Interview questions and Answers for ASP .NET, Framework, ADO.NET, Security, Configuration,
Authentication, IIS Hosting
Interview question and answers for ASP.Net, Interview question and answers for ASP.NET
configuration, authentication. ASP.Net interview question and answers for ADO.NET.
Interview question and answers for framework, CLR, CLS, CLI. Interview question
and answers for server control. ASP.NET interview question and answers for server
side and client side validation control. Interview question and answers for ASP.NET
web and custom control.
Interview question and answers for creating and using ASP.NET XML Web services,
Application and session objects.
1. Difference between thread and process?
Thread - is used to execute more than one program at a time.
process - executes single program
2. Explain Namespace
Namespaces are logical groupings of names used within a program. There may be multiple
namespaces in a single application code, grouped based on the identifiers’ use.
The name of any given identifier must appear only once in its namespace.
3. List the types of Authentication supported by ASP.NET.
None (Security disabled)
4. What is CLR?
Common Language Runtime (CLR) is a run-time environment that manages the execution
of .NET code and provides services like memory management, debugging, security,
etc. The CLR is also known as Virtual Execution System (VES).
5. What is CLI?
The CLI is a set of specifications for a runtime environment, including a common
type system, base class library, and a machine-independent intermediate code known
as the Common Intermediate Language (CIL).
6. List the various stages of Page-Load lifecycle.
7. Explain Assembly and Manifest.
An assembly is a collection of one or more files and one of them (DLL or EXE) contains
a special metadata called Assembly Manifest. The manifest is stored as binary data
and contains details like versioning requirements for the assembly, the author,
security permissions, and list of files forming the assembly. An assembly is created
whenever a DLL is built. The manifest can be viewed programmatically by making use
of classes from the System.Reflection namespace. The tool Intermediate Language
Disassembler (ILDASM) can be used for this purpose. It can be launched from the
command prompt or via Start -- Run.
8. What is Shadow Copy?
In order to replace a COM component on a live web server, it was necessary to stop
the entire website, copy the new files and then restart the website. This is not
feasible for the web servers that need to be always running. .NET components are
different. They can be overwritten at any time using a mechanism called Shadow Copy.
It prevents the Portable Executable (PE) files like DLLs and EXEs from being locked.
Whenever new versions of the PEs are released, they are automatically detected by
the CLR and the changed components will be automatically loaded. They will be used
to process all new requests not currently executing, while the older version still
runs the currently executing requests. By bleeding out the older version, the update
9. What is DLL Hell?
DLL hell is the problem that occurs when an installation of a newer application
might break or hinder other applications as newer DLLs are copied into the system
and the older applications do not support or are not compatible with them. .NET
overcomes this problem by supporting multiple versions of an assembly at any given
time. This is also called side-by-side component versioning.
10. Explain Web Services.
Web services are programmable business logic components that provide access to functionality
through the Internet. Standard protocols like HTTP can be used to access them. Web
services are based on the Simple Object Access Protocol (SOAP), which is an application
of XML. Web services are given the .asmx extension.
11. Explain Windows Forms.
Windows Forms is employed for developing Windows GUI applications. It is a class
library that gives developers access to Windows Common Controls with rich functionality.
It is a common GUI library for all the languages supported by the .NET Framework.
12. What is Postback?
When an action occurs (like button click), the page containing all the controls
within the (FORM... ) tag performs an HTTP POST, while having itself as the target
URL. This is called Postback.
13. Explain the differences between server-side and client-side code?
Server side scripting means that all the script will be executed by the server and
interpreted as needed. Client side scripting means that the script will be executed
immediately in the browser such as form field validation, clock, email validation,
code is included in the HTML page, anyone can see the code by viewing the page source.
It also poses as a possible security hazard for the client computer.
14. Enumerate the types of Directives.
@ Page directive
@ Import directive
@ Implements directive
@ Register directive
@ Assembly directive
@ OutputCache directive
@ Reference directive
15. What is Code-Behind?
Code-Behind is a concept where the contents of a page are in one file and the server-side
code is in another. This allows different people to work on the same page at the
same time and also allows either part of the page to be easily redesigned, with
no changes required in the other. An Inherits attribute is added to the @ Page directive
to specify the location of the Code-Behind file to the ASP.NET page.
16. Describe the difference between inline and code behind.
Inline code is written along side the HTML in a page. There is no separate distinction
between design code and logic code. Code-behind is code written in a separate file
and referenced by the .aspx page.
17. List the ASP.NET validation controls?
18. What is Data Binding?
Data binding is a way used to connect values from a collection of data (e.g. DataSet)
to the controls on a web form. The values from the dataset are automatically displayed
in the controls without having to write separate code to display them.
19. Describe Paging in ASP.NET.
The DataGrid control in ASP.NET enables easy paging of the data. The AllowPaging
property of the DataGrid can be set to True to perform paging. ASP.NET automatically
performs paging and provides the hyperlinks to the other pages in different styles,
based on the property that has been set for PagerStyle.Mode.
20. Should user input data validation occur server-side or client-side? Why?
All user input data validation should occur on the server and minimally on the client-side,
though it is a good way to reduce server load and network traffic because we can
ensure that only data of the appropriate type is submitted from the form. It is
totally insecure. The user can view the code used for validation and create a workaround
for it. Secondly, the URL of the page that handles the data is freely visible in
the original form page. This will allow unscrupulous users to send data from their
own forms to your application. Client-side validation can sometimes be performed
where deemed appropriate and feasible to provide a richer, more responsive experience
for the user.
21. What is the difference between Server. Transfer and Response.Redirect?
* Response.Redirect: This tells the browser that the requested page can be found
at a new location. The browser then initiates another request to the new page loading
its contents in the browser. This results in two requests by the browser.
* Server.Transfer: It transfers execution from the first page to the second page
on the server. As far as the browser client is concerned, it made one request and
the initial page is the one responding with content. The benefit of this approach
is one less round trip to the server from the client browser. Also, any posted form
variables and query string parameters are available to the second page as well.
22. What is an interface and what is an abstract class?
In an interface, all methods must be abstract (must not be defined). In an abstract
class, some methods can be defined. In an interface, no accessibility modifiers
are allowed, whereas it is allowed in abstract classes.
23. Session state vs. View state:
In some cases, using view state is not feasible. The alternative for view state
is session state. Session state is employed under the following situations:
Large amounts of data - View state tends to increase the size of both the HTML page
sent to the browser and the size of form posted back. Hence session state is used.
Secure data - Though the view state data is encoded and may be encrypted, it is
better and secure if no sensitive data is sent to the client. Thus, session state
is a more secure option.
Problems in serializing of objects into view state - View state is efficient for
a small set of data. Other types like DataSet are slower and can generate a very
large view state.
24. Can two different programming languages be mixed in a single ASPX file?
ASP.NET’s built-in parsers are used to remove code from ASPX files and create temporary
files. Each parser understands only one language. Therefore mixing of languages
in a single ASPX file is not possible.
25. Is it possible to see the code that ASP.NET generates from an ASPX file?
By enabling debugging using a <%@ Page Debug="true" %> directive in the ASPX
file or a <compilation debug="true"> statement in Web.config, the generated
code can be viewed. The code is stored in a CS or VB file (usually in the \%SystemRoot%\Microsoft.NET\Framework\v1.0.nnnn\Temporary
26. Can a custom .NET data type be used in a Web form?
This can be achieved by placing the DLL containing the custom data type in the application
root's bin directory and ASP.NET will automatically load the DLL when the type is
27. List the event handlers that can be included in Global.asax?
Application start and end event handlers
Session start and end event handlers
Per-request event handlers
Non-deterministic event handlers
28. Can the view state be protected from tampering?
This can be achieved by including an @ Page directive with an EnableViewStateMac="true"
attribute in each ASPX file that has to be protected. Another way is to include
the <pages enableViewStateMac="true" /> statement in the Web.config file.
29. Can the view state be encrypted?
The view state can be encrypted by setting EnableViewStateMac to true and either
modifying the <machineKey> element in Machine.config to <machineKey validation="3DES”
/> or by adding the above statement to Web.config.
30. When during the page processing cycle is ViewState available?
The view state is available after the Init() and before the Render() methods are
called during Page load.