###BeginCaseStudy###
Case Study: 1
Scenario 1
Background
You are developing an ASP.NET MVC application in Visual Studio 2012 that will be used by
Olympic marathon runners to log data about training runs.
Business Requirements
The application stores date, distance, and duration information about a user’s training runs.
The user can view, insert, edit, and delete records.
The application must be optimized for accessibility.
All times must be displayed in the user’s local time.
Technical Requirements
Data Access:
Database access is handled by a public class named
RunnerLog.DataAccess.RunnerLogDb.
All data retrieval must be done by HTTP GET and all data updates must be done by HTTP
POST.
Layout:
All pages in the application use a master layout file named \Views\Shared\_Layout.cshtml.
Models:
The application uses the \Models\LogModel.cs model.
Views:
All views in the application use the Razor view engine.
Four views located in \Views\RunLog are named:
• _CalculatePace.cshtml
• EditLog.cshtml
• GetLog.cshtml
• InsertLog.cshtml
The application also contains a \Views\Home\Index.cshtml view.
Controllers:
The application contains a \Controllers\RunLogController.cs controller.
Images:
A stopwatch.png image is located in the \Images folder.
Videos:
A map of a runner’s path is available when a user views a run log. The map is implemented
as an Adobe Flash application and video. The browser should display the video natively if
possible, using H264, Ogg, or WebM formats, in that order. If the video cannot be displayed,
then the Flash application should be used.
Security:
You have the following security requirements:
• The application is configured to use forms authentication.
• Users must be logged on to insert runner data.
• Users must be members of the Admin role to edit or delete runner data.
• There are no security requirements for viewing runner data.
• You need to protect the application against cross-site request forgery.
• Passwords are hashed by using the SHA1 algorithm.
RunnerLog.Providers.RunLogRoleProvider.es contains a custom role provider.
Relevant portions of the application files follow. (Line numbers are included for reference only.)
Application Structure
###EndCaseStudy###
You need to add an action to RunLogController to validate the users’ passwords. Which
code segment should you use?
A.
Option A
B.
Option B
C.
Option C
D.
Option D
Shouldn’t the answer be C.
there is no mention of needing ssl.
pero por seguridad y estandar es necesario que nuestro login este usando HTTPS, por lo que este te permitira encriptar y descincriptar la informacion que es enviada tanto en el cliente y servidor por medio de certificados. como tambien evitara el espionaje que se realize para ver las contraseñas ingresada en mi aplicacion web al momento de logearse. es por aquello que siempre se recomienda que mi aplicacion maneje HTTPS al momento que el usuario se esta logeando o haciendo transaciones bancarias para evitar el espionaje a sus contraseñas. SSL
With usernames/passwords shouldn’t you always use SSL?
it’s a bad question.. could be b or c.. depends if we have ssl or not. assuming we have ssl available then b is correct
With usernames/passwords shouldn’t you always use SSL?
New 70-486 Exam Questions and Answers Updated Recently (3/May/2017):
NEW QUESTION 198
You are developing a controller for an ASP.NET MVC application that manages blog postings. The security protection built in to ASP.NET is preventing users from saving their HTML. You need to enable users to edit and save their HTML while maintaining existing security protection measures. Which code segment should you use?
IMAGE: passleader.org/wp-content/uploads/2017/05/passleader-70-486-dumps-1981.jpg
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Explanation:
Example:
ValidateInput at Action Method Level
The user can submit Html for this action method successfully with the following code.
public class HomeController : Controller
{
public ActionResult AddArticle()
{
return View();
}
[ValidateInput(false)]
[HttpPost]
public ActionResult AddArticle(BlogModel blog)
{
if (ModelState.IsValid)
{
}
return View();
}
}
NEW QUESTION 199
The application includes the following method. (Line numbers are included for reference only.)
IMAGE: passleader.org/wp-content/uploads/2017/05/passleader-70-486-dumps-1991.jpg
When users attempt to retrieve a product from the product page, a run-time exception occurs if the product does not exist. You need to route the exception to the CustomException.aspx page. Which line of code should you insert at line 05?
IMAGE: passleader.org/wp-content/uploads/2017/05/passleader-70-486-dumps-1992.jpg
A. Option A
B. Option B
C. Option C
D. Option D
Answer: B
NEW QUESTION 200
You develop an ASP.NET MVC application. The application is configured for claims-based authentication by using Windows Identity Foundation (WIF). You need to access the claims in the WIF token. Which code segment should you use?
A. Thread.CurrentPrincipal.Identity;
B. ((IClaimsPrincipal)Thread.CurrentPrincipal).Identities[0].Claims;
C. Thread.CurrentPrincipal;
D. ((IClaimsPrincipal)Thread.CurrentPrincipal).Identities[0].IsAuthenticated;
Answer: B
Explanation:
To Access the Claims
In order to access identity related information, you can run FedUtil. Once you have run FedUtil, your application can access IClaimsPrincipal and IClaimsIdentity using the standard ASP.NET constructs as shown in the following code example:
void Page_Load(object sender, EventArgs e)
{
// Cast the Thread.CurrentPrincipal
IClaimsPrincipal icp = Thread.CurrentPrincipal as IClaimsPrincipal; // Access IClaimsIdentity which contains claims
IClaimsIdentity claimsIdentity = (IClaimsIdentity)icp.Identity; // Access claims
foreach(Claim claim in claimsIdentity.Claims)
{
}
}
NEW QUESTION 201
You are developing an ASP.NET MVC application. The application has a contact view includes a form for editing the displayed contact. You need to save the Contact object model when the form is posted back to the EditContact method using a POST method request. Which code segment should you use? (Each correct answer presents a complete solution. Choose all that apply.)
A. public ActionResult EditContact(){var c = newContact(){FirstName = Request.QueryString [‘”FirstName”‘],LastName = Request.QueryString[“LastName”]},SaveContact(c);return View(c);}
B. public ActionResult EditContact(Contact c){SaveContact(c);return View(c);}
C. public ActionResult EditContact(FormCollection values){var c = newContact(){FirstName = values [‘”FirstName”‘],LastName = values[“LastName”]},SaveContact(c);return View(c);}
D. public ActionResult EditContact(QueryStringProvider values){var c = newContact(){FirstName = values.GetValue[‘”FirstName”‘],LastName = values.GetValue [“LastName”]},SaveContact(c);return View (c);}
Answer: AB
NEW QUESTION 202
You are developing an ASP.NET MVC application that enables you to edit and save a contact. The application must not save on an HTTP GET request. You need to implement the controller. Which two possible code segments should you use? Each correct answer presents a complete solution.
IMAGE: passleader.org/wp-content/uploads/2017/05/passleader-70-486-dumps-2021.png
IMAGE: passleader.org/wp-content/uploads/2017/05/passleader-70-486-dumps-2022.png
Answer: AB
Explanation:
A:
We retrieve the GET and POST methods through this.HttpContext.Request.RequestType.
B:
This is the default MVC implementation of having separate methods for GET and POST via function overloading.
Incorrect:
Not D: We retrieve the GET and POST methods through this.HttpContext.Request.RequestType, not through this.HttpContext.Request[“ActionName”].
NEW QUESTION 203
You are developing an ASP.NET MVC application. The application uses a set of custom exceptions to log errors that occur during the execution of an action. You need to develop a class that implements logging. Which interface should you implement?
A. IExceptionFilter
B. IActionFilter
C. IClientValidatable
D. IResultFilter
Answer: A
Explanation:
Exception filters are used to apply global policies to unhandled exceptions in the MVC app. Exception Filters implement either the IExceptionFilter or IAsyncExceptionFilter interface. Exception filters handle unhandled exceptions, including those that occur during controller creation and model binding. They are only called when an exception occurs in the pipeline.
NEW QUESTION 204
You create an ASP.NET MVC application. You host the application by using the Open Web Interface for .NET (OWIN).
You run the following command by using the NuGet Package Manager console:
install-package Microsoft.AspNet.SignalR
You plan to implement real-time push notifications from the server using ASP.NET SignalR. You need to complete the ASP.NET SignalR implementation. Which three steps should you perform? Each correct answer presents part of the solution.
A. Create a hub class to push content to clients.
B. Create a class that derives from the PersistentConnection class. Use the derived class to push content to clients.
C. Use the SignalR jQuery library in a web page to send messages to the hub and display updates from the hub.
D. Map a SignalR hub to the app builder pipeline by using an OWIN startup class.
E. Start the SignalR hub asynchronously and respond to the appropriate callback methods.
Answer: ACD
Explanation:
A:
In Solution Explorer, right-click the project, select Add | New Folder, and add a new folder named Hubs. Right-click the Hubs folder, click Add | New Item, select the Visual C# | Web | SignalR node in the Installed pane, select SignalR Hub Class (v2) from the center pane, and create a new hub named ChatHub.cs. You will use this class as a SignalR server hub that sends messages to all clients.
C:
Use the SignalR jQuery library in a web page to send messages and display updates from the hub.
D:
Create an OWIN startup class to configure the application.
NEW QUESTION 205
You are developing an ASP.NET MVC application. Devices that use many different browsers will use the application. You have the following requirements:
– Content must display correctly when a device is in landscape or portrait orientation.
– Content must not scale when the device orientation changes.
– Content must be displayed by using the maximum available screen space.
– The application must render properly in Internet Explorer 8 or later versions.
You need to configure the application. Which two actions should you perform? Each correct answer presents part of the solution.
A. Use JavaScript to evaluate the window.innerWidth and window.innerHeigh properties.
B. Set the value of the width property for the viewport meta tag to device-width.
C. Use CSS to target the HTML element on each page. Set the values of the width and height properties to 100%.
D. Use CSS media queries to target screen size, device orientation, and other browser capabilities.
Answer: BD
Explanation:
B:
If you want the viewport width to match the device’s physical pixels, you can specify the following:
For this to work correctly, you must not explicitly force elements to exceed that width (e.g., using a width attribute or CSS property), otherwise the browser will be forced to use a larger viewport regardless.
D:
Media queries in CSS3 extend the CSS2 media types idea: Instead of looking for a type of device, they look at the capability of the device. Media queries can be used to check many things, such as:
– width and height of the viewport
– width and height of the device
– orientation (is the tablet/phone in landscape or portrait mode) resolution
Using media queries are a popular technique for delivering a tailored style sheet to tablets, iPhone, and Androids.
References:
NEW QUESTION 206
……
P.S. These New 70-486 Exam Questions Were Just Updated From The Real 70-486 Exam, You Can Get The Newest 70-486 Dumps In PDF And VCE From — http://www.passleader.com/70-486.html (231q VCE and PDF)
Good Luck!
And, part of that new 231Q 70-486 dumps are available here:
https://drive.google.com/open?id=0B-ob6L_QjGLpflNtUWtkNlk3ODJFY0pqOUhqVFEwc0lrd0QtamRxUHFLLUdWZEVDaGtlQWM
Best Regards!