aiotestking uk

70-486 Exam Questions - Online Test


70-486 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. - (Topic 1) 

You need to extend the edit functionality of RunLogController. Which code segment should you use? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

Answer:

Q2. - (Topic 1) 

You need to make all of the rows in the table bold in the Views/RunLog/GetLog.cshtml view. 

Which code segment should you use? 

A. Table > th:last-child { font-weight: bold; } 

B. Table+first-child{ font-weight: bold; } 

C. Table>tr>th:nth-child{2){font-weight: bold; } 

D. Table > tr {font-weight: bold;} 

Answer:

Q3. - (Topic 3) 

You are creating a new authentication system that uses an HTTP header value. 

The existing authentication system must continue to operate normally. 

You need to implement the custom authentication. 

What should you do? (Each correct answer presents a complete solution. Choose all that 

apply.) 

A. Create a class derived from ActionResult and check for a valid HTTP header value in the ExecuteResult method. Change all actions to return this new class. 

B. Create an HttpHandler to check for a valid HTTP header value in the ProcessRequest method. 

C. Create an HttpModule and check for a valid HTTP header value in the AuthenticateRequest event. 

D. Create a class derived from AuthorizeAttribute and check for a valid HTTP header value in the AuthorizeCore method. Change usages of the existing AuthorizeAttribute to use the new class. 

Answer: C,D 

Q4. - (Topic 4) 

You are developing an ASP.NET MVC application that supports multiple cultures and multiple languages. The application will be sold to international customers. 

The ASP.NET MVC application must store localized content in satellite assemblies for multiple languages. 

You need to generate the satellite assemblies during an automated build. 

Which tool should you use? 

A. Gacutil.exe 

B. Al.exe 

C. Ildasm.exe 

D. nasm.exe 

Answer:

Explanation: Use the Assembly Linker (Al.exe) to compile .resources files into satellite assemblies. Al.exe creates an assembly from the .resources files that you specify. By definition, satellite assemblies can only contain resources. They cannot contain any executable code. 

The following Al.exe command creates a satellite assembly for the application MyApp from the file strings.de.resources. 

al /t:lib /embed:strings.de.resources /culture:de /out:MyApp.resources.dll 

Q5. - (Topic 4) 

You are implementing a website redesign of an existing website that provides historical weather condition maps. 

The current layout resembles the graphic in the exhibit. (Click the Exhibit button.) 

Year selection is implemented as a set of links, which causes the page to reload when the user changes the year. The year selection HTML is contained in a div with an id of "year-selector". 

You need to modify the page so that the user can change the year without the page reloading. 

You also need to ensure that there is minimal change to the design of the page. 

Which code segment should you use? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

Answer:

Q6. - (Topic 4) 

You are developing an ASP.NET MVC application that uses forms authentication. The 

application uses SQL queries that display customer order data. 

Logs show there have been several malicious attacks against the servers. 

You need to prevent all SQL injection attacks from malicious users against the application. 

How should you secure the queries? 

A. Check the input against patterns seen in the logs and other records. 

B. Escape single quotes and apostrophes on all string-based input parameters. 

C. Implement parameterization of all input strings. 

D. Filter out prohibited words in the input submitted by the users. 

Answer:

Explanation: SQL Injection Prevention, Defense Option 1: Prepared Statements (Parameterized Queries) The use of prepared statements (aka parameterized queries) is how all developers should first be taught how to write database queries. They are simple to write, and easier to understand than dynamic queries. Parameterized queries force the developer to first define all the SQL code, and then pass in each parameter to the query later. This coding style allows the database to distinguish between code and data, regardless of what user input is supplied. 

Prepared statements ensure that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker. 

Reference: SQL Injection Prevention Cheat Sheet

Q7. DRAG DROP - (Topic 1) 

You need to implement security according to the business requirements. 

You have the following code: 

Which code segments should you include in Target 1, Target 2, Target 3 and Target 4 to modify RunLogController? To answer, drag the appropriate code segment to the correct targets. Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer:  

Q8. HOTSPOT - (Topic 1) 

You need to ensure that only valid parameters are passed to the EditLog action. 

How should you build the route? (To answer, select the appropriate options in the answer area.) 

Answer:  

Q9. - (Topic 3) 

You need to ensure that all customers can delete videos regardless of their browser capability. 

Which code segment should you use as the body of the SendAsync method in the DeleteHandler class? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

Answer:

Q10. DRAG DROP - (Topic 3) 

You need to ensure that the transcode.exe utility is installed before the worker role starts. 

How should you implement the startup task? (To answer, drag the appropriate values to the correct element or attribute. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.) 

Answer: