Act now and download your Microsoft 70-486 test today! Do not waste time for the worthless Microsoft 70-486 tutorials. Download Most up-to-date Microsoft Developing ASP.NET MVC 4 Web Applications exam with real questions and answers and begin to learn Microsoft 70-486 with a classic professional.
2021 Dec 70-486 exams
Q11. - (Topic 4)
You are developing an ASP.NET MVC application by using Visual Studio 2012.
The application throws and handles exceptions when it runs.
You need to examine the state of the application when exceptions are thrown.
What should you do?
A. From the Debug menu in Visual Studio 2012, select Exceptions. Enable the Thrown check box for Common Language Runtime Exceptions.
B. From the DEBUG menu in Visual Studio 2012, select Attach to Process. Select the IIS process.
C. From the Debug menu in Visual Studio 2012, select Exceptions. Disable the User-unhandled check box for Common Language Runtime Exceptions.
D. From the TOOLS menu in Visual Studio 2012, click Customize. C!ic< tie Commands tab and select Debug.
Answer: A
Q12. - (Topic 4)
You are testing an ASP.NET application.
The test plan requires that tests run against the application's business layer.
You need to use the test project template that meets this requirement.
Which template should you use?
A. Web Test Project
B. Load Test Project
C. Unit Test Project
D. Coded Test Project
Answer: C
Q13. DRAG DROP - (Topic 4)
You are developing an ASP.NET MVC application that takes customer orders.
Orders are restricted to customers with IP addresses based in the United States.
You need to implement a custom route handler.
How should you implement the route handler? (To answer, drag the appropriate line of code to the correct location or locations. Each line of code may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q14. - (Topic 3)
You need to ensure that all the MVC controllers are secure.
Which code segment should you use as the body for the CreateController method in AdminVerifierFactory.cs?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Q15. DRAG DROP - (Topic 4)
You are developing an ASP.NET MVC application. The application has a view that displays a list of orders in a multi-select list box.
You need to enable users to select multiple orders and submit them for processing.
What should you do? (To answer, drag the appropriate words to the correct targets. Each word may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Updated 70-486 test engine:
Q16. - (Topic 4)
You are designing an enterprise-level Windows Communication Foundation (WCF) application. User accounts will migrate from the existing system. The new system must be able to scale to accommodate the increasing load.
You need to ensure that the application can handle large-scale role changes.
What should you use for authorization? (Each correct answer presents a complete solution. Choose all that apply.)
A. Resource-based trusted subsystem model
B. Identity-based approach
C. Role-based approach
D. Resource-based impersonation/delegation model
Answer: B,C
Explanation: Advanced Maturity: Authorization as a Service In the advanced level of maturity for authorization, role storage and management is consolidated and authorization itself is a service available to any solution that is service-enabled.
* The Trusted Subsystems Model
Once authorization is available as an autonomous service, the need for impersonation is eliminated. Instead of assuming the identity of the user, the application uses its own credentials to access services and resources, but it captures the user's identity and passes it as a parameter (or token) to be used for authorization when a request is made. This model is referred to as the trusted subsystem model, because the application acts as a trusted subsystem within the security domain.
Q17. - (Topic 4)
You are developing an ASP.NET MVC application in Visual Studio 2012. The application supports multiple cultures.
The application contains three resource files in the Resources directory:
My Dictionary.resx
MyDictionary.es.resx
MyDictionary.fr.resx
Each file contains a public resource named Title with localized translation.
The application is configured to set the culture based on the client browser settings.
The application contains a controller with the action defined in the following code segment. (Line numbers are included for reference only.)
You need to set ViewBag.Title to the localized title contained in the resource files.
Which code segment should you add to the action at line 03?
A. ViewBag.Title = HttpContext.GetGlobalResourceObuect("MyDictionary", "Title");
B. ViewBag.Title = HttpContext.GetGlobalResourceObject("MyDictionary", "Title", new System.Globalization.CultureInfo("en"));
C. ViewBag.Title = Resources.MyDictionary.Title;
D. ViewBag.Title = HttpContext.GetLocalResourceObject("MyDictionary", "Title");
Answer: C
Q18. HOTSPOT - (Topic 4)
You are developing an ASP.NET MVC 4 application. You are using IntelliTrace to debug the application. You configure IntelliTrace as shown in the screenshot below.
To answer, make the appropriate selections in the answer area.
Answer:
Q19. - (Topic 4)
You are developing an ASP.NET MVC application that uses forms authentication. The
application uses SQL queries that display customer order data.
Logs show there have been several malicious attacks against the servers.
You need to prevent all SQL injection attacks from malicious users against the application.
How should you secure the queries?
A. Check the input against patterns seen in the logs and other records.
B. Escape single quotes and apostrophes on all string-based input parameters.
C. Implement parameterization of all input strings.
D. Filter out prohibited words in the input submitted by the users.
Answer: C
Explanation: SQL Injection Prevention, Defense Option 1: Prepared Statements (Parameterized Queries) The use of prepared statements (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied.
Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker.
Reference: SQL Injection Prevention Cheat Sheet
Q20. - (Topic 2)
You updated the web.config file with the HTTP run-time value required to display an alternative version of the site.
You need to ensure that the correct page displays to the users.
Which code segment should you use to update the controller?
A. If (Request.IsTabletDevice)
B. If (Request.Browser.IsBrowser("Mobile"))
C. If (Request.UserAgent["Tablet"])
D. If (Request.Browser.IsMobileDevice)
Answer: D