How SSL Certificates Work?

1.  
2. 1. A browser attempts to connect to a Website, a.k.a. Web server, secured with SSL. 
3. 2 .The browser requests that the Web server identify itself.
4. 3. The Web server sends the browser a copy of its SSL certificate.
5. 4. The browser checks to see whether or not it trusts the SSL certificate. If so, it sends a message to the Web server.
6. 5. The Web server sends back a digitally signed acknowledgement to start an SSL encrypted session.
7. 6. Encrypted data is shared between the browser and the Web server.

There are many benefits to using SSL Certificates. Namely, SSL customers:

• Get HTTPs which elicits a stronger Google ranking
• Create safer experiences for your customers
• Build customer trust and improve conversions
• Protect both customer and internal data
• Encrypt browser-to-server and server-to-server communication
• Increase security of your mobile and cloud apps
•  

Latest C# Questions

Wherever you go in for your .NET interview in Montreal or Toronto, you should be ready to answer the following questions:

1. How many languages .NET is supporting now? - When .NET was introduced it came with several languages. VB.NET, C#, COBOL and Perl, etc. 
2. How is .NET able to support multiple languages? - a language should comply with the Common Language Runtime standard to become a .NET language. In .NET, code is compiled to Microsoft Intermediate Language (MSIL for short). This is called as Managed Code. This Managed code is run in .NET environment. So after compilation to this IL the language is not a barrier. A code can call or use a function written in another language.
3. How ASP .NET different from ASP? - Scripting is separated from the HTML, Code is compiled as a DLL, these DLLs can be executed on the server.
4. Resource Files: How to use the resource files, how to know which language to use?
5. What is smart navigation? - The cursor position is maintained when the page gets refreshed due to the server side validation and the page gets refreshed.
6. What is view state? - The web is stateless. But in ASP.NET, the state of a page is maintained in the in the page itself automatically. How? The values are encrypted and saved in hidden controls. this is done automatically by the ASP.NET. This can be switched off / on for a single control
7. Explain the life cycle of an ASP .NET page.
8. How do you validate the controls in an ASP .NET page? - Using special validation controls that are meant for this. We have Range Validator, Email Validator.
9. Can the validation be done in the server side? Or this can be done only in the Client side? - Client side is done by default. Server side validation is also possible. We can switch off the client side and server side can be done.
10. How to manage pagination in a page? - Using pagination option in DataGrid control. We have to set the number of records for a page, then it takes care of pagination by itself.
11. What is ADO .NET and what is difference between ADO and ADO.NET? - ADO.NET is stateless mechanism. I can treat the ADO.Net as a separate in-memory database where in I can use relationships between the tables and select insert and updates to the database. I can update the actual database as a batch.
    

---

1) The C# keyword .int. maps to which .NET type?

1. System.Int16
2. System.Int32
3. System.Int64
4. System.Int128

2) Which of these string definitions will prevent escaping on backslashes in C#?

1. string s = #.n Test string.;
2. string s = ..n Test string.;
3. string s = @.n Test string.;
4. string s = .n Test string.;

3) Which of these statements correctly declares a two-dimensional array in C#?

1. int[,] myArray;
2. int[][] myArray;
3. int[2] myArray;
4. System.Array[2] myArray;

4) If a method is marked as protected internal who can access it?

1. Classes that are both in the same assembly and derived from the declaring class.
2. Only methods that are in the same class as the method in question.
3. Internal methods can be only be called using reflection.
4. Classes within the same assembly, and classes derived from the declaring class.

5) What is boxing?

a) Encapsulating an object in a value type.

b) Encapsulating a copy of an object in a value type.

c) Encapsulating a value type in an object.

d) Encapsulating a copy of a value type in an object.

6) What compiler switch creates an xml file from the xml comments in the files in an assembly?

1. /text
2. /doc
3. /xml
4. /help

7) What is a satellite Assembly?

1. A peripheral assembly designed to monitor permissions requests from an application.
2. Any DLL file used by an EXE file.
3. An assembly containing localized resources for another assembly.
4. An assembly designed to alter the appearance or .skin. of an application.

8) What is a delegate?

1. A strongly typed function pointer.
2. A light weight thread or process that can call a single method.
3. A reference to an object in a different process.
4. An inter-process message channel.

9) How does assembly versioning in .NET prevent DLL Hell?

1. The runtime checks to see that only one version of an assembly is on the machine at any one time.
2. .NET allows assemblies to specify the name AND the version of any assemblies they need to run.
3. The compiler offers compile time checking for backward compatibility.
4. It doesn.t.

10) Which .Gang of Four. design pattern is shown below?

public class A {

    private A instance;

    private A() {

    }

    public
static A Instance {

        get

        {

            if ( A == null )

                A = new A();

            return instance;

        }

    }

}

1. Factory
2. Abstract Factory
3. Singleton
4. Builder

11) In the NUnit test framework, which attribute must adorn a test class in order for it to be picked up by the NUnit GUI?

1. TestAttribute
2. TestClassAttribute
3. TestFixtureAttribute
4. NUnitTestClassAttribute

12) Which of the following operations can you NOT perform on an ADO.NET DataSet?

1. A DataSet can be synchronised with the database.
2. A DataSet can be synchronised with a RecordSet.
3. A DataSet can be converted to XML.
4. You can infer the schema from a DataSet.

13) In Object Oriented Programming, how would you describe encapsulation?

1. The conversion of one type of object to another.
2. The runtime resolution of method calls.
3. The exposition of data.
4. The separation of interface and implementation.

Agile Scrum FAQ

How is Scrum different from Waterfall model?

The major differences are:

1. The feedback from customer is received at an early stage in Scrum than in Waterfall, where the feedback from customer is received towards the end of development cycle.

2. To accommodate the new or changed requirement in scrum is easier than Waterfall.

3. Scrum focuses on collaborative development then Waterfall where the entire development cycle is divided into phases

4. At any point of time, we can rollback the changes in Scrum than in Waterfall

5. Test is considered as phase in Waterfall unlike Scrum

How is Scrum different from Iterative model?

Scrum is Iterative + Incremental model

Do you know any other methodology apart from Scrum?

Other Agile methodologies include, KanBan, XP, Lean

What are ceremonies you perform in Scrum?

There are three major ceremonies performed in Scrum:

1. Planning Meeting - Entire Scrum Team along with the Scrum Master and Product Owner meets and discuss each item from the product backlog  that they can work on the sprint. When is story is estimated and is well understood by the team, the story then moves into the Sprint Backlog.

2. Review Meeting - Where the Scrum Team demonstrates their work done to the stake holders

3. Retrospective Meeting - Scrum Team, Scrum Master and Product Owner meets and retrospect the last sprint worked on. They majorly discuss 3 things:

• What went well?
• What could be done better?
• Action items 

Apart from these three ceremonies, there is one more "Backlog Grooming" meeting in which the Product Owner puts forward business requirements as per the priority. Team discusses over it, identifies the complexity, dependencies and efforts. The team may also do the story pointing at this stage

Three Amigos in Scrum?

Three Amigos are - The Product Owner, The Scrum Master and The Scrum Team

What should be the ideal size of Scrum Team?

Ideal size is 7 with +/-2

What do you discuss in daily stand-up meeting?

• What did you do yesterday?
• Planning for today
• Any impediments/roadblocks

What is "time boxing" of a scrum process called?

It's called "Sprint"

What should be ideal sprint duration?

It should be 2-4 weeks 

How requirements are defined in Scrum?

Requirements are termed as "User Stories" in Scrum

What are the different artifacts in Scrum?

These are two artifacts maintained in Scrum:

1. Product Backlog - Contains the prioritized list of business requirements 

2. Sprint Backlog - Contains user stories to be done by the scrum team for a sprint

3. Velocity Chart

4. Burn-down Chart

How do you define a user story?

The user stories are defined as

As a <user / type of user>

I want to <action / feature to implement>

So that <objective>

What are the roles of Scrum Master and Product Owner?

Scrum Master - Leader for the Scrum team. Presides over all Scrum ceremonies and coaches team to understand and implement Scrum values.

Product Owner - Point of contact for Scrum team 

How do you measure the work done in Sprint?

Its measured in velocity

What is velocity?

Sum of story points that a Scrum team completed over a sprint

Who is responsible for deliverable? Scrum Master or Product Owner?

Neither the Scrum Master, nor the Product Owner. Its responsibility of the Team

How do you measure the complexity or effort in a sprint? Is there a way to determine and represent it?

Through “Story Points”. In scrum it’s recommended to use Fibonacci series to represent it.

How do you track your progress in a sprint?

The progress is tracked by a “Burn-Down chart”.

How do you create the burn down chart?

Burn down chart is a graph which shows the estimated v/s actual effort of the scrum tasks.
It is a tracking mechanism by which for a particular sprint; day to day tasks are tracked to check whether the stories are progressing towards the completion of the committed story points or not. Here we should remember that the efforts are measured in terms of user stories and not hours.

What do you do in a sprint review and retrospective?

During Sprint review we walkthrough and demonstrate the feature or story implemented by the scrum team to the stake holders.

During retrospective, we try to identify in a collaborative way what went well, what could be done better and action items to have continuous improvement.

Do you see any disadvantage of using scrum?

I don’t see any disadvantage of using scrum. The problems mainly arises when the scrum team do not either understand the values and principles of scrum or are not flexible enough to change. Before we deciding on scrum, we must first try to answer the

Do you think scrum can be implemented in all the software development process?

Scrum is used mainly for

• complex kind of project
• Projects which have early and strict deadlines.
• When we are developing any software from scratch.

During review, suppose the product owner or stakeholder does not agree to the feature you implemented what would you do?

First thing we will not mark the story as done.
We will first confirm the actual requirement from the stakeholder and update the user story and put it into backlog. Based on the priority, we would be pulling the story in next sprint.

In case, the scrum master is not available, would you still conduct the daily stand up meeting?

Yes, we can very well go ahead and do our daily stand up meeting.

Where does automation fit into scrum?

Automation plays a vital role in Scrum. In order to have continuous feedback and ensure a quality deliverable we should try to implement TDD, BDD and ATDD approach during our development. Automation in scrum is not only related to testing but it is for all aspect of software development. As I said before introducing TDD, BDD and ATDD will speed up our development process along with maintaining the quality standards; automating the build and deployment process will also speed up the feature availability in different environment – QA to production. As far as testing is concerned, regression testing should be the one that will have most attention. With progress of every sprint, the regression suit keeps on increasing and it becomes practically very challenging to execute the regression suit manually for every sprint. Because we have the sprint duration of 2 – 4 weeks, automating it would be imperial.

Apart from planning, review and retrospective, do you know any other ceremony in scrum?

We have the Product backlog refinement meeting (backlog grooming meeting) where the team, scrum master and product owner meets to understand the business requirements, splits it into user stories, and estimating it.

Can you give an example of where scrum cannot be implemented? In that case what do you suggest?

Scrum can be implemented in all kinds of projects. It is not only applicable to software but is also implemented successfully in mechanical and engineering projects.

Tell me one big advantage of using scrum?

The major advantage which I feel is – Early feedback and producing the Minimal Viable Product to the stakeholders.

What is DoD? How is this achieved?

DoD stands for Definition of done. It is achieved when

• the story is development complete,
• QA complete,
• The story meets and satisfy the acceptance criteria
• regression around the story is complete
• The feature is eligible to be shipped / deployed in production.

What is MVP in scrum?

A Minimum Viable Product is a product which has just the bare minimum required feature which can be demonstrated to the stakeholders and is eligible to be shipped to production.

What are Epics?

Epics are equivocal user stories or we can say these are the user stories which are not defined and are kept for future sprints.

How do you calculate a story point?

A Story point is calculated by taking into the consideration the development effort+ testing effort + resolving dependencies and other factors that would require to complete a story.

Is it possible that you come across different story point for development and testing efforts? In that case how do you resolve this conflict?

Yes, this is a very common scenario. There may be a chance that the story point given by the development team is, say 3 but the tester gives it 5. In that case both the developer and tester have to justify their story point, have discussion in the meeting and collaborate to conclude a common story point.

You are in the middle of a sprint and suddenly the product owner comes with a new requirement, what will you do?

In ideal case, the requirement becomes a story and moves to the backlog. Then based on the priority, team can take it up in the next sprint. But if the priority of the requirement is really high, then the team will have to accommodate it in the sprint but it has to very well communicated to the stakeholder that incorporating a story in the middle of the sprint may result in spilling over few stories to the next sprint.

In case you receive a story at the last day of the sprint to test and you find there are defects, what will you do? Will you mark the story to done?


A story is done only when it is development complete + QA complete + acceptance criteria is met + it is eligible to be shipped into production. In this case if there are defects, the story is partially done and not completely done, so I will spill it over to next sprint.

Important C# Concepts Part 2

1. What are generics in C#?

Generics is a technique by which we can declare a class without specifying the data type that the class works.

Generics Problem Statement

Code block 1. An object based stack 

Shows the full implementation of the Object-based stack. Because Object is the canonical .NET base type, you can use the Object-based stack to hold any type of items, such as integers:

Stack stack = new Stack();
stack.Push(1);
stack.Push(2);
int number = (int)stack.Pop();

public class Stack
{
   readonly int m_Size; 
   int m_StackPointer = 0;
   object[] m_Items; 
   public Stack():this(100)
   {}   
   public Stack(int size)
   {
      m_Size = size;
      m_Items = new object[m_Size];
   }
   public void Push(object item)
   {
      if(m_StackPointer >= m_Size) 
         throw new StackOverflowException();       
      m_Items[m_StackPointer] = item;
      m_StackPointer++;
   }
   public object Pop()
   {
      m_StackPointer--;
      if(m_StackPointer >= 0)
      {
         return m_Items[m_StackPointer];
      }
      else
      {
         m_StackPointer = 0;
         throw new InvalidOperationException("Cannot pop an empty stack");
      }
   }
}

Two Problems with Object Based Solution

1. The first issue is performance. When using value types, you have to box them in order to 

push and store them, and unbox the value types when popping them off the stack. Boxing 

and unboxing incurs a significant performance penalty in their own right, but it also increases 

the pressure on the managed heap, resulting in more garbage collections, which is not great 

for performance either. Even when using reference types instead of value types, there is still 

a performance penalty because you have to cast from an Object to the actual type you 

interact with and incur the casting cost:

Stack stack = new Stack();
stack.Push("1");
string number = (string)stack.Pop();


2. The second (and often more severe) problem with the Object-based solution is type 
safety. Because, the compiler lets you cast anything to and from Object, you lose 
compile-time type safety. For example, the following code compiles fine, but raises an 
invalid cast exception at run time:

Stack stack = new Stack();
stack.Push(1);
//This compiles, but is not type safe, and will throw an exception: 
string number = (string)stack.Pop();


You can overcome these two problems by providing a type-specific (and hence, type-safe) performant stack. For integers you can implement and use the IntStack:
public class IntStack
{
   int[] m_Items; 
   public void Push(int item){...}
   public int Pop(){...}
} 
IntStack stack = new IntStack();
stack.Push(1);

int number = stack.Pop(); 

And so on. Unfortunately, solving the performance and type-safety problems this way 
introduces a third, and just as serious problem—productivity impact
Why Generics?
Generics allows you create type-safe classes without comprising type safety, performance 
or productivity.

Stack<int> stack = new Stack<int>();

class Stack<t>
{
    int m_StackPointer = 0;
    T[] m_Items;

    public void Push(T item)
    {
        m_Items[m_StackPointer] = item;
    }

    public T Pop()
    {
        return m_Items[m_StackPointer];
    }
}


Serialization and how it works
Serialization is the process of converting an object type to a stream of bytes in 

order to store the object or transfer it to memory, database or file. Its main purpose is 

to save the state of the object in order to recreate it when needed. The reverse process

is called deserialization

How Serialization Works

This illustration shows the overall process of serialization.



The object is serialized to a stream, which carries not just the data, but information about the object's type, such as its version, culture, and assembly name. From that stream, it can be stored in a database, a file, or memory.

Making an Object Serializable

To serialize an object, you need the object to be serialized, a stream to contain the serialized object, and a Formatter. System.Runtime.Serialization contains the classes necessary for serializing and deserializing objects.

Apply the SerializableAttribute attribute to a type to indicate that instances of this type can be serialized. A SerializationException exception is thrown if you attempt to serialize but the type does not have the SerializableAttribute attribute.

If you do not want a field within your class to be serializable, apply the NonSerializedAttribute attribute. If a field of a serializable type contains a pointer, a handle, or some other data structure that is specific to a particular environment, and the field cannot be meaningfully reconstituted in a different environment, then you may want to make it nonserializable.

If a serialized class contains references to objects of other classes that are marked SerializableAttribute, those objects will also be serialized.

Binary and XML Serialization

Either binary or XML serialization can be used. In binary serialization, all members, even those that are read-only, are serialized, and performance is enhanced. XML serialization provides more readable code, as well as greater flexibility of object sharing and usage for interoperability purposes.

Basic and Custom Serialization

Serialization can be performed in two ways, basic and custom. Basic serialization uses the .NET Framework to automatically serialize the object.

Basic Serialization

The only requirement in basic serialization is that the object has the SerializableAttribute attribute applied. The NonSerializedAttribute can be used to keep specific fields from being serialized.

When you use basic serialization, the versioning of objects may create problems, in which case custom serialization may be preferable. Basic serialization is the easiest way to perform serialization, but it does not provide much control over the process.+

Custom Serialization

In custom serialization, you can specify exactly which objects will be serialized and how it will be done. The class must be marked SerializableAttribute and implement the ISerializable interface.

If you want your object to be deserialized in a custom manner as well, you must use a custom constructor.

What is Tuple?

This msdn article explains it very well with examples, "A tuple is a data structure that has a specific number and sequence of elements".

Tuples are commonly used in four ways:

1. To represent a single set of data. For example, a tuple can represent a database record, and its components can represent individual fields of the record.
2. To provide easy access to, and manipulation of, a data set.
3. To return multiple values from a method without using out parameters (in C#) or ByRefparameters (in Visual Basic).
4. To pass multiple values to a method through a single parameter. For example, the Thread.Start(Object) method has a single parameter that lets you supply one value to the method that the thread executes at startup time. If you supply a Tuple<T1, T2, T3> object as the method argument, you can supply the thread’s startup routine with three items of data.

// Create a 7-tuple.
var population = new Tuple<string, int, int, int, int, int, int>(
                           "New York", 7891957, 7781984, 
                           7894862, 7071639, 7322564, 8008278);
// Display the first and last elements.
Console.WriteLine("Population of {0} in 2000: {1:N0}",
                  population.Item1, population.Item7);
// The example displays the following output: 

// Population of New York in 2000: 8,008,278

Creating the same tuple object by using a helper method is more straightforward, as the following example shows.

// Create a 7-tuple.
var population = Tuple.Create("New York", 7891957, 7781984, 

7894862, 7071639, 7322564, 8008278);

// Display the first and last elements.
Console.WriteLine("Population of {0} in 2000: {1:N0}",
                  population.Item1, population.Item7);
// The example displays the following output:
//       Population of New York in 2000: 8,008,278

Thread vs TPL

Thread

Thread represents an actual OS-level thread, with its own stack and kernel resources. (technically, a CLR implementation could use fibers instead, but no existing CLR does this) Thread allows the highest degree of control; you can Abort() or Suspend() or Resume() a thread (though this is a very bad idea), you can observe its state, and you can set thread-level properties like the stack size, apartment state, or culture.
The problem with Thread is that OS threads are costly. Each thread you have consumes a non-trivial amount of memory for its stack, and adds additional CPU overhead as the processor context-switch between threads. Instead, it is better to have a small pool of threads execute your code as work becomes available.
There are times when there is no alternative Thread. If you need to specify the name (for debugging purposes) or the apartment state (to show a UI), you must create your own Thread (note that having multiple UI threads is generally a bad idea). Also, if you want to maintain an object that is owned by a single thread and can only be used by that thread, it is much easier to explicitly create a Thread instance for it so you can easily check whether code trying to use it is running on the correct thread.

ThreadPool

ThreadPool is a wrapper around a pool of threads maintained by the CLR. ThreadPool gives you no control at all; you can submit work to execute at some point, and you can control the size of the pool, but you can’t set anything else. You can’t even tell when the pool will start running the work you submit to it.
Using ThreadPool avoids the overhead of creating too many threads. However, if you submit too many long-running tasks to the threadpool, it can get full, and later work that you submit can end up waiting for the earlier long-running items to finish. In addition, the ThreadPool offers no way to find out when a work item has been completed (unlike Thread.Join()), nor a way to get the result. Therefore, ThreadPool is best used for short operations where the caller does not need the result.

Task

Finally, the Task class from the Task Parallel Library offers the best of both worlds. Like the ThreadPool, a task does not create its own OS thread. Instead, tasks are executed by a TaskScheduler; the default scheduler simply runs on the ThreadPool.
Unlike the ThreadPool, Task also allows you to find out when it finishes, and (via the generic Task<T>) to return a result. You can call ContinueWith() on an existing Task to make it run more code once the task finishes (if it’s already finished, it will run the callback immediately). If the task is generic, ContinueWith() will pass you the task’s result, allowing you to run more code that uses it.
You can also synchronously wait for a task to finish by calling Wait() (or, for a generic task, by getting the Result property). Like Thread.Join(), this will block the calling thread until the task finishes. Synchronously waiting for a task is usually bad idea; it prevents the calling thread from doing any other work, and can also lead to deadlocks if the task ends up waiting (even asynchronously) for the current thread.
Since tasks still run on the ThreadPool, they should not be used for long-running operations, since they can still fill up the thread pool and block new work. Instead, Task provides a LongRunning option, which will tell the TaskScheduler to spin up a new thread rather than running on the ThreadPool.
All newer high-level concurrency APIs, including the Parallel.For*() methods, PLINQ, C# 5 await, and modern async methods in the BCL, are all built on Task.

Conclusion

The bottom line is that Task is almost always the best option; it provides a much more powerful API and avoids wasting OS threads.
The only reasons to explicitly create your own Threads in modern code are setting per-thread options, or maintaining a persistent thread that needs to maintain its own identity.

Delegate and Multicast Delegate

Enabling Cross-Origin Requests (CORS) in ASP.NET Web API 2

Browser security prevents a web page from making AJAX requests to another domain. This restriction is called the same-origin policy, and prevents a malicious site from reading sentitive data from another site. However, sometimes you might want to let other sites call your web API.

Cross Origin Resource Sharing (CORS) is a W3C standard that allows a server to relax the same-origin policy. Using CORS, a server can explicitly allow some cross-origin requests while rejecting others. CORS is safer and more flexible than earlier techniques such as JSONP. This tutorial shows how to enable CORS in your Web API application.

Enable CORS

Now let's enable CORS in the WebService app. First, add the CORS NuGet package. In Visual Studio, from the Tools menu, select Library Package Manager, then select Package Manager Console. In the Package Manager Console window, type the following command:

 

PowerShell

Install-Package Microsoft.AspNet.WebApi.Cors

This command installs the latest package and updates all dependencies, including the core Web API libraries. User the -Version flag to target a specific version. The CORS package requires Web API 2.0 or later.

 

Open the file App_Start/WebApiConfig.cs. Add the following code to the 

WebApiConfig.Register method.

C#

using System.Web.Http;
namespace WebService
{
    public static class WebApiConfig
    {
        public static void Register(HttpConfiguration config)
        {
            // New code
            config.EnableCors();

            config.Routes.MapHttpRoute(
                name: "DefaultApi",
                routeTemplate: "api/{controller}/{id}",
                defaults: new { id = RouteParameter.Optional }
            );
        }
    }
}

Next, add the [EnableCors] attribute to the TestController class:

C#

using System.Net.Http;
using System.Web.Http;
using System.Web.Http.Cors;

namespace WebService.Controllers
{
    [EnableCors(origins: "http://mywebclient.azurewebsites.net", headers: "*", methods: "*")]
    public class TestController : ApiController
    {
        // Controller methods not shown...
    }
}