Q1. - (Topic 2) 

You need to configure session storage in the web.config file to meet the technical requirements for scalability. 

Which SessionState mode should you use? (Each correct answer presents a complete solution. Choose all that apply.) 

A. StateServer 

B. InProc 

C. AutoDetect 

D. SqlServer 

View Answer

Q2. - (Topic 2) 

When users attempt to retrieve a product from the product page, a run-time exception 

occurs if the product does not exist. 

You need to route the exception to the CustomException.aspx page. 

Which method should you add to MvcApplication? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

View Answer

Q3. - (Topic 4) 

You are developing an ASP.NET MVC application. 

The application must allow users to enter JavaScript in a feedback text box only. 

You need to disable request validation. 

What should you do? 

A. Apply and set the CausesClientSideValidation attribute on the text box to FALSE. 

B. Apply and set the ValidateInput attribute on the text box to FALSE. 

C. Use the HttpRequest.Unvalidated property to read the unvalidated form value. 

D. Use the HttpRequest.Form property to read the unvalidated form value. 

View Answer

Q4. - (Topic 4) 

You are developing an ASP.NET MVC application by using Visual Studio. 

The application throws and handles exceptions when it runs. 

You need to examine the state of the application when exceptions are thrown. 

What should you do? 

A. Add the following code to the web.config file of the application. 

<customErrors mode=”On” > 

<error statusCode=”404” redirect=”CustomErrors.html” /> 

</customErrors> 

B. From the Debug menu in Visual Studio, select Exceptions. Disable the User-unhandled 

check box for Common Language Runtime Exceptions. 

C. Add the following code to the web.config file of the application. 

<customErrors mode=“On” > 

<error statusCode=”500” redirect=”CustomErrors.html” /> 

</customErrors> 

D. From the Debug menu in Visual Studio, select Exceptions. Enable the Thrown check 

box for Common Language Runtime Exceptions. 

View Answer

Q5. - (Topic 3) 

You are creating a new authentication system that uses an HTTP header value. 

The existing authentication system must continue to operate normally. 

You need to implement the custom authentication. 

What should you do? (Each correct answer presents a complete solution. Choose all that 

apply.) 

A. Create a class derived from ActionResult and check for a valid HTTP header value in the ExecuteResult method. Change all actions to return this new class. 

B. Create an HttpHandler to check for a valid HTTP header value in the ProcessRequest method. 

C. Create an HttpModule and check for a valid HTTP header value in the AuthenticateRequest event. 

D. Create a class derived from AuthorizeAttribute and check for a valid HTTP header value in the AuthorizeCore method. Change usages of the existing AuthorizeAttribute to use the new class. 

View Answer

Q6. - (Topic 4) 

You are designing an enterprise-level Windows Communication Foundation (WCF) application. User accounts will migrate from the existing system. The new system must be able to scale to accommodate the increasing load. 

The new servers are experiencing significant stress under load of large-scale role changes. 

You need to ensure that the application can handle the stress. 

Which authorizations should you redesign? (Each correct answer presents a complete solution. Choose all that apply.) 

A. Role-based approach 

B. Identity-based approach 

C. Resource-based trusted subsystem model 

D. Resource-based impersonation/delegation model 

View Answer

Q7. HOTSPOT - (Topic 4) 

You are developing an ASP.NET MVC application. The layout page of the application references the jQuery library. You develop a view that uses the layout page. The view includes the following markup: 

The application includes the following class: 

When a user clicks the button, an AJAX call must retrieve the partial view and append it to the newBooks div element. 

You need to implement the AJAX request. 

How should you complete the relevant code? To answer, select the appropriate code segment from each list in the answer area. 

View Answer

Q8. DRAG DROP - (Topic 4) 

You are developing an ASP.NET MVC application in Visual Studio. The application contains sensitive bank account data. 

The application contains a helper class named SensitiveData.Helpers.CustomEncryptor. 

The application contains a controller named BankAccountController with two actions. 

The application contains a model named BankAccount, which is defined in the following code segment. 

The application must not display AccountNumber in clear text in any URL. 

You need to build the view for the GetAccounts action. 

You have the following code: 

Which code segments should you include in Target 1, Target 2 and Target 3 to build the view? To answer, drag the appropriate code segment to the correct targets. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

View Answer

Q9. HOTSPOT - (Topic 4) 

You develop an ASP.NET MVC application. The application includes a feature that allows users to reset their passwords. The feature is enabled by a ForgotPassword controller method and a corresponding Razor view. 

You need to prevent Cross-Site Request Forgery (CSRF) attacks. 

How should you complete the relevant code? To answer, select the appropriate code segment from each list in the answer area. 

View Answer

Q10. - (Topic 3) 

You need to ensure that all the MVC controllers are secure. 

Which code segment should you use as the body for the CreateController method in AdminVerifierFactory.es? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

View Answer