IT認証試験問題集
毎月、GOWUKAKUは1500人以上の受験者が試験準備を助けて、試験に合格するために受験者にご協力します
 ホームページ / 70-486 問題集  / 70-486 問題練習

Microsoft 70-486 問題練習

Developing ASP.NET MVC 4 Web Applications 試験

最新更新時間: 2024/03/19,合計255問。

【2024年3月キャンペーン】:70-486 最新真題を買う時、日本語版と英語版両方を同時に獲得できます。

実際の問題集を練習し、試験のポイントを了解し、テストに申し込むするかどうかを決めることができます。

さらに試験準備時間の35%を節約するには、70-486 問題集を使用してください。

 / 7

Question No : 1
You are designing an enterprise-level Windows Communication Foundation (WCF) application. User accounts will migrate from the existing system. The new system must be able to scale to accommodate the increasing load.
You need to ensure that the application can handle large-scale role changes.
What should you use for authorization? (Each correct answer presents a complete solution. Choose all that apply.)

正解:
Explanation:
Advanced Maturity: Authorization as a Service
In the advanced level of maturity for authorization, role storage and management is consolidated and authorization itself is a service available to any solution that is service-enabled.



* The Trusted Subsystems Model
Once authorization is available as an autonomous service, the need for impersonation is eliminated. Instead of assuming the identity of the user, the application uses its own credentials to access services and resources, but it captures the user's identity and passes it as a parameter (or token) to be used for authorization when a request is made. This model is referred to as the trusted subsystem model, because the application acts as a trusted subsystem within the security domain.

Question No : 2
You are developing an ASP.NET MVC application that uses forms authentication against a third-party database.
You need to authenticate the users.
Which code segment should you use?



正解:
Explanation:
ASP.NET membership is designed to enable you to easily use a number of different membership providers for your ASP.NET applications.
There are two primary reasons for creating a custom membership provider.
* You need to store membership information in a data source that is not supported by the membership providers included with the .NET Framework, such as a FoxPro database, an Oracle database, or other data sources.
* You need to manage membership information using a database schema that is different from the database schema used by the providers that ship with the .NET Framework.
To implement a membership provider, you create a class that inherits the MembershipProvider abstract class from the System.Web.Security namespace.
Incorrect:
Not C: Class ProviderBase
The provider model is intended to encapsulate all or part of the functionality of multiple ASP.NET features, such as membership, profiles, and protected configuration.
References: https://msdn.microsoft.com/en-us/library/f1kyba5e.aspx

Question No : 3
You are developing an ASP.NET MVC application that uses forms authentication. The application uses SQL queries that display customer order data.
Logs show there have been several malicious attacks against the servers.
You need to prevent all SQL injection attacks from malicious users against the application.
How should you secure the queries?

正解:
Explanation:
SQL Injection Prevention, Defense Option 1: Prepared Statements (Parameterized Queries) The use of prepared statements (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.
Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker.
References:

Question No : 4
You are developing an ASP.NET MVC application that uses forms authentication to verify that the user is logged in.
Authentication credentials must be encrypted and secure so no user identity is exposed.
You need to ensure that user credentials are persisted after users log on.
Where should you store the credentials? (Each correct answer presents a complete solution. Choose all that apply.)

正解:
Explanation:
Server sessions and cookies can both be configured to secure and they both persist after the users log on.
Incorrect:
Not C: ViewData's life only lasts during current http request.
Not D: TempData is a bucket where you can dump data that is only needed for the following request. That is, anything you put into TempData is discarded after the next request completes.

Question No : 5
You are developing an ASP.NET MVC application that provides instant messaging capabilities to customers.
You have the following requirements:



You need to design the application to meet the requirements.
What should you do?

正解:

Question No : 6
You are designing a data-oriented application that features a variety of storage schemas. The application object model must be mapped to the various storage schemas.
You need to enable developers to manipulate the data.
Which ADO.NET data access strategy should you use? (Each correct answer presents a complete solution. Choose all that apply.)

正解:

Question No : 7
HOTSPOT
HOTSPOT
You are optimizing an Internet-facing website for search engine optimization.
You are reading a Site Analysis Report from the SEO Toolkit. The report returns warnings that indicate the website HTML lacks key information necessary for search engine indexing.
You need to improve the optimization of the site.
What should you do? (To answer, select the appropriate option from the drop-down list in the answer area.)



正解:

Question No : 8
You are developing an ASP.NET MVC application.
The application provides a RESTful API for third-party applications. This API updates the information for a contact by embedding the information in the URL of an HTTP POST. You need to save the Contact type when third-party applications use the EditContact method.
Which code segment should you use? {Each correct answer presents a complete solution. Choose all that apply.)



正解:
Explanation:
Basics of RESTful services:
REST stands for Representational State Transfer, it is a simple stateless architecture that runs over HTTP where each unique URL is representation of some resource. There are four basic design principles which should be followed when creating RESTful service:
* Use HTTP methods (verbs) explicitly and in consistent way to interact with resources (Uniform Interface), i.e. to retrieve a resource use GET, to create a resource use POST, to update a resource use PUT/PATCH, and to remove a resource use DELETE.
Etc.

Question No : 9
DRAG DROP
You are developing an ASP.NET MVC application. The application has a view that displays a list of orders in a multi-select list box.
You need to enable users to select multiple orders and submit them for processing.
What should you do? (To answer, drag the appropriate words to the correct targets. Each word may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)



正解:

Question No : 10
You are preparing for the deployment of an ASP.NET MVC application. You need to generate a deployment manifest.
Which command-line tool should you use?

正解:
Explanation:
The Manifest Generation and Editing Tool (Mage.exe) is a command-line tool that supports the creation and editing of application and deployment manifests.
Incorrect:
Not B: The Native Image Generator (Ngen.exe) is a tool that improves the performance of managed applications. Ngen.exe creates native images
Not C: Al.exe generates a file with an assembly manifest, not an deployment manifest, from one or more files that are either resource files or Microsoft intermediate language (MSIL) files.
Not D: Resgen.exe, the Resource File Generator, converts text (.txt or .restext) files and XML-based resource format (.resx) files to common language runtime binary (.resources) files that can be embedded in a runtime binary executable or compiled into satellite assemblies.
References: http://www.devcurry.com/2011/02/important-net-framework-40-command-line.html

Question No : 11
You are developing an ASP.NET MVC application that supports multiple cultures and multiple languages. The application will be sold to international customers.
The ASP.NET MVC application must store localized content in satellite assemblies for multiple languages.
You need to generate the satellite assemblies during an automated build.
Which tool should you use?

正解:
Explanation:
Use the Assembly Linker (Al.exe) to compile .resources files into satellite assemblies. Al.exe creates an assembly from the .resources files that you specify. By definition, satellite assemblies can only contain resources. They cannot contain any executable code.
The following Al.exe command creates a satellite assembly for the application MyApp from the file strings.de.resources.
al /t:lib /embed:strings.de.resources /culture:de /out:MyApp.resources.dll References: https://technet.microsoft.com/en-us/library/21a15yht(v=vs.85)

Question No : 12
You are developing an ASP.NET MVC application. The application must allow users to enter HTML in a feedback text box only. You need to disable request validation.
What should you do?

正解:
Explanation:
The HttpRequest.Unvalidated Property provides access to HTTP request values without triggering request validation.

Question No : 13
You are designing a distributed banking application that handles multiple customers. A user may log on to the site to perform activities such as checking balances, performing transactions, and other activities that must be done securely.
The application must store secure information that is specific to an individual user. The data must be automatically and securely purged when the user logs off.
You need to save transient information in a secure data store.
Which data store should you use?

正解:

Question No : 14
You are developing an ASP.NET MVC web application for viewing a photo album. The application is designed for devices that support changes in orientation, such as tablets and smartphones. The application displays a grid of photos in portrait mode.
When the orientation changes to landscape, each tile in the grid expands to include a description. The HTML that creates the gallery interface resembles the following markup.



If this CSS is omitted, the existing CSS displays the tiles in landscape mode.
You need to update the portrait mode CSS to apply only to screens with a width less than 500 pixels.
Which code segment should you use?

正解:
Explanation:
Screen is used for computer screens, tablets, smart-phones etc. max-width is the maximum width of the display area, such as a browser window.
References: http://www.w3schools.com/cssref/css3_pr_mediaquery.asp

Question No : 15
HOTSPOT
You are developing an ASP.NET MVC application that has pages for users who browse the site with Windows Phone 7.
The pages for Windows Phone 7 include the following files:



You need to update the application so that it renders the customized files correctly to Windows Phone 7 users.
You have the following code:



How should you update the Application_Start method? (To answer, select the appropriate option from the drop-down list in the answer area.)






正解:

 / 7