library
2. Write the appropriate code
3. Compile the control library
4. Copy to the DLL of the control library to the project where this control needs to be used
5. The custom control can then be registered on the webpage as any user control through the @Register tag.

142. How can we use COM components in .Net?

The communication between the .Net components can be achieved with COM components using RCW called Runtime Callable Wrapper. We can use the RCW in the following ways.

1. We can generate Wrapper class using Visual Studio and can place it in BIN directory.
2. We can use the type library importer tool - Tlbimp.exe
3. We can use the Interopservices. System.Runtime.Interopservices namespace provides TypeLib Converter that has methods to convert COM classes and interface in to assembly metadata.
4. We can create our own custom wrappers.

143. How can you check if all the validation controls on a Web page are valid and proper?

You can determine that all the validation controls on a Web page are properly working by writing code in the source file of the Web page using a scripting language, such as VBScript or JavaScript. To do this task, you have to loop across validators collection of pages and check the IsValid property of each validation control on the Web page to check whether or not the validation test is successful.

144. How can you ensure a permanent cookie?

Setting Expires property to MinValue and restrict cookie to get expired.

145. How can you send an email message from an ASP.NET Web page?

You can use the System.Net.Mail.MailMessage and the System.Net.Mail.SmtpMail classes to send an email in your Web pages. In order to send an email through your mail server, you need to create an object of the SmtpClient class and set the server name, port, and credentials.

146. How do Cookies work? Give an example of their abuse.

- The server directs the browser to put some files in a cookie. All the cookies are then sent for the domain in each request.
- An example of cookie abuse could be a case where a large cookie is stored affecting the network traffic.

147. How do you change the session time-out value?

The session time-out value is specified in the web.config file within sessionstate element. You can change the session time-out setting by changing value of timeout attribute of sessionstate element in web.config file.

148. How do you create Master Page?

Steps to create Master Page

Right-click your web project in the Solution Explorer window
Select Add New Item.
Select the Master Page item type from the Add New Item dialog.

Following is an example of Master Page and a Content Page.

<%@ Master %>
<Title>Title of the Pages</Title>

<asp:ContentPlaceHolder id="Content1" runat="server">

This is simple HTML page that serves template for other pages.
The @ Master directive at the top of the page defines that the page is Master Page.
A placeholder tag <asp:ContentPlaceHolder> is overridden by the content page to place the content.
You can have many placeholders tag each of them with different id.

Content Page Example
%@ Page MasterPageFile="master1.master" %>
<asp:Content ContentPlaceHolderId="Content1" runat="server">
<h1>ASP Interview Questions</h1>

When you request this page, ASP.NET merges layout specified in the Master Page and content of content page to produce page result.

149. How do you impersonate the authenticated user in ASP.NET?

Impersonation means delegating one user identity to another user. In ASP.NET, the anonymous users impersonate the ASPNET user account by default. You can use <identity> element of web.config file to impersonate user. E.g. <identity impersonate="true"/>

150. How do you implement inheritance in .NET?

In C#.NET, we implement using ":"
In VB.Net we implements using "Inherits" keyword.

151. How do you open a page in a new window?

To open a page in a new window, you have to use client script using onclick="" attribute of HTML control.

152. How do you provide secured communication in ASP.NET?

ASP.NET provides secured communication using Secure Sockets Layer. The application to use SSL need to have an encryption key called a server certificate configured in IIS. When a user requests a secured page, the server generates an encryption key for the user's session. The encrypted response is then sent along with encryption key generated. In the client side, the response is then decrypted using same encryption key.

153. How do you set authentication mode in the ASP.NET application?

You can set authentication mode using web.config file.
<authentication mode="windows">
<authentication mode="passport">
<authentication mode="forms">

154. How many types of Cookies are available in ASP.NET?

There are two types of Cookies available in ASP.NET:

  • Session Cookie - Resides on the client machine for a single session until the user does not log out.
         • Persistent Cookie - Resides on a user's machine for a period specified for its expiry, such as 10 days, one month, and never.
The user can set this period manually.

155. How many types of validation controls are provided by ASP.NET? Explain them.

5 Types of validation control exists:

  • RequiredFieldValidator:To enforce a user to fill a particular field before submitting the form. This is done when the field is a mandatory input .e.g.: username & password
  • RangeValidator:To validate if the user input fits within a range of lower and upper limits.
  • CompareValidator:This is to compare the user input against other existing value.
  • RegularExpressionValidator:This is to ensure that the use input is as per the expected pattern. e.g.: Phone number, emails
  • CustomValidator:Custom validator allows developers to create their own validators based on their logics. This could be a mix of other validators.

156. How to make an application offline in ASP.NET 2.0.

Microsoft's Internet Information Services web server software is used to make an application offline. The IIS is instructed to route all incoming requests for the web site to another URL automatically.

Steps for application configuration:

  • In the properties of IIS manager, choose Virtual Directory tab and indicate that the content for this application should come from "A redirection to a URL."
  • Then enter the same URL to redirect.

Ways to take an application offline:

  • Stop IIS server.
  • Redirect your website to an ErrorPage.htm file which displays appropriate information/feedback to users requesting the website.
  • In the web.config look forand set it to false. This will return a default ASP.Net 4040 status page to the requesting end users.
  <httpRuntime enable="false" />
  • Add to App_Offline.htm page to the root of the website. To bring the application back up, simply delete this file.

157. How to turn off cookies for a page?

Cookie.Discard Property when true, instructs the client application not to save the Cookie on the user's hard disk when a session ends.

158. How would you create a permanent cookie?

- Permanent cookies are stored on the hard disk and are available until a specified expiration date is reached.
- To create a cookie that never expires set its Expires property equal to DateTime.maxValue.

159. How would you enable impersonation in the web.config file?

In order to enable the impersonation in the web.confing file, take the following steps:
- Include the <identity> element in the web.config file.
- Set the impersonate attribute to true as shown below:
<identity impersonate = "true" />

160. How would you turn off cookies on one page of your website?

- This can be done by using the Cookie.Discard property.
- It Gets or sets the discard flag set by the server.
- When set to true, this property instructs the client application not to save the Cookie on the hard disk of the user at the end of the session.

161. How you can access the Properties and Controls of Master Pages from content pages?

You can access the Properties and Controls of Master Pages from content pages. In many situations you need User's Name in different content pages. You can set this value inside the master page and then make it available to content pages as a property of the master page.

We will follow the following steps to reference the properties of master page from content pages.

Step: 1

Create a property in the master page code-behind file.

public String UserName
get {
return (String)Session["Name"];
set {
Session ["Name"] = value;

Step: 2

Add the @ MasterTypedeclaration to the .aspx content page to reference master properties in a content page. This declaration is added just below the @ Page declaration as follows:

<%@ Page Title=" TEST" Language="C#" MasterPageFile="~/CareerRide.master" AutoEventWireup="true" CodeFile="CareerRideWelcome.aspx.cs" Inherits="CareerRideWelcome" %>

<%@ MasterTypeVirtualPath="~/CareerRide.master" %>

Step: 3

Once you add the @ MasterType declaration, you can reference properties in the master page using the Master class. For example take a label control that id is ID="Label1"

Label1.Text= Master.UserName ;

For referencing controls in the Master Page we will write the following code.

Content Page Code.

protected void Button1_Click(object sender, EventArgs e)
TextBox txtName= (TextBox)Master.FindControl("TextBox1");

To reference controls in a master page, callMaster.FindControlfrom the content page.

162. Implementing ASP.NET Globalization.

Create resource files and compile theminto a binary resource file.
Create satellite assembly for each of the resource file for each culture.
Store them in separate folders for easy access and replacement.
Read the resources from the satellite assembly that is stored in different folders based on the locale and culture.

163. List down the sequence of methods called during the page load.

Init() - Initializes the page.
Load() - Loads the page in the server memory.
PreRender() - the brief moment before the page is displayed to the user as HTML
Unload() - runs just after page finishes loading.

164. List out the difference between windows authentication and form authentication.

Windows authentication uses windows account whereas form authentication maintains its own user list. Windows authentication is best suited for the application which is meant for a corporate users whereas form authentication is preferable for the applications which have diversified users fromseveral places.
User lists for windows authentication are found in <authorization>element whereas in case of form authentication, lists are there in <credential> element of web.config file.

165. List the difference between Server.Transfer and Response.Redirect.


The Transfer method transfers from inside of one ASP page to another ASP page.
Transfer passes the context information to the called page.
The state information that has been created for an ASP page gets transferred to the other ASP page which comprises of objects and variables within an Application or Session scope, and all items in the Request collections.


The redirect message issues HTTP 304 to the browser and causes browser to go to the specified page. There is round trip between client and server.
Redirect doesn't pass context information to the called page.

166. List the features of the Chart control?

The following are the features of the Chart control:

  • Bounds a chart with any data source.
         • Simple manipulation of chart data, such as copying, merging, grouping, sorting, searching, and filtering.
         • Support many statistical and financial formulas for data analysis.
         • Provide advanced chart outlook, such as 2-D, 3-D, lighting, and perspective.
         • Support events and customizations.
         • Includes interactivity with Microsoft AJAX.
         • Supports AJAX Content Delivery Network (CDN).

167. Make a list of all templates of the Repeater control?

The Repeater control contains the following templates:

  • ItemTemplate
         • AlternatingltemTemplate
         • SeparatorTemplate
         • HeaderTemplate
         • FooterTemplate

168. Name the class Web Forms inherit from.

The Page class

169. Name the namespace for Web page in ASP.NET


170. Namespace and Assembly.

- Namespace is a naming convenience for logical design-time while an assembly establishes the name scope for types at run time.

171. Overview of the .NET Compact Framework

.NET Compact Framework is a scaled down versions of .NET framework for supporting Windows CE based mobile and embedded devices like mobile phones, PDA's, factory controllers etc. It uses some of the libraries of .NET framework as it is and also includes some special libraries for supporting mobile devices. Some includes libraries are not the exact .NET libraries but a scaled down version of those for reducing space needs.

172. Passport authentication

Passport authentication provides authentication using Microsoft's passport service.
If passport authentication is configured and users login using passport then the authentication duties are off-loaded to the passport servers.

Passport uses an encrypted cookie mechanism to indicate authenticated users. The passport users are considered authenticated while the rest are redirected to the passport servers to log in, after which they are redirected back to the site.

Passport Software Development Kit can be downloaded and installed http://

173. Please briefly explain ASP.NET Page life Cycle?

ASP.NET page passes through a series of steps during its life cycle. Following is the high-level explanation of life cycle stages/steps.

Initialization: Controls raise their Init event in this stage.Objects and variables are initializes for complete lifecyle of request.

LoadViewState: is a post back stage and loads the view state for the controls that enabled its view state property.

LoadPostBackData: is also a post back stage and loads the data posted for the controls and update them.

Load: In this stage page as well as all the controls raise their Load event. Till this stage all the controls are initialized and loaded. In most of the cases, we are coding this event handler.

RaisePostBackEvent: is again a postback stage. For example, it's raise against a button click event. We can easily put our code here to perform certain actions.

SaveViewState: Finally, controls state is saved in this stage before Rendering HTML.

Render: This is the stage where HTML is generated for the page.

Dispose: Lastly, all objects associated with the request are cleaned up.

174. Please briefly explain the usage of Global.asax?

Global.asax is basically ASP.NET Application file. It’s a place to write code for Application-level events such as Application start, Application end, Session start and end, Application error etc. raised by ASP.NET or by HTTP Modules.

There is a good list of events that are fired but following are few of the important events in Global.asax:

  • Application_Init occurs in case of application initialization for the very first time.
         • Application_Start fires on application start.
         • Session_Start fires when a new user session starts
         • Application_Error occurs in case of an unhandled exception generated from application.
         • Session_End fires when user session ends.
         • Application_End fires when application ends or time out.

175. Point to be noted about Application and Session state variables

These variable can store any type of data.
Maintaining Session state affects performance.
Session state can be turned off at the application and page levels.
Application state variables are available throughout the current process, but not across processes.

176. Response.Redirect vs Server.Transfer

Server.Transfer is only applicable for aspx files. It transfers page processing to another page without making round-trip back to the client's browser. Since no round trips, it offers faster response and doesn't update client url history list.

Response.Redirect is used to redirect to another page or site. This performs a trip back to the client where the client's browser is redirected to the new page.

177. Session state variables

These are available to the single session who has created the variables.

178. Show with an example how to Cache different version of same page using ASP.NET Cache object.

The ways to cache different versions on the same page using ASP.NET cache object is using OutputCache object.

Three parameters of OutputCache, has 3 parameters:

  • VarByParam:based on input parameters passed through HTTP POST/GET.
  • VarByHeader:based on the page header content.
  • VayByCustom:based on declaration of an attribute and overriding GetVaryByCustomString handler.
  • VarByControl:varies with the value of properties of ASP objects.

179. Steps to execute a stored procedure from Web Application.

Create a command object.
Set the object's CommandText property to the name of the stored procedure.
Set the CommandType property to stored Procedure.
Execute stored procedure using command object's method.

180. What are assemblies?

  • An Assembly is single entity which can be deploy and that contains all the details about the implementation of the classes, structures, interfaces. It is similar to DLL files.
  • Assemblies have the classes and functions which can be reused.
  • The details of Assembly are saved in it's METADATA which contains the name and version number of the assembly, security details, dependencies details and list of files by which the assembly is constituted.
  • Namespaces are also saved in the assemblies.
  • ASP.Net applications are deployed in the form of assemblies.

181. What are benefits and limitations of using Cookies?


a. They are simple to use.
b. Light in size, thus occupy less memory.
c. Stores server information on client side
d. Data need not to be sent back to server.
e. Cookies persist for much longer period of time than a session.


a. Since they are stored on the client side in plain text, they are not secure.
b. Number of cookies that can be stored and their size is limited.
c. They don't work if security level is set too high in browser.
d. Some people might just disable cookies on their browsers.

182. What are Classes?

Classes are the blueprints for objects.
A class acts as a template for any number of distinct objects.

183. What are Custom User Controls in ASP.NET?

- These are the controls defined by developers and work similart to other web server controls.
- They are a mixture of custom behavior and predefined behavior.

184. What are Delegates? Explain with an explain how to implement delegates in ASP.NET

Delegates provide the functionality behind events.
A delegate is a strongly typed function pointer.
Invoke a method without making an explicit call to that method.
In Visual Basic .NET, the role of the delegate is largely behind the scenes

185. What are different bindings supported by WCF?

a. BasicHttpBinding
b. WSHttpBinding
c. WSDualHttpBinding
d. WSFederationHttpBinding
e. NetTcpBinding
f. NetNamedPipeBinding
g. NetMsmqBinding
h. NetPeerTcpBinding
i. MsmqIntegrationBinding

186. What are different IIS isolation levels supported in ASP.NET?

IIS has three level of isolation:-

LOW (IIS process):- In this main IIS process and ASP.NET application run in same process due to which if one crashes, the other is also affected.

Medium (Pooled):- In Medium pooled scenario the IIS and web application run in different process.

High (Isolated):-In high isolated scenario every process is running is there own process. This consumes heavy memory but has highest reliability.

187. What are HTTP handlers in ASP.NET?

HTTP handlers, as the name suggests, are used to handle user requests for Web application resources. They are the backbone of the request-response model of Web applications. There is a specific event handler to handle the request for each user request type and send back the corresponding response object.
  Each user requests to the IIS Web server flows through the HTTP pipeline, which refers to a series of components (HTTP modules and HTTP handlers) to process the request. HTTP modules act as filters to process the request as it passes through the HTTP pipeline. The request, after passing through the HTTP modules, is assigned to an HTTP handler that determines the response of the server to the user request. The response then passes through the HTTP modules once again and is then sent back to the user.
 You can define HTTP handlers in the <httpHandlers> element of a configuration file. The <add> element tag is used to add new handlers and the <remove> element tag is used to remove existing handlers. To create an HTTP handler, you need to define a class that implements the IHttpHandler interface.

188. What are Merge modules?

Merge modules are the deployment projects for the shared components. If the components are already installed, the modules merge the changes rather than unnecessarily overwrite them. When the components are no longer in use, they are removed safely from the server using Merge modules facility.

189. What are navigation controls? How many navigation controls are there in ASP.NET 4.0?

Navigation controls help you to navigate in a Web application easily. These controls store all the links in a hierarchical or drop-down structure; thereby facilitating easy navigation in a Web application.
  There are three navigation controls in ASP.Net 4.0.

  • SiteMapPath
         • Menu
         • TreeView

190. What are resource files and explain how do we generate resource files?

Resource files are files in XML format. They contain all the resources needed by an application. These files can be used to store string, bitmaps, icons, fonts.

Steps to generate a resource file:

a. Open the web page in the design view.
b. Click Tools
c. Select generate local resource
d. .resx file generated in the solution explorer
e. Type in the resources. The file contains the key and value pairs.
f. Save the file.

191. What are Satellite assemblies and how to generate Satellite assemblies?

To support the feature of multiple languages, we need to create different modules that are customized on the basis of localization. These assemblies created on the basis of different modules are knows as satellite assemblies.

Steps to generate satellite assemblies:

a. Set the paths for resgen and al.exe:
b. Create a .resources file.
c. Create the satellite assembly.
d. The assembly should have the naming convention for .NET to be able to search for it.
e. Specify the settings for culture.
f. Put the satellite assembly in the appropriate folder.
g. Once the satellite assembly is created, physically copy it to the appropriate directory.
h. Repeat the process for each language in which you are creating an assembly.

192. What are script injection attacks?

Script injection attacks called Cross-site scripting (XSS) attacks exploit vulnerabilities in Web page validation by injecting client-side script code.

This code executes on the user's browser after the browser downloads the script code from a trusted site and then the browser has no way of determining the legitimacy code.

Script injection attacks occur when an end user tries to fill in malicious code in the form or input fields of a form to access database or change it or destroy it. The malicious code tries to fool the application, that it was just another end user. The technique involves submitting contents wrapped in <script>, <object>, <applet>, <embed>, <frame>, <link> etc tags.

Request validation and validating the input provided by the end user are a solution to such attacks. One can use the following in the web.config for validating requests for all pages in the application.

<pages validateRequest="false"/>

193. What are Session state modes in ASP.NET?

ASP.NET supports different session state storage options:

  • In-Process is the default approach. It stores session state locally on same web server memory where the application is running.
         • StateServer mode stores session state in a process other than the one where application is running. Naturally, it has added advantages that session state is accessible from multiple web servers in a Web Farm and also session state will remain preserved even web application is restarted.
         • SQLServer mode stores session state in SQL Server database. It has the same advantages as that of StateServer.
         • Custom modes allows to define our custom storage provider.
         • Off mode disables session storage.

194. What are the Advantages and Disadvantages of Session?

Following are the basic advantages and disadvantages of using session.


- It stores user states and data to all over the application.

- Easy mechanism to implement and we can store any kind of object.

- Stores every user data separately.

- Session is secure and transparent from user because session object is stored on the server.


- Performance overhead in case of large number of user, because of session data stored in server memory.

- Overhead involved in serializing and De-Serializing session Data. Because In case of StateServer and SQLServer session mode we need to serialize the object before store.

195. What are the advantages of the code-behind feature?

The code-behind feature of ASP.NET offers a number of advantages:

1-Makes code easy to understand and debug by separating application logic from HTML tags

2-Provides the isolation of effort between graphic designers and software engineers

3-Removes the problems of browser incompatibility by providing code files to exist on the Web server and supporting Web pages to be compiled on demand.

196. What are the benefits and limitations of using hidden fields?


a. Easy to implement
b. Hidden fields are supported by all browsers
c. Enables faster access of information because data is stored on client side


a. Not secure because the data is stored on Client side.
b. Decreases page performance if too many hidden fields
c. Only support single value.

197. What are the benefits and limitations of using Hidden Frames?


a. Hidden frames allow you to cache more than one data field.
b. The ability to cache and access data items stored in different hidden forms.


a. Not supported by all browsers
b. Stored data is not secured as it is stored on client's machine in the form of hidden fields

198. What are the different kinds of assemblies?

There can be two types of assemblies.

i.) Static assemblies -

- They are stored on disk in portable executable files.
- It includes .NET Framework types like interfaces and classes, resources for the assembly (bitmaps, JPEG files, resource files etc.).

ii.) Dynamic assemblies -

- They are not saved on disk before execution rather they run directly from memory.
- They can be saved to disk after they have been executed.

199. What are the different method of navigation in ASP.NET?

Page navigation means moving from one page to another page in your web site and another. There are many ways to navigate from one page to another in ASP.NET.

- Client-side navigation
- Cross-page posting
- Client-side browser redirect
- Client-Side Navigation

Client-side navigation:

Client-side navigation allows the user to navigate from one page to another by using client side code or HTML. It requests a new Web page in response to a client-side event, such as clicking a hyperlink or executing JavaScript as part of a button click.


Drag a HyperLink control on the form and set the NavigateUrl property to the desired destination page.

HyperLinkControl: Source

<asp:HyperLink ID="HyperLink1" runat="server" NavigateUrl="~/Welcome.aspx"> Take a test from CareerRide </asp:HyperLink>

Suppose that, this control is placed on a Web page called CareerRide.aspx, and the HyperLink control is clicked, the browser simply requests the Welcome.aspx page.

Second method of client-side navigation is through JavaScript.


Take an HTML button control on web page. Following is the HTML code for the input button.

<input id="Button1" type="button" value="Go to next page" onclick="return Button1_onclick()" />

When the Button1 is clicked, the client-side method, Button1_onclick will be called. The JavaScript source for the Button1_onclick method is as follows:

<script language="javascript" type="text/javascript">
function Button1_onclick()


Cross-page posting:


Suppose that we have two pages, the first page is FirstPage.aspx and Second page is SecondPage.aspx. The First Page has a Button and TextBox control and its ID is Button1 and TextBox1 respectively. A Button control has its PostBackUrl property. Set this property to ''~/SecondPage.aspx''. When the user clicks on Button, the data will send to SecondPage for processing. The code for SecondPage is as follows:

protected void Page_Load(object sender, EventArgs e)
if(Page.PreviousPage == null)
Label1.Text = "No previous page in post";
Label1.Text = ((TextBox)PreviousPage.FindControl("TextBox1")).Text;

The second page contains a Label control and its ID is Label1.

The page that receives the PostBack receives the posted data from the firstpage for processing. We can consider this page as the processing page.The processing page often needs to access data that was contained inside the initial page that collected the data and delivered the PostBack. The previous page's data is available inside thePage.PreviousPageproperty. This property is only set if a cross-page post occurs.

Client-side browser redirect:

ThePage.Responseobject contains theRedirectmethod that can be used in your server-side code to instruct the browser to initiate a request for another Web page. The redirect is not a PostBack. It is similar to the user clicking a hyperlink on a Web page.


protected void Button1_Click(object sender, EventArgs e)
Response.Redirect ("Welcome.aspx");

In client-side browser redirect method an extra round trip to the server is happened.

Server-side transfer:

In this techniqueServer.Transfermethod is used. TheTransfermethod transfers the entire context of a Web page over to another page. The page that receives the transfer generates the response back to the user's browser. In this mechanism the user's Internet address in his browser does not show the result of the transfer. The user's address bar still reflects the name of the originally requested page.

protected void Button1_Click(object sender, EventArgs e)
Server.Transfer("MyPage.aspx", false);

The Transfer method has an overload that accepts a Boolean parameter called preserve-Form. You set this parameter to indicate if you want to keep the form and query string data.

200. What are the different types of Session state management options available with ASP.NET. Explain them.

ASP.NET provides In-Process and Out-of-Process state management.
In-Process stores the session in memory on the web server.
Out-of-Process Session state management stores data in an external data source.
The external data source may be either a SQL Server or a State Server service.
Out-of-Process state management requires that all objects stored in session are serializable.

201. What are the different types of Session state management options available with ASP.NET?

In-Process state management:

  • The In-Process type of Session state management stores the session in memory on the web server.
  • In order to have a user always reconnect to the same web-server, a sticky server is needed.

Out-of-Process state management:

  • Out-of-Process Session state management stores data in an external data source.
  • The external data source may be a SQL Server or a State Server service.
  • Out-of-Process state management requires the objects in a session to be serializable..

202. What are the different types of Validation controls in ASP.NET?

In order to validate user input, ASP.NET provides validation server controls. All validation controls inherits from BaseValidator class which contains the common validation properties and methods like ControlToValidate,Enabled, IsValid, EnableClientScript, ValidationGroup,Validate() etc.

ASP.NET provides a range of validation controls:

  • RequiredFieldValidator validates compulsory/required input.
         • RangeValidator validates the range. Validates that input falls between the given range values.
         • CompareValidator validates or compares the input of a control with another control value or with a fixed value.
         • RegularExpressionValidator validates input value against a defined regular expression pattern.
         • CustomValidator allows to customize the validation logic with respect to our application logic.
         • ValidationSummary displays all errors on page collectively.

203. What are the event handlers that can be included in the Global.asax file?

The Global.asax file contains some of the following important event handlers:

  • Application_Error
         • Application_Start
         • Application_End
         • Session_Start
         • Session_End

204. What are the events in GLOBAL.ASAX file?

Global.asax file contains the following events:


Fired when an application initializes or is first called. It is invoked for all HttpApplication object instances.


Fired just before an application is destroyed. This is the ideal location for cleaning up previously used resources.


Fired when an unhandled exception is encountered within the application.


Fired when the first instance of the HttpApplication class is created.It allows you to create objects that are accessible by all HttpApplication instances.


Fired when the last instance of an HttpApplication class is destroyed. It is fired only once during an application's lifetime.


Fired when an application request is received. It is the first event fired for a request, which is often a page request (URL) that a user enters


The last event fired for an application request.


Fired before the ASP.NET page framework begins executing an event handler like a page or Web service.


Fired when the ASP.NET page framework has finished executing an event handler


Fired before the ASP.NET page framework sends HTTP headers to a requesting client (browser)


Fired before the ASP.NET page framework send content to a requesting client (browser).


Fired when the ASP.NET page framework gets the current state (Session state) related to the current request.


Fired when the ASP.NET page framework completes execution of all event handlers. This results in all state modules to save their current state data


Fired when the ASP.NET page framework completes an authorization request. It allows caching modules to serve the request from the cache, thus bypassing handler execution.


Fired when the ASP.NET page framework completes handler execution to allow caching modules to store responses to be used to handle subsequent requests


Fired when the security module has established the current user's identity as valid. At this point, the user's credentials have been validated


Fired when the security module has verified that a user can access resources


Fired when a new user visits the application Web site


Fired when a user's session times out, ends, or they leave the application Web site

205. What are the exception-handling ways in ASP.NET? Explain each ways.

Exceptions can be handled by using Try(try) block and Error event procedures at the global, application, or page levels by using the Server object's GetLastError and ClearError methods

206. What are the Globalization approaches possible in ASP.NET?

You can follow many approaches to have globalized application.
You can create separate web application for each culture.
You can create an application that can detect the user's culture and adjusts output at run time using format specifiers and other tools.
You can store culture-dependent strings in resource files that are compiled into satellite assemblies.

207. What are the HTML server controls in ASP.NET?

HTML server controls are similar to the standard HTML elements, which are normally used in HTML pages. They expose properties and events that can be used programmatically. To make these controls programmatically accessible, you need to specify that the HTML controls act as a server control by adding the runat="server"attribute.

208. What are the major built-in objects in ASP.NET?

The major built-in objects in ASP.NET are as follows:  

  • Application
         • Request
         • Response
         • Server
         • Session
         • Context
         • Trace

209. What are the methods fired during the page load? Explain each of them

Init() - when the page is instantiated.
Load() - when the page is loaded into server memory.
PreRender() - the brief moment before the page is displayed to the user as HTML
Unload() - when page finishes loading.

210. What are the navigation ways between pages available in ASP.NET?

Ways to navigate between pages are:

Hyperlink control
Response.Redirect method
Server.Transfer method
Server.Execute method
Window.Open script method

211. What are the options in ASP.NET to maintain state?

Client-side state management
This maintains information on the client's machine using Cookies, View State, and Query Strings.

A cookie is a small text file on the client machine either in the client's file system or memory of client browser session. Cookies are not good for sensitive data. Moreover, Cookies can be disabled on the browser. Thus, you can't rely on cookies for state management.

View State
Each page and each control on the page has View State property. This property allows automatic retention of page and controls state between each trip to server. This means control value is maintained between page postbacks. Viewstate is implemented using _VIEWSTATE, a hidden form field which gets created automatically on each page. You can't transmit data to other page using view state.

Query strings can maintain limited state information. Data can be passed from one page to another with the URL but you can send limited size of data with the URL. Most browsers allow a limit of 255 characters on URL length.

Server-side state management
This kind of mechanism retains state in the server.

Application State
The data stored in the application object can be shared by all the sessions of the application. Application object stores data in the key value pair.

Session State
Session State stores session-specific information and the information is visible within the session only. ASP.NET creates unique sessionId for each session of the application. SessionIDs are maintained either by an HTTP cookie or a modified URL, as set in the application's configuration settings. By default, SessionID values are stored in a cookie.

Database can be used to store large state information. Database support is used in combination with cookies or session state.

212. What are the Session State Modes? Define each Session State mode supported by ASP.NET.

ASP.NET supports three Session State modes.

  • InProc
  • State Server
  • SQL Server

InProc Mode
This mode stores the session data in the ASP.NET worker process.
This is the fastest among all of the storage modes.
This mode effects performance if the amount of data to be stored is large.
If ASP.NET worker process recycles or application domain restarts, the session state will be lost.

State Server mode
In this mode, the session state is serialized and stored in memory in a separate process.
State Server can be maintained on a different system.
State Server mode involves overhead since it requires serialization and de-serialization of objects.
State Server mode is slower than InProc mode as this stores data in an external process.

SQL Server Mode
In this storage mode, the Session data is serialized and stored in a database table in the SQL Server database.
This is reliable and secures storage of a session state.
This mode can be used in the web farms.
It involves overhead in serialization and de-serialization of the objects.
SQL Server is more secure than the InProc or the State server mode.

213. What are the types of Authentication in ASP.NET?

There are three types of authentication available in ASP.NET:

  • Windows Authentication: This authentication method uses built-in windows security features to authenticate user.
         • Forms Authentication: authenticate against a customized list of users or users in a database.
         • Passport Authentication: validates against Microsoft Passport service which is basically a centralized authentication service.

214. What are the types of Caching in ASP.NET?

Caching in ASP.NET can be of the following types
Page Output Caching
Page Fragment Caching
Data Caching

215. What are the validation controls available in ASP.NET?

ASP.NET validation controls are:

RequiredFieldValidator: This validates controls if controls contain data.

CompareValidator: This allows checking if data of one control match with other control.

RangeValidator: This verifies if entered data is between two values.

RegularExpressionValidator: This checks if entered data matches a specific format.

CustomValidator: Validate the data entered using a client-side script or a server-side code.

ValidationSummary: This allows developer to display errors in one place.

216. What are the validation types supported by ASP.NET?

Following are the validation types in ASP.NET:

  • The RequiredFieldValidator control forces the input control a required field.
  • The CompareValidator control is used to compare values of the two input fields.
  • The CustomValidator control allows you to write a method to handle the validation of the value entered.
  • The RangeValidator control is used to check that the user enters an input value that falls between two values. It is possible to check ranges within numbers, dates, and characters.
  • The RegularExpressionValidator control ensures an input value matches a specified pattern.
  • The ValidationSummary control is used to display a summary of all validation errors occurred in a Web page.

217. What are the various session state management options provided by ASP.NET?

- ASP.NET provides two session state management options - In-Process and Out-of-Process state management.
- In-Process stores the session in memory on the web server.
- Out-of-Process stores data in an external data source. This data source may be a SQL Server or a State Server service. Out-of-Process state management needs all objects stored in session to be serializable.

218. What are the various types of Authentication?

There are 3 types of Authentication namely Windows, Forms and Passport Authentication.

- Windows authentication - It uses the security features integrated in Windows NT and Windows XP OS to authenticate and authorize Web application users.

- Forms authentication - It allows you to create your own list of users and validate their identity when they visit the Web site.

- Passport authentication - It uses the Microsoft centralized authentication provider to identify users. Passport allows users to use a single identity across multiple Web applications. Passport SDK needs to be installed to use Passport authentication in your Web application.

219. What are the various types of Cookies in ASP.NET?

There exist two types of cookies in ASP.NET

- Session Cookie - It resides on the machine of the client for a single session and works until the user logs out of the session.
- Persistent Cookie - It resides on the machine of a user for a specified period. This period can be set up manually by the user.

220. What are the various types of validation controls provided by ASP.NET?

ASP.NET provides 6 types of validation controls as listed below:

i.) RequiredFieldValidator - It is used when you do not want the container to be empty. It checks if the control has any value or not.

ii.) RangeValidator - It checks if the value in validated control is within the specified range or not.

iii.) CompareValidator - Checks if the value in controls matches some specific values or not.

iv.) RegularExpressionValidator - Checks if the value matches a specific regular expression or not.

v.) CustomValidator - Used to define User Defined validation.

vi.) Validation Summary -Displays summary of all current validation errors on an ASP.NET page.

221. What are the various ways of authentication techniques in ASP.NET?

There are various techniques in ASP.NET to authenticate a user. You can use one of the following ways of authentication to select a built-in authentication provider:

  • Windows Authentication - This mode works as the default authentication technique. It can work with any form of Microsoft Internet Information Services (IIS) authentication, such as Basic, Integrated Windows authentication (NTLM/Kerberos), Digest, and certificates. The syntax of Windows authentication mode is given as follows: <authentication mode="windows" />
         • Forms Authentication - You can specify this mode as a default authentication mode by using the following code snippet: <authentication mode="Forms"/>
         • Passport - This mode works with Microsoft Passport authentication, as shown in the following code snippet: <authentication mode = "Passport"/>

222. What are the ways of preserving data on a Web Form in ASP.NET?

ASP.NET has introduced view state to preserve data between postback events. View state can't avail data to other web form in an application. To provide data to other forms, you need to save data in a state variable in the application or session objects.

223. What are the waysof handling exceptions in ASP.NET?

There are three ways to handle exceptions in ASP.NET
Try/catch/finally block.
Using Events like Page_Error and Application_Error
Using Custom error page

224. What are the Web Form Events available in ASP.NET?


225. What are Volatile and Dead letter queues?

Volatile Queues:There are scenarios in the project when you want the message to deliver in proper time. The timely delivery of message is very more important and to ensure they are not lost is important too. Volatile queues are used for such purposes.

Dead-Letter Queues:Queues are needed so that client and server are not required to run at the same time when the message is sent. When a message lies inside a queue for a long time on the server and becomes invalid after some time period, then such messages are not to be sent to the client. All these messages are sent to dead-letter queue. Therefore, dead-letter queues are responsible for storing messages that fail timely delivery.

226. What are Web server controls in ASP.NET?

- These are the objects on ASP.NET pages that run when the Web page is requested.
- Some of these Web server controls, like button and text box, are similar to the HTML controls.
- Some controls exhibit complex behavior like the controls used to connect to data sources and display data.

227. What are XOML files?

XOML is an acronym for Extensible Object Markup Language. XOML files are the markup files. They are used to declare the workflow and are then compiled with the file containing the implementation logic. XOML file is used separately to ensure code-separation workflow authoring

228. What does the .WebPart file do?

It explains the settings of a Web Parts control that can be included to a specified zone on a Web page.

229. What does the Orientation property do in a Menu control?

Orientation property of the Menu control sets the display of menu on a Web page to vertical or horizontal.
Originally the orientation is set to vertical.

230. What does WSDL stand for? Explain its purpose

Web Services Description Language.

231. What events are fired when a page loads?

The following events fire when a page loads:

  • Init() - Fires when the page is initializing.
         • LoadViewState() - Fires when the view state is loading.
         • LoadPostData() - Fires when the postback data is processing.
         • Load() - Fires when the page is loading.
         • PreRender() - Fires at the brief moment before the page is displayed to the user as HTML.
         • Unload() - Fires when the page is destroying the instances of server controls.

232. What is a Cookie? Where is it used in ASP.NET?

CookiesCookie is a lightweight executable program, which the server posts to client machines. 

?Cookies store the identity of a user at the first visit of the Web site and validate them later on the next visits for their authenticity. The values of a cookie can be transferred between the user's request and the server's response.

233. What is a ViewState?

  • If a site happens to not maintain a ViewState, then if a user has entered some information in a large form with many input fields and the page is refreshes, then the values filled up in the form are lost.
  • The same situation can also occur on submitting the form. If the validations return an error, the user has to refill the form.
  • Thus, submitting a form clears up all form values as the site does not maintain any state called ViewState.
  • In ASP .NET, the ViewState of a form is maintained with a built-in state management technique keeps the state of the controls during subsequent postbacks by a particular user.
  • The ViewState indicates the status of the page when submitted to the server. The status is defined through a hidden field placed on each page with a <form runat="server"> control.
  <input type="hidden" name="__VIEWSTATE" value="CareerRide">
  • The ViewState option can be disabled by including the directive <%@ Page EnableViewState="false"%> at the top of an .aspx page
  • If a ViewState of a certain control has to be disabled, then set EnableViewState="false".

234. What is Absolute and Sliding expiration in .NET?

Absolute and sliding expiration are two Time based expiration strategies.
Absolute Expiration: Cache in this case expires at a fixed specified date or time.
Example: Cache. Insert("ABC", ds, null, DateTime.Now.AddMinutes(1), Cache.NoSlidingExpiration);
The cache is set to expire exactly two minutes after the user has retrieved the data.

Sliding Expiration: the cache duration increases in this case by the specified sliding expiration value every time the page is requested. More a page is requested it will remain in cache, whereas a less requested page will not remain in cache.

Example: Cache.Insert("ABC", ds, null, Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(1));

235. What is an application domain?

It's a way in CLR to maintain a boundary between various applications to ensure that they do not interfere in working of any other application. CLR acts as a mini operating system where a single process may have various application domains.

236. What is an ASP.NET Web Form?

ASP.NET Web forms are designed to use controls and features that are almost as powerful as the ones used with Windows forms, and so they are called as Web forms. The Web form uses a server-side object model that allows you to create functional controls, which are executed on the server and are rendered as HTML on the client. The attribute, runat="server", associated with a server control indicates that the Web form must be processed on the server.

237. What is an Assembly? Explain its parts

An assembly exists as a .DLL or .EXE that contains MSIL code that is executed by CLR. An assembly contains interface and classes, it can also contain other resources like bitmaps, files etc. It carries version details which are used by the CLR during execution. Two assemblies of the same name but with different versions can run side-by-side enabling applications that depend on a specific version to use assembly of that version. An assembly is the unit on which permissions are granted. It can be private or global. A private assembly is used only by the application to which it belongs, but the global assembly can be used by any application in the system.

The four parts of an assembly are:

Assembly Manifest - It contains name, version, culture, and information about referenced assemblies.

Type metadata - It contains information about types defined in the assembly.

MSIL - MSIL code.

Resources - Files such as BMP or JPG file or any other files required by application.

238. What is application domain?

It is the process space within which ASP.NET application runs. Every application has its own process space which isolates it from other application. If one of the application domains throws error it does not affect the other application domains.

239. What is AppSetting Section in ???Web.Config??? file?

Web.config file defines configuration for a webproject.

AppSetting section is used to set the user defined values. For e.g.: The ConnectionString which is used through out the project for database connection.

<appSettings><BR><addkey="ConnectionString"value="server=xyz;pwd=www;database=testing" />

240. What is ASP.NET?

ASP.NET is a specification developed by Microsoft to create dynamic Web applications, Web sites, and Web services. It is a part of .NET Framework. You can create ASP.NET applications in most of the .NET compatible languages, such as Visual Basic, C#, and J#. The ASP.NET compiles the Web pages and provides much better performance than scripting languages, such as VBScript. The Web Forms support to create powerful forms-based Web pages. You can use ASP.NET Web server controls to create interactive Web applications. With the help of Web server controls, you can easily create a Web application.

241. What is ASP?

Active Server Pages (ASP), also known as Classic ASP, is a Microsoft's server-side technology, which helps in creating dynamic and user-friendly Web pages. It uses different scripting languages to create dynamic Web pages, which can be run on any type of browser. The Web pages are built by using either VBScript or JavaScript and these Web pages have access to the same services as Windows application, including ADO (ActiveX Data Objects) for database access, SMTP (Simple Mail Transfer Protocol) for e-mail, and the entire COM (Component Object Model) structure used in the Windows environment. ASP is implemented through a dynamic-link library (asp.dll) that is called by the IIS server when a Web page is requested from the server.

242. What is Authentication in ASP.NET?

Authentication is the process of verifying user's details and find if the user is a valid user to the system or not. This process of authentication is needed to provide authority to the user. ASP.NET implements authentication through authentication providers. Each provider has OnAuthenticate event. It allows building a custom authorization scheme.

243. What is Authorization in ASP.NET?

Usually after a user is authenticated by means of a login, the process of authorization is followed where the decision is made whether a user should be granted access to a specific resource.

There are 2 ways to authorize access to a given resource:

URL authorization:

URL authorization is performed by the UrlAuthorizationModule
It maps users and roles to URLs in ASP.NET applications.

File authorization:

File authorization is performed by the FileAuthorizationModule.
It checks the access control list of the .aspx or .asmx handler file to determine whether a user should have access to the file.

244. What is AutoPostback?

AutoPostBack automatically posts the page back to the server when state of the control is changed.

245. What is break mode? What are the options to step through code?

Break mode lets you to observe code line to line in order to locate error. VS.NET provides following option to step through code.

Step Into
Step Over
Step Out
Run To Cursor
Set Next Statement

246. What is Cache Callback in Cache?

The cache object has dependencies e.g. relationships to the file it stores. Cache items remove the object when these dependencies change. As a work around we would need to simply execute a callback method whenever items are removed from the cache to add the items back in cache.

e.g.: We have a string variable string var="hello" and store it in cache. This item would be removed from the cache if value is changed from "hello" to "bye". In such a case we need to simply right a callback function which would add updated var back in cache as it's been removed as a result of its dependencies changing.

247. What is caching?

Caching is the technique of storing frequently used items in memory so that they can be accessed more quickly.
By caching the response, the request is served from the response already stored in memory.
It's important to choose the items to cache wisely as Caching incurs overhead.
A Web form that is frequently used and does not contain data that frequently changes is good for caching.
A cached web form freezes form's server-side content and changes to that content do not appear until the cache is refreshed.

248. What is CAS?

CAS is very important part of .Net security system which verifies if particular piece of code is allowed to run. It also determines if piece of code have access rights to run particular resource. .NET security system applies these features using code groups and permissions. Each assembly of an application is the part of code group with associated permissions.

249. What is connection pooling and how to enable and disable connection pooling?

Connection pool is created when we open connection first time. When a new connection is created with same connection string as the first one, it reuses the same and existing connection object from the pool without creating a new one.

If the connection string is different then a new connection pooling will be created, thus won't use the existing connection object.

By default, we have connection pooling enabled in .Net. To disable connection pooling, set Pooling = false in the connection string.

250. What is Cross Page Posting? How is it done?

  • By default, the form is submitted on the same page by ASP.Net.
  • In cross-page posting, the form is submitted to another page.
  • We can achieve this by giving the particular page url to the PostBackUrl property of a submit button.
  • We can use the FindControl method of the PreviousPage property to fetch the details of the control of the first page in the code behind of the page of PostBackUrl.

251. What is cross-page posting in ASP.NET?

The Server.Transfer() method is used to post data from one page to another. In this case, the URL remains the same. However, in cross page posting, data is collected from different Web pages and is displayed on a single page. To do so, you need to set the PostBackUrl property of the control, which specifies the target page. In the target page, you can access the PreviousPage property. For this, you need to use the@PreviousPageType directive. You can access the controls of previous page by using the FindControl()method.

252. What is delegate?

A delegate acts like a strongly type function pointer. Delegates can invoke the methods that they reference without making explicit calls to those methods. It is type safe since it holds reference of only those methods that match its signature. Unlike other classes, the delegate class has a signature. Delegates are used to implement event programming model in .NET application. Delegates enable the methods that listen for an event, to be abstract.

253. What is duplex contract in WCF?

Duplex contract: It enables clients and servers to communicate with each other. The calls can be initiated independently of the other one. The duplex contract is one the message patterns available to Windows Communication Foundation (WCF) services. It comprises of two one-way contracts.

254. What is Encapsulation?

The data of an object should never be made available to other objects.

255. What is event bubbling in .NET?

The passing of the control from the child to the parent is called as bubbling. Controls like DataGrid, Datalist, Repeater, etc can have child controls like Listbox, etc inside them. An event generated is passed on to the parent as an ItemCommand.

256. What is event bubbling?

- When child control send events to parent it is termed as event bubbling.
- Server controls like Data grid, Data List, and Repeater can have other child controls inside them.

257. What is Fragment Caching in ASP.NET?

  • Fragment caching refers to the caching of individual user controls within a Web Form.
  • Each user control can have independent cache durations and implementations of how the caching behavior is to be applied.
  • Fragment caching is useful when you need to cache only a subset of a page.
  • Navigation bars, header, and footers are good candidates for fragment caching.

Fragment caching allows to cache specific portions of the page rather than the whole page. It is done by implementing the page in different parts by creating everything in form of user controls and caching each user control individually

258. What is garbage collection?

It is a system where a run-time component takes responsibility for managing the lifetime of objects and the heap memory that they occupy.

259. What is Global.asax file used for?

It executes application-level events and sets application-level variables.

260. What is Globalization and Localization in ASP.NET?

Localization is the process of adapting a software application for a specific locale. Globalization is the process of identifying the localizable resources of the application. You can provide support for Localization and Globalization to the application using System.Globalization, System.Resources and System.Threading namespaces.
The developer can define culture specific information using the System.Globalization namespace. The System.Resources namespace contains ResourceManager class that allows access to resources either from the main assembly or from the Satellite Assemblies. The System.Threading namespace supports for multithreaded programming.
A webform has two culture values, Culture and UICulture. Culture value is used for date and number formatting and UICulture values are used to determine culture specific resources.
You can set culture and UICulture values in the application as follows.

Using <globalization>element of Web.Config.

Using @Page directive in the Page.

In Code-Behind Page e.g.
Thread.CurrentThread.CurrentCulture = CultureInfo.CreateSpecificCulture ("en-GB");
Thread.CurrentThread.CurrentUICulture=new CultureInfo("en-GB");

261. What is IIS? Why is it used?

Internet Information Services (IIS) is created by Microsoft to provide Internet-based services to ASP.NET Web applications. It makes your computer to work as a Web server and provides the functionality to develop and deploy Web applications on the server. IIS handles the request and response cycle on the Web server. It also offers the services of SMTP and FrontPage server extensions. The SMTP is used to send emails and use FrontPage server extensions to get the dynamic features of IIS, such as form handler.

262. What is impersonation in ASP.NET?

Impersonation is a technique to access application resources using the identity of some other user.

By default, Impersonation is off

<identity impersonate="true" userName="domain name\username" password="password"/>

263. What is impersonation?

Impersonation means delegating one user identity to another user. In ASP.NET, the anonymous users impersonate the ASPNET user account by default. You can use <identity> element of web.config file to impersonate user. E.g. <identity impersonate="true"/>

264. What is Language Integrated Query (LINQ)?

LINQ is a set of extensions to .NET Framework that encapsulate language integrated query, set and other transformation operations. It extends VB, C# with their language syntax for queries. It also provides class libraries which allow a developer to take advantages of these features.

265. What is managed code in .Net?

The code that runs under the guidance of common language runtime (CLR) is called managed code. The versioning and registration problem which are formally handled by the windows programming are solved in .Net with the introduction of managed code. The managed code contains all the versioning and type information that the CLR use to run the application.

266. What is marshalling? Explain types of marshalling.

Marshaling is a process of transforming or serializing data from one application domain and exporting it to another application domain.

Two types of marshallingMarshal by value:a copy of an object is created by the server and is passed and used by the client.
  • Marshal by reference:the client creates a proxy to access the object.

267. What is Master Page in ASP.NET?

A Master page offers a template for one or more web forms. It defines placeholders for the content, which can be overridden by the content pages. The content pages contains only content. When users request the content page, ASP.NET merges the layout of the master page with the content of the content page and produce output.

268. What is MSIL?

MSIL is the Microsoft Intermediate Language.
.NET compatibleapplication will get converted to MSIL on compilation.
MSIL gets converted into machine language or native codeby JIT compiler.

269. What is ObjRef object in remoting?

ObjRef is a searializable object returned by Marshal() that knows about location of the remote object, host name, port number, and object name.

270. What is Option Strict used for?

Option Strict Onenables type checking at design time andprevents type mismatch bugs.

271. What is partial classess in .net?

When there is a need to keep the business logic separate from the User Interface or when there is some class which is big enough to have multiple number of developers implement the methods in it, the class can be separated and written in different files as partial class.

The keyword partial must appear in each class.

//syntax for C#
Public partial class MyPartialClass1

// this code could be in file1

Public partial class MyPartialClass1
// this code could be in file2

Partial classes allow us to divide the class definition into multiple files (physically). Logically, all the partial classes are treated as a single file by the compiler. 

272. What is QueryString? Benefits and limitations of using querystring.

Querystring is way to transfer information from one page to another through the URL. QueryString is attached to the URL with "?".


a. Supported by all the browsers
b. No extra effort is needed to code.
c. Easy to use.


a. All the attributes and values are visible to the end user. Therefore, they are not secure.

b. There is a limit to URL length of 255 characters.

273. What is reflection?

Reflection is a mechanism through which types defined in the metadata of each module can be accessed. The System.Reflection namespaces contains classes that can be used to define the types for an assembly.

274. What is Role-based security?

- Used in almost all organization, the Role-based security assign certain privileges to each role.
- Each user is assigned a particular role from the list.
- Privileges as per role restrict the user's actions on the system and ensure that a user is able to do only what he is permitted to do on the system.

275. What is Satellite assembly?

Satellite assembly is a kind of assembly that includes localized resources for an application. Each satellite assembly contains the resources for one culture.

276. What is Scavenging?

A process where items are removed from cache in order to free the memory based on their priority. A property called "CacheItemPriority" is used to figure out the priority of each item inside the cache. This priority property is set when an item is added to the cache.

277. What is Secure Sockets Layer (SSL) security?

SSL protects data exchanged between a client and an ASP.NET application by encrypting the data before it is sent across the internet.

278. What is Session Identifier?

Session Identifier is used to identify session. It has SessionID property. When a page is requested, browser sends a cookie with a session identifier. This identifier is used by the web server to determine if it belongs to an existing session. If not, a Session ID (120 - bit string) is generated by the web server and sent along with the response.

279. What is Session object? Describe in detail.

HTTP is a stateless protocol; it can't hold the user information on web page. If user inserts some information, and move to the next page, that data will be lost and user would not able to retrieve the information. For accessing that information we have to store information. Session provides that facility to store information on server memory. It can support any type of object to store. For every user Session data store separately means session is user specific.

Storing the data in Session object.

Session [''message''] = ''Hello World!'';

Retreving the data from Session object.

Label1.Text = Session[''message''].ToString();

280. What is Shared (static) member?

Itbelongs to the type but not to any instance of a type.
Itcan be accessed without creating an instance of the type.
It can beaccessed using the type name instead of the instance name.
Itcan't refer to any instance data.

281. What is side-by-side execution?

This means multiple version of same assembly to run on the same computer. This feature enables to deploy multiple versions of the component.

282. What is SQL Cache Dependency in ASP.NET?

SQL Cache Dependency in ASP.NET: It is the mechanism where the cache object gets invalidated when the related data or the related resource is modified. It is a feature in SQL Server 2005 and SQL Server 2000.

3 types of SQL-cache dependencies exist:

a. Other cache items.
b. Files/folders.
c. Dependencies on a database query.

283. What is state management in ASP.NET?

State management is implemented in order to retain information about the user requests. Web pages are stateless. Each request creates new page without retaining any previous information about the user requests. ASP.NET supports several State management techniques to maintain state information.

State management in ASP.NET can be classified into
Client-side state management
Server-side state management

284. What is State Management? How many ways are there to maintain a state in .NET?

State management is used to store information requests. The state management is used to trace the information or data that affect the state of the applications.
  There are two ways to maintain a state in .NET, Client-Based state management and Server-Based state management.
  The following techniques can be used to implement the Client-Based state management:

  • View State
         • Hidden Fields
         • Cookies
         • Query Strings
         • Control State
The following techniques can be used to implement Server-Based state management:
  • Application State
         • Session State
         • Profile Properties

285. What is the appSettings Section in the web.config file?

The web.config file sets the configuration for a Web project. The appSettings block in configuration file sets the user-defined values for the whole application.
  For example, in the following code snippet, the specified ConnectionString section is used throughout the project for database connection:
  <add key="ConnectionString" value="server=indiabixserver; pwd=dbpassword; database=indiabix" />

286. What is the authentication mode available in ASP.NET?

ASP.NET supports three authentication modes through the System.Web.Security namespace.

Windows Authentication
The windows authentication authenticates users based on their windows accounts. In short, it uses windows network security. It uses IIS to perform authentication.

Passport authentication
The Passport authentication uses Microsoft's passport service to authenticate users. The new user is directed to the Microsoft site where he can register his identity. This facilitates user to access multiple sites using single user name and password. You need to install the Passport SDK to enable the Passport classes in the System.Web.Security namespace.

Form authentication
The Form authentication collects user's credential and lets the application use own logic to authenticate users. The collected user's credential is validated using the list maintained by the application. The application maintains its own user list either using <credential>element in the web.config file or using database. The advantage of using form authentication is that the users don't need to be the member of windows network to have access to the application.

287. What is the basic difference between ASP and ASP.NET?

The basic difference between ASP and ASP.NET is that ASP is interpreted; whereas, ASP.NET is compiled. This implies that since ASP uses VBScript; therefore, when an ASP page is executed, it is interpreted. On the other hand, ASP.NET uses .NET languages, such as C# and VB.NET, which are compiled to Microsoft Intermediate Language (MSIL).

288. What is the concept of Postback in ASP.NET?

A postback is a request sent from a client to server from the same page user is already working with.

ASP.NET was introduced with a mechanism to post an HTTP POST request back to the same page. It's basically posting a complete page back to server (i.e. sending all of its data) on same page. So, the whole page is refreshed.

289. What is the difference between a HyperLink control and a LinkButton control?

A HyperLink control does not have the Click and Command events; whereas, the LinkButton control has these events, which can be handled in the code-behind file of the Web page.

290. What is the difference between adding items into cache through the Add() method and through theInsert() method?

Both methods work in a similar way except that the Cache.Add() function returns an object that represents the item you added in the cache. The Cache.Insert() function can replace an existing item in the cache, which is not possible using the Cache.Add() method.

291. What is the difference between an HtmlInputCheckBox control and an HtmlInputRadioButton control?

You can select more than one HtmlInputCheckBox control from a group of HtmlInputCheckBox controls; whereas, you can select only a single HtmllnputRadioButton control from a group ofHtmlInputRadioButton controls.

292. What is the difference between authentication and authorization?

Authentication verifies the identity of a user and authorization is a process where you can check whether or not the identity has access rights to the system. In other words, you can say that authentication is a procedure of getting some credentials from the users and verify the user's identity against those credentials. Authorization is a procedure of granting access of particular resources to an authenticated user. You should note that authentication always takes place before authorization.

293. What is the difference between custom controls and user controls?

Custom controls are basically compiled code i.e. DLLs. These can be easily added to toolbox, so it can be easily used across multiple projects using drag and drop approach. These controls are comparatively hard to create.

But User Controls (.ascx) are just like pages (.aspx). These are comparatively easy to create but tightly couple with respect to User Interface and code. In order to use across multiple projects, we need to copy and paste to the other project as well.

294. What is the difference between HTML and Web server controls?

HTML controls are client-side controls; therefore, all the validations for HTML controls are performed at the client side. On the other hand, Web server controls are server-side controls; therefore, all the validations for Web server controls are performed at the server side.

295. What is the difference between login controls and Forms authentication?

  • Forms authentication can be easily implemented using login controls without writing any code.
  • Login control performs functions like prompting for user credentials, validating them and issuing authentication just as the FormsAuthentication class.
  • However, all that's needs to be dne is to drag and drop the use control from the tool box to have these checks performed implicitly.
  • The FormsAuthentication class is used in the background for the authentication ticket and ASP.NET membership is used to validate the user credentials.

296. What is the difference between the Response.Write() and Response.Output.Write() methods?

The Response.Write() method allows you to write the normal output; whereas, theResponse.Output.Write() method allows you to write the formatted output.

297. What is the difference between URL and URI?

A URL (Uniform Resource Locator) is the address of some resource on the Web. A resource is nothing but a page of a site. There are other type of resources than Web pages, but that's the easiest conceptually.

A URI is a unique identifier to usually a namespace.
Though it looks like a URL but it doesn't have to necessarily locate any resource on the web.

URI is a generic term. URL is a type of URI.

URI- Uniform Resource Identifier: it's a string and its responsibility is to identify a resource by meta-information. It gives information about only one resource.

URL- Uniform Resource Locator: identifies the resource on the net and tells it is obtainable using what protocols.

298. What is the importance of Global.asax in ASP.NET?

The Global.asax is used to implement application and session level events.

299. What is the lifespan for items stored in ViewState?

Items stored in the ViewState exist for the life of the current page.
This includes postbacks (to the same page).

300. What is the Pre-Compilation feature of ASP.NET 2.0?

Previously, in ASP.NET, the pages and the code used to be compiled dynamically and then cached so as to make the requests to access the page extremely efficient. In ASP.NET 2.0, the pre-compilation feature is used with which an entire site is precompiled before it is made available to users.

There is a pre-defined folder structure for enabling the pre-compilation feature:

  • App_Code: stores classes
  • App_Themes: stores CSS files, Images, etc.
  • App_Data: stores XML files, Text Files, etc.
  • App_GlobalResources: stores all the resources at global level E.g. resx files, etc
  • App_LocalResources: stores all the resources at local/Page level

It is a process where things that can be handled before compilation are prepared in order to reduce the deployment time, response time, increase safety. It's main aim to boost performance.

It also helps in informing about the compilation failures.

During development, it allows you to make changes to the web pages and reuse it using the same web browser to validate the changes without compiling the entire website.

During deployment, it generates the entire website folder structure in the destination. All the static files are copied to the folder and bin directory would later on contain the compiled dll.

301. What is the transport protocol you use to call a Web service?

SOAP(Simple Object Access Protocol) is the preferred protocol.

302. What is the use of ComVisible attribute?

ComVisible attribute is used to select which public .NET classes and members are visible to COM.

303. What is the use of the <sessionState> tag in the web.config file?

The <sessionState> tag is used to configure the session state features. To change the default timeout, which is 20 minutes, you have to add the following code snippet to the web.config file of an application:<sessionState timeout="40"/>

304. What is the use of Web.config file?

Following are the setting you can incorporate in web.config file.

Database connections
Error Page setting
Session States
Error Handling
Trace setting
Culture specific setting

305. What is the use of web.config? What is the difference between machine.config and web.config?

ASP.NET configuration files are XML-based text files for application-level settings and are saved with the name web.config. These files are present in multiple directories on an ASP.NET Web application server. Theweb.config file sets the configuration settings to the directory it is placed in and to all the virtual sub folders under it. The settings in sub directories can optionally override or change the settings specified in the base directory.
  The difference between the web.config and machine.config files is given as follows:

  • <WinDir>\Microsoft.NET\Framework\<version>\config\machine.config provides default configuration settings for the entire machine. ASP.NET configures IIS to prohibit the browser directly from accessing the web.config files to make sure that their values cannot be public. Attempts to access those files cause ASP.NET to return the 403: Access Forbidden error.
         • ASP.NET uses these web.config configuration files at runtime to compute hierarchically a sole collection of settings for every URL target request. These settings compute only once and cached across further requests. ASP.NET automatically checks for changing file settings and do not validate the cache if any of the configuration changes made.

306. What is tracing? Where is it used?

Tracing displays the details about how the code was executed. It refers to collecting information about the application while it is running. Tracing information can help you to troubleshoot an application. It enables you to record information in various log files about the errors that might occur at run time. You can analyze these log files to find the cause of the errors.
  In .NET, we have objects called Trace Listeners. A listener is an object that gets the trace output and stores it to different places, such as a window, a file on your locale drive, or a SQL Server.
 The System.Diagnostics namespace contains the predefined interfaces, classes, and structures that are used for tracing. It supplies two classes, Trace and Debug, which allow you to write errors and logs related to the application execution. Trace listeners are objects that collect the output of tracing processes.

307. What is ViewState?

The ViewState is a feature used by ASP.NET Web page to store the value of a page and its controls just before posting the page. Once the page is posted, the first task by the page processing is to restore the ViewState to get the values of the controls.

308. What is ViewState? Explain its benefits and limitations.

Viewstate is used to maintain or retain values on postback. It helps in preserving a page. Viewstate is internally maintained as a hidden field in encrypted form along with a key.


i) No server resources.
ii) Viewstate ensures security because it stores the data in encrypted format.
iii) Viewstates are simple. They are used by enabling or disabling the viewstate properties.
iv) It is based on the wish of developer that they want to implement it at the page level or at control level.


i) If large amount of data is stored on the page, then page load might cause a problem.
ii) Does not track across pages. Viewstate information does not automatically transfer from page to page.

309. What is Windows communication foundation, WCF?

WCF is a framework that builds applications that can inter-communicate based on service oriented architecture consuming secure and reliable web services. This also helps in Distributed computing. The WCF also brings together the various communication models into a single model.

310. What is Windows workflow foundation?

Windows Workflow Foundation (WF):It is a platform for building, managing and executing workflow-enabled applications, for designing and implementing a programming model for controlling and communicating with workflows, a workflow execution engine and more.

311. What tag do you use to add a hyperlink column to the DataGrid?


312. Whatare the Application_Start and Session_Start subroutines used for?

These subroutines set the variables for the Application and Session objects.

313. What's the difference between trace and debug in ASP.NET?

  • The system.Diagnostics namespace contains the Debug and Trace classes for Tracing.
  • The difference between Trace and Debug class is that when we use Debug class for tracing, it will work in builds which have the debug symbol defined. While when we use Trace class for tracing, it will work in builds which have the Trace symbol defined.
  • System.Diagnostics.Trace.WriteLine namespace is used to trace when we want to work in debug and release builds, and System.Diagnostics.Debug.WriteLine namespace is used to trace when we want to work only in debug builds.
  • Tracing is the process of gathering information related to the program's execution whereas Debugging is the process of searching & solving errors in the program.

314. When can you use tracing with exception handling?

You can use tracing with exception handling to log unanticipated exception to the trace log. The log file can be used to diagnose unanticipated problems and thus can be corrected.

315. Where does VS.NET store Web application projects?

Web application projects create a virtual folder for each project where all the files of the projects are stored. The virtual folder can be viewed in IIS and property of that folder determines where the files are physically stored.

316. Which method has been introduced in ASP.NET 4.0 to redirect a page permanently?

The RedirectPermanent() method added in ASP.NET 4.0 to redirect a page permanently. The following code snippet is an example of the RedirectPermanent() method:

317. Why do you use the App_Code folder in ASP.NET?

The App_Code folder is automatically present in the project. It stores the files, such as classes, typed data set, text files, and reports. If this folder is not available in the application, you can add this folder. One of the important features of the App_Code folder is that only one dll is created for the complete folder, irrespective of how many files it contains.

318. Why is an object pool required?

To enhance performance and reduce the load of creating new objects, instead re using existing objects stored in memory pool. Object Pool is a container of objects that are for use and have already been created. Whenever an object creation request occurs, the pool manager serves the request by allocating an object from the pool. This minimizes the memory consumption and system's resources by recycling and re-using objects. When the task of an object is done, it is sent to the pool rather than being destroyed. This reduces the work for garbage collector and fewer memory allocations occur.

319. Why is exception handlingimportantfor an application?

Exception handling is used to prevent application from being stuck due to unusual occurrences. If the exceptions are handled properly, the application will never get terminated abruptly.

320. Why is the Machine.config file?

The Machine.config file controls issue like process recycling, number of request queue limits, and what interval to check if user is connected.

321. Windows authentication.

If windows authentication mode is selected for an ASP.NET application, then authentication also needs to be configured within IIS since it is provided by IIS.

IIS provides a choice for four different authentication methods:
Anonymous: IIS doesn't perform any authentication. All are allowed to access the ASP.NET application.

Basic: users must provide a windows username and password to connect. This information is plain text which makes this mode insecure.

Digest: Users need to provide a password which is sent over the network. However in this case the password is hashed. It also requires that all users be using IE 5 or later versions.

Windows integrated: passwords are not sent over the network. The application uses either the Kerberos or challenge/response protocols authenticate the user. Users need to be running IE 3.01 or later.

322. Write difference between overloading and overriding.

Overriding - Methods have the same signature as the parent class method.
Overloading - Methods have different parameters list or type or the return type.

323. Write namespace for user locale in ASP.NET


324. Write three common properties of all validation controls?

Three common properties of validation controls are as follows:

  • ControlToValidate - Provides a control to validate
         • ErrorMessage - Displays an error message
         • IsValid - Specifies if the control's validation has succeeded or not
         • Text - Displays a text for validation control before validation