we provide Downloadable Microsoft exam 70 486 practice exam which are the best for clearing 70 486 study guide test, and to get certified by Microsoft Developing ASP.NET MVC 4 Web Applications. The 70 486 pdf Questions & Answers covers all the knowledge points of the real 70 486 exam dumps exam. Crack your Microsoft 70 486 dumps pdf Exam with latest dumps, guaranteed!
Q17. HOTSPOT - (Topic 4)
You are developing an ASP.NET MVC web application that enables users to open Microsoft Excel files.
The current implementation of the ExcelResult class is as follows.
You need to enable users to open Excel files. You have the following code:
Which code segments should you include in Target 1, Target 2 and Target 3 to implement the ExecuteResult method? To answer, select the appropriate option or options in the answer area.
Answer:
Q18. DRAG DROP - (Topic 3)
You need to ensure that the transcode.exe utility is installed before the worker role starts.
How should you implement the startup task? (To answer, drag the appropriate values to the correct element or attribute. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q19. - (Topic 4)
You are designing a localized ASP.NET MVC online shopping application that will be deployed to customers in the United States, China, France, and Brazil. The application must support multiple cultures so that content in the appropriate language is available in each area.
You need to ensure that the content can be viewed in several languages.
How should you implement this feature?
A. Use a resource (.resx) file to provide translations.
B. Use Systems.Collections.Generics.Dictionary to store alternative translations.
C. Ensure that all strings are marked internal to avoid conflict with internal literals.
D. Include language-specific content in the assembly manifest and use .NET culture libraries.
Answer: A
Explanation: A resource file is an XML file that contains the strings that you want to translate into different languages or paths to images. The resource file contains key/value pairs. Each pair is an individual resource. Key names are not case sensitive. For example, a resource file might contain a resource with the key Button1 and the value Submit. You create a separate resource file for each language (for example, English and French) or for a language and culture (for example English [U.K.], English [U.S.]). Each localized resource file has the same key/value pairs; the only difference is that a localized resource file can contain fewer resources than the default resource file. The built-in language fallback process then handles loading the neutral or default resource.
Reference: SP.NET Web Page Resources Overview
Q20. HOTSPOT - (Topic 1)
You need to implement the map of the runners' paths.
How should you build the video viewer? (To answer, select the appropriate options in the answer area.)
Answer:
Q21. - (Topic 4)
You are designing a localized ASP.NET application to support multiple cultures. You need to ensure that the application can be displayed in several languages. How should you implement this feature?
A. Use a resource (.resx) file.
B. Include language-specific content in the assembly manifest.
C. Use Systems.Collections.Generics.Dictionary to store alternative translations.
D. Ensure that all strings are marked internal.
Answer: A
Q22. - (Topic 4)
You are developing an ASP.NET MVC application that enables you to edit and save a
student object.
The application must not retrieve student objects on an HTTP POST request.
You need to implement the controller.
Which code segment should you use? (Each correct answer presents a complete solution.
Choose all that apply.)
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C,D
Q23. - (Topic 3)
You are creating a new authentication system that uses an HTTP header value.
The existing authentication system must continue to operate normally.
You need to implement the custom authentication.
What should you do? (Each correct answer presents a complete solution. Choose all that
apply.)
A. Create a class derived from ActionResult and check for a valid HTTP header value in the ExecuteResult method. Change all actions to return this new class.
B. Create an HttpHandler to check for a valid HTTP header value in the ProcessRequest method.
C. Create an HttpModule and check for a valid HTTP header value in the AuthenticateRequest event.
D. Create a class derived from AuthorizeAttribute and check for a valid HTTP header value in the AuthorizeCore method. Change usages of the existing AuthorizeAttribute to use the new class.
Answer: C,D
Q24. DRAG DROP - (Topic 4)
You are developing an ASP.NET MVC application. The application has a view that displays a list of orders in a multi-select list box.
You need to enable users to select multiple orders and submit them for processing.
What should you do? (To answer, drag the appropriate words to the correct targets. Each word may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q25. - (Topic 4)
You are developing an ASP.NET MVC application that uses forms authentication. The
application uses SQL queries that display customer order data.
Logs show there have been several malicious attacks against the servers.
You need to prevent all SQL injection attacks from malicious users against the application.
How should you secure the queries?
A. Check the input against patterns seen in the logs and other records.
B. Escape single quotes and apostrophes on all string-based input parameters.
C. Implement parameterization of all input strings.
D. Filter out prohibited words in the input submitted by the users.
Answer: C
Explanation: SQL Injection Prevention, Defense Option 1: Prepared Statements (Parameterized Queries) The use of prepared statements (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.
Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker.
Reference: SQL Injection Prevention Cheat Sheet
Q26. - (Topic 3)
You need to maximize performance of video delivery.
Which code segment should you use as the body of the GetVideoStream function in the Video-Controller class?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
Q27. - (Topic 4)
You are designing an HTML5 website.
You need to design the interface such that the content is viewable in all types of browsers, including screen readers.
What should you do? (Each correct answer presents a complete solution. Choose all that apply.)
A. Ensure that content elements have valid and descriptive names.
B. Use Resource Description Framework (RDF) to describe content elements.
C. Convert HTML forms to XForms.
D. Use HTML5 semantic markup elements.
E. Annotate content elements with Accessible Rich Internet Application (ARIA) attributes.
Answer: D,E
Q28. - (Topic 4)
You are developing an ASP.NET MVC application that uses forms authentication. The application uses SQL queries that display customer order data.
You need to prevent all SQL injection attacks against the application.
How should you secure the queries?
A. Implement parameterization.
B. Pattern check the input.
C. Filter out prohibited words in the input.
D. Escape single quotes on string-based input parameters.
Answer: A
Explanation: With most development platforms, parameterized statements that work with parameters can be used (sometimes called placeholders or bind variables) instead of embedding user input in the statement. A placeholder can only store a value of the given type and not an arbitrary SQL fragment. Hence the SQL injection would simply be treated as a strange (and probably invalid) parameter value.
Reference: https://en.wikipedia.org/wiki/SQL_injection#Parameterized_statements
Q29. - (Topic 1)
You need to make all of the rows in the table bold in the Views/RunLog/GetLog.cshtml view.
Which code segment should you use?
A. Table > th:last-child { font-weight: bold; }
B. Table+first-child{ font-weight: bold; }
C. Table>tr>th:nth-child{2){font-weight: bold; }
D. Table > tr {font-weight: bold;}
Answer: D
Q30. - (Topic 4)
You are developing an ASP.NET MVC news aggregation application that will be deployed to servers on multiple networks.
The application must be compatible with multiple browsers. A user can search the website for news articles. You must track the page number that the user is viewing in search results.
You need to program the location for storing state information about the user's search.
What should you do?
A. Store search results and page index in Session.
B. Use Application state to store search terms and page index.
C. Use QueryString to store search terms and page index.
D. Store search results and page index in TempData
Answer: C
Q31. DRAG DROP - (Topic 4)
You are developing an ASP.NET MVC application in Visual Studio. The application contains sensitive bank account data.
The application contains a helper class named SensitiveData.Helpers.CustomEncryptor.
The application contains a controller named BankAccountController with two actions.
The application contains a model named BankAccount, which is defined in the following code segment.
The application must not display AccountNumber in clear text in any URL.
You need to build the view for the GetAccounts action.
You have the following code:
Which code segments should you include in Target 1, Target 2 and Target 3 to build the view? To answer, drag the appropriate code segment to the correct targets. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q32. - (Topic 4)
You are designing an enterprise-level Windows Communication Foundation (WCF) application. User accounts will migrate from the existing system. The new system must be able to scale to accommodate the increasing load.
The new servers are experiencing significant stress under load of large-scale role changes.
You need to ensure that the application can handle the stress.
Which authorizations should you redesign? (Each correct answer presents a complete solution. Choose all that apply.)
A. Role-based approach
B. Identity-based approach
C. Resource-based trusted subsystem model
D. Resource-based impersonation/delegation model
Answer: A,C