Achieve New Updated (September) Microsoft 70-486 Examination Questions 81-90

Ensurepass

 

QUESTION 81

You are developing an ASP.NET MVC application.

 

The application provides a RESTful API for third-party applications. This API updates the information for a contact by embedding the information in the URL of an HTTP POST.

 

You need to save the Contact type when third-party applications use the EditContact method.

 

Which code segment should you use? (Each correct answer presents a complete solution. Choose all that apply.)

 

clip_image001

 

A.

Option A

B.

Option B

C.

Option C

D.

Option D

 

Correct Answer: BD

Explanation:

Basics of RESTful services:

 

REST stands for Representational State Transfer, it is a simple stateless architecture that runs over HTTP where each unique URL is representation of some resource. There are four basic design principles which should be followed when creating RESTful service:

 

Use HTTP methods (verbs) explicitly and in consistent way to interact with resources (Uniform Interface), i.e. to retrieve a resource use GET, to create a resource use POST, to update a resource use PUT/PATCH, and to remove a resource use DELETE.

Etc.

 

 

QUESTION 82

HOTSPOT

You are optimizing an Internet-facing website for search engine optimization.

 

You are reading a Site Analysis Report from the SEO Toolkit. The report returns warnings that indicate the website HTML lacks key information necessary for search engine indexing.

 

You need to improve the optimization of the site.

 

What should you do?

 

To answer, select the appropriate option from the drop-down list in the answer area.

 

clip_image003

 

Correct Answer:

clip_image005

QUESTION 83

You are designing a data-oriented application that features a variety of storage schemas. The application object model must be mapped to the various storage schemas. You need to enable developers to manipulate the data. Which ADO.NET data access strategy should you use? (Each correct answer presents a complete solution. Choose all that apply.)

 

A.

LINQ to SQL

B.

Entity Framework

C.

DataAdapter

D.

DataReader

 

Correct Answer: ABC

 

 

QUESTION 84

You are developing an ASP.NET MVC application that provides instant messaging capabilities to customers.

 

You have the following requirements:

 

clip_image007Messages must be able to be sent and received simultaneously.

clip_image007[1]Latency and unnecessary header data must be eliminated.

clip_image007[2]The application must comply with HTML5 standards.

 

You need to design the application to meet the requirements.

 

What should you do?

 

A.

Configure polling from the browser.

B.

Implement long-running HTTP requests.

C.

Implement WebSockets protocol on the client and the server.

D.

Instantiate a MessageChannel object on the client.

 

Correct Answer: D

 

 

QUESTION 85

You are developing an ASP.NET MVC application that uses forms authentication to verify that the user is logged in. Authentication credentials must be encrypted and secure so no user identity is exposed. You need to ensure that user credentials are persisted after users log on. Where should you store the credentials? (Each correct answer presents a complete solution. Choose all that apply.)

 

A.

In Session on the server

B.

In a cookie stored in the browser

C.

In ViewData in the application

D.

In TempData on the server

 

Correct Answer: AB

 

 

 

 

QUESTION 86

You are developing an ASP.NET MVC application that uses forms authentication. The application uses SQL queries that display customer order data. Logs show there have been several malicious attacks against the servers. You need to prevent all SQL injection attacks from malicious users against the application. How should you secure the queries?

 

A.

Check the input against patterns seen in the logs and other records.

B.

Escape single quotes and apostrophes on all string-based input parameters.

C.

Implement parameterization of all input strings.

D.

Filter out prohibited words in the input submitted by the users.

 

Correct Answer: C

Explanation:

SQL Injection Prevention, Defense Option 1: Prepared Statements (Parameterized Queries)

The use of prepared statements (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.

 

Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker.

 

Reference:

SQL Injection Prevention Cheat Sheet

 

 

QUESTION 87

You are developing an ASP.NET MVC application that uses forms authentication against a third-party database.

 

You need to authenticate the users.

 

Which code segment should you use?

 

clip_image008

 

A.

Option A

B.

Option B

C.

Option C

D.

Option D

 

Correct Answer: C

Explanation:

Class ProviderBase

The provider model is intended to encapsulate all or part of the functionality of multiple ASP.NET features, such as membership, profiles, and protected configuration.

 

 

QUESTION 88

You are designing an enterprise-level Windows Communication Foundation (WCF) application. User accounts will migrate from the existing system. The new system must be able to scale to accommodate the increasing load. You need to ensure that the application can handle large-scale role changes. What should you use for authorization? (Each correct answer presents a complete solution. Choose all that apply.)

 

A.

Resource-based trusted subsystem model

B.

Identity-based approach

C.

Role-based approach

D.

Resource-based impersonation/delegation model

 

Correct Answer: BC

Explanation:

Advanced Maturity: Authorization as a Service In the advanced level of maturity for authorization, role storage and management is consolidated and authorization itself is a service available to any solution that is service- enabled.

 

clip_image009

 

The Trusted Subsystems Model

 

Once authorization is available as an autonomous service, the need for impersonation is eliminated. Instead of assuming the identity of the user, the application uses its own credentials to access services and resources, but it captures the user’s identity and passes it as a parameter (or token) to be used for authorization when a request is

made. This model is referred to as the trusted subsystem model, because the application acts as a trusted subsystem within the security domain.

 

 

QUESTION 89

DRAG DROP

You are building an ASP.NET MVC web application.

 

The application will be viewed by users on their mobile phones.

 

You need to ensure that the page fits within the horizontal width of the device screens.

 

You have the following markup:

 

clip_image010

 

Which markup segments should you include in Target 1, Target 2 and Target 3 to complete the markup?

 

To answer, drag the appropriate markup segments to the correct targets. Each line of code may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

 

clip_image012

Correct Answer:

clip_image014

 

 

QUESTION 90

DRAG DROP

You are developing an ASP.NET MVC web application that requires HTML elements to take on new behaviors. These should be implemented with a behavior script in a page that is only for Microsoft Internet Explorer users.

 

The colorchange.js script uses the Microsoft CSS vendor-specific Behavior extension. You need to apply the script with CSS.

 

You need to use the script to change the color of text.

 

You have the following markup:

 

clip_image015

 

Which styles should you include in Target 1 and Target 2 to complete the markup?

 

To answer, drag the appropriate styles to the correct targets. Each style may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

 

clip_image016

 

Correct Answer:

clip_image017

 

 

 

 

 

Free VCE & PDF File for Microsoft 70-486 Real Exam

Instant Access to Free VCE Files: MCSE|MCSA|MCITP…
Instant Access to Free PDF Files: MCSE|MCSA|MCITP…