Which data store should you use?

You are designing a distributed banking application that handles multiple customers. A user may log on to the site to perform activities such as checking balances, performing transactions, and other activities that must be done securely.
The application must store secure information that is specific to an individual user. The data must be automatically and securely purged when the user logs off.
You need to save transient information in a secure data store.
Which data store should you use?
A. NET session state
B. NET profile properties
C. NET application state
D. Shared database

Answer: A

How should you implement model binding for the ReservationLocation type?

DRAG DROP
You are developing an ASP.NET MVC web application in Visual Studio 2012.
The application has a model named ReservationLocation that contains properties named City and State.
The view that displays reservations has a single text box named loc for entering the location information. The location is entered as city, state.
There are action methods that have ReservationLocation as a parameter type.
You need to ensure that the City and State properties are correctly populated.
How should you implement model binding for the ReservationLocation type? (To answer, drag the appropriate code segment to the correct location or locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

image146 - How should you implement model binding for the ReservationLocation type?

Answer:

image148 - How should you implement model binding for the ReservationLocation type?

How should you build the view?

DRAG DROP
You are developing an ASP.NET MVC application in Visual Studio 2012. The application contains sensitive bank account data.
The application contains a helper class named SensitiveData.Helpers.CustomEncryptor.

image170 - How should you build the view?
The application must not display AccountNumber in clear text in any URL.
You need to build the view for the GetAccounts action.
How should you build the view? (To answer, drag the appropriate code segment to the correct location or locations. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

image172 - How should you build the view?

Answer:

image174 - How should you build the view?

How should you secure the queries?

You are developing an ASP.NET MVC application that uses forms authentication. The application uses SQL queries that display customer order data.
You need to prevent all SQL injection attacks against the application.
How should you secure the queries?
A. Implement parameterization.
B. Pattern check the input.
C. Filter out prohibited words in the input.
D. Escape single quotes on string-based input parameters.

Answer: A
Explanation:
With most development platforms, parameterized statements that work with parameters can be used (sometimes called placeholders or bind variables) instead of embedding user input in the statement. A placeholder can only store a value of the given type and not an arbitrary SQL fragment. Hence the SQL injection would simply be treated as a strange (and probably invalid) parameter value.
References:

Which code segments should you include in Target 1, Target 2 and Target 3 to build the view?

DRAG DROP
You are developing an ASP.NET MVC application in Visual Studio. The application contains sensitive bank account data.
The application contains a helper class named SensitiveData.Helpers.CustomEncryptor.

image359 - Which code segments should you include in Target 1, Target 2 and Target 3 to build the view?
The application contains a controller named BankAccountController with two actions.

image361 - Which code segments should you include in Target 1, Target 2 and Target 3 to build the view?
The application contains a model named BankAccount, which is defined in the following code segment.

image363 - Which code segments should you include in Target 1, Target 2 and Target 3 to build the view?
The application must not display AccountNumber in clear text in any URL.
You need to build the view for the GetAccounts action.
You have the following code:

image365 - Which code segments should you include in Target 1, Target 2 and Target 3 to build the view?
Which code segments should you include in Target 1, Target 2 and Target 3 to build the view? To answer, drag the appropriate code segment to the correct targets. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

image367 - Which code segments should you include in Target 1, Target 2 and Target 3 to build the view?

Answer:

image369 - Which code segments should you include in Target 1, Target 2 and Target 3 to build the view?

Which code segment should you use?

You need to make all of the rows in the table bold in the Views/RunLog/GetLog.cshtml view.
Which code segment should you use?
A. Table > th:last-child { font-weight: bold; }
B. Table+first-child{ font-weight: bold; }
C. Table>tr>th:nth-child{2){font-weight: bold; }
D. Table > tr {font-weight: bold ;}

Answer: D

Which server-side state management option should you use?

You are designing a distributed application.
The application must store a small amount of insecure global information that does not change frequently.
You need to configure the application to meet the requirements.
Which server-side state management option should you use? (Each correct answer presents a complete solution. Choose all that apply.)
A. Application state
B. Session state
C. Database support
D. Profile properties

Answer: A,C

What should you do?

You need to implement the business requirements for managing customer data.
What should you do? (Each correct answer presents part of the solution. Choose all that apply.)
A. Add a class named Customer-Controller to the Controllers folder. Then add a method named Edit to the class.
B. Create a new controller named Administration in the Controllers folder. Add an action named EditCustomer to the controller.
C. Add a folder named Customer to the Views folder. Then create a view inside this folder named Edit.aspx.
D. Create a new folder named EditCustomer to the Views folder. In the new folder, create a new file named Administration.aspx.

Answer: A, B

What should you do?

You are developing an ASP.NET MVC application.
The application must allow users to enter HTML in a feedback text box only.
You need to disable request validation.
What should you do?
A. Use the HttpRequest.Form property to read the unvalidated form value.
B. Apply and set the Validatelnput attribute on the controller action to FALSE.
C. Use the HttpRequest.Unvalidated property to read the unvalidated form value.
D. Apply and set the CausesValidation attribute on the controller action to FALSE.

Answer: C
Explanation:
The HttpRequest.Unvalidated Property provides access to HTTP request values without triggering request validation.