You are previewing Exam Ref 70-486: Developing ASP.NET MVC 4 Web Applications.
O'Reilly logo
Exam Ref 70-486: Developing ASP.NET MVC 4 Web Applications

Book Description

Prepare for Microsoft Exam 70-486—and help demonstrate your real-world mastery of developing ASP.NET MVC-based solutions. Designed for experienced developers ready to advance their status, Exam Ref focuses on the critical-thinking and decision-making acumen needed for success at the Microsoft Specialist level.

Focus on the expertise measured by these objectives:

  • Design the application architecture

  • Design the user experience

  • Develop the user experience

  • Troubleshoot and debug web applications

  • Design and implement security

  • This Microsoft Exam Ref:

  • Organizes its coverage by exam objectives.

  • Features strategic, what-if scenarios to challenge you.

  • Table of Contents

    1. Special Upgrade Offer
    2. Introduction
      1. Microsoft certifications
      2. Acknowledgments
      3. Errata & book support
      4. We want to hear from you
      5. Stay in touch
    3. Preparing for the exam
    4. 1. Design the application architecture
      1. Objective 1.1: Plan the application layers
        1. Planning data access
          1. Data access options
          2. Design approaches
          3. Data access from within code
        2. Planning for separation of concern (SoC)
        3. Using models, views, and controllers appropriately
          1. Model
          2. Controllers
            1. Actions and Action Results
            2. Routes and Routing
            3. Asynchronous Controllers
          3. Views
            1. The Razor View and Web Forms View Engines
            2. Extending the View Engines
        4. Choosing between client-side and server-side processing
        5. Designing for scalability
        6. Objective summary
        7. Objective review
      2. Objective 1.2: Design a distributed application
        1. Integrating web services
        2. Designing a hybrid application
        3. Planning for session management in a distributed environment
        4. Planning web farms
        5. Objective summary
        6. Objective review
      3. Objective 1.3: Design and implement the Windows Azure role life cycle
        1. Understanding Windows Azure and roles
        2. Identifying startup tasks
        3. Identifying and implementing <span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:pls="http://www.w3.org/2005/01/pronunciation-lexicon" xmlns:ssml="http://www.w3.org/2001/10/synthesis" xmlns:svg="http://www.w3.org/2000/svg" class="emphasis"><em>Start, Run</em></span>, and , and <span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:pls="http://www.w3.org/2005/01/pronunciation-lexicon" xmlns:ssml="http://www.w3.org/2001/10/synthesis" xmlns:svg="http://www.w3.org/2000/svg" class="emphasis"><em>Stop</em></span> events events
        4. Objective summary
        5. Objective review
      4. Objective 1.4: Configure state management
        1. Choosing a state management mechanism
        2. Planning for scalability
        3. Using cookies or local storage to maintain state
          1. Cookies
          2. HTML5 Web Storage
        4. Applying configuration settings in the Web.config file
        5. Implementing sessionless state
        6. Objective summary
        7. Objective review
      5. Objective 1.5: Design a caching strategy
        1. Implementing page output caching
          1. Donut caching
          2. Donut hole caching
          3. Distribution caching
        2. Implementing data caching
        3. Implementing application caching
          1. Create the application cache manifest
          2. Reference the manifest
          3. Transfer the manifest
        4. Implementing HTTP caching
        5. Objective summary
        6. Objective review
      6. Objective 1.6: Design and implement a WebSocket strategy
        1. Reading and writing string and binary data
        2. Choosing a connection loss strategy
        3. Deciding when to use WebSockets
        4. Objective summary
        5. Objective review
      7. Objective 1.7: Design HTTP modules and handlers
        1. Implementing synchronous and asynchronous modules and handlers
        2. Choosing between modules and handlers in IIS
        3. Objective summary
        4. Objective review
      8. Chapter summary
      9. Answers
        1. Objective 1.1: Thought experiment
        2. Objective 1.1: Review
        3. Objective 1.2: Thought experiment
        4. Objective 1.2: Review
        5. Objective 1.3: Thought experiment
        6. Objective 1.3: Review
        7. Objective 1.4: Thought experiment
        8. Objective 1.4: Review
        9. Objective 1.5: Thought experiment
        10. Objective 1.5: Review
        11. Objective 1.6: Thought experiment
        12. Objective 1.6: Review
        13. Objective 1.7: Thought experiment
        14. Objective 1.7: Review
    5. 2. Design the user experience
      1. Objective 2.1: Apply the user interface design for a web application
        1. Creating and applying styles using CSS
        2. Using HTML to structure and lay out the user interface
        3. Implementing dynamic page content based on design
        4. Objective summary
        5. Objective review
      2. Objective 2.2: Design and implement UI behavior
        1. Implementing client validation
          1. Models
          2. Views
          3. Controllers
        2. Using remote validation
        3. Using JavaScript and the DOM to control application behavior
        4. Extending objects by using prototypal inheritance
        5. Using AJAX to make partial page updates
        6. Implementing the UI using jQuery
        7. Objective summary
        8. Objective review
      3. Objective 2.3: Compose the UI layout of an application
        1. Implementing partials for reuse in different areas of the application
        2. Designing and implementing pages by using Razor templates
        3. Designing layouts to provide visual structure
        4. Implementing master/application pages
        5. Objective summary
        6. Objective review
      4. Objective 2.4: Enhance application behavior and style based on browser feature detection
        1. Detecting browser features and capabilities
        2. Creating a web application that runs across multiple browsers and mobile devices
        3. Enhancing application behavior and style by using vendor-specific extensions
        4. Objective summary
        5. Objective review
      5. Objective 2.5: Plan an adaptive UI layout
        1. Planning for applications that run in browsers on multiple devices
        2. Planning for mobile web applications
        3. Objective summary
        4. Objective review
      6. Chapter summary
      7. Answers
        1. Objective 2.1: Thought experiment
        2. Objective 2.1: Review
        3. Objective 2.2: Thought experiment
        4. Objective 2.2: Review
        5. Objective 2.3: Thought experiment
        6. Objective 2.3: Review
        7. Objective 2.4: Thought experiment
        8. Objective 2.4: Review
        9. Objective 2.5: Thought experiment
        10. Objective 2.5: Review
    6. 3. Develop the user experience
      1. Objective 3.1: Plan for search engine optimization and accessibility
        1. Using analytical tools to parse HTML
        2. Viewing and evaluating conceptual structure by using plugs-in for browsers
        3. Writing semantic markup for accessibility
        4. Objective summary
        5. Objective review
      2. Objective 3.2: Plan and implement globalization and localization
        1. Planning a localization strategy
        2. Creating and applying resources to the UI
        3. Setting cultures
        4. Creating satellite resource assemblies
        5. Objective summary
        6. Objective review
      3. Objective 3.3: Design and implement MVC controllers and actions
        1. Applying authorization attributes and global filters
        2. Implementing action behaviors
        3. Implementing action results
        4. Implementing model binding
        5. Objective summary
        6. Objective review
      4. Objective 3.4: Design and implement routes
        1. Defining a route to handle a URL pattern
        2. Applying route constraints
        3. Ignoring URL patterns
        4. Adding custom route parameters
        5. Defining areas
        6. Objective summary
        7. Objective review
      5. Objective 3.5: Control application behavior by using MVC extensibility points
        1. Implementing MVC filters and controller factories
        2. Controlling application behavior by using action results
        3. Controlling application behavior by using view engines
        4. Controlling application behavior by using model binders
        5. Controlling application behavior by using route handlers
        6. Objective summary
        7. Objective review
      6. Objective 3.6: Reduce network bandwidth
        1. Bundling and minifying scripts
          1. Bundling
          2. Minifying
        2. Compressing and decompressing data
        3. Planning a content delivery network (CDN) strategy
        4. Objective summary
        5. Objective review
      7. Chapter summary
      8. Answers
        1. Objective 3.1: Thought experiment
        2. Objective 3.1: Review
        3. Objective 3.2: Thought experiment
        4. Objective 3.2: Review
        5. Objective 3.3: Thought experiment
        6. Objective 3.3: Review
        7. Objective 3.4: Thought experiment
        8. Objective 3.4: Review
        9. Objective 3.5: Thought experiment
        10. Objective 3.5: Review
        11. Objective 3.6: Thought experiment
        12. Objective 3.6: Review
    7. 4. Troubleshoot and debug web applications
      1. Objective 4.1: Prevent and troubleshoot runtime issues
        1. Troubleshooting performance, security, and errors
          1. Using Performance Wizard
          2. Using Visual Studio Profiler
          3. Using Performance Monitor
        2. Troubleshooting security issues
        3. Implementing tracing, logging, and debugging
        4. Enforcing conditions by using code contracts
        5. Enabling and configuring health monitoring
        6. Objective summary
        7. Objective review
      2. Objective 4.2: Design an exception handling strategy
        1. Handling exceptions across multiple layers
        2. Displaying custom error pages, creating your own <span xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:pls="http://www.w3.org/2005/01/pronunciation-lexicon" xmlns:ssml="http://www.w3.org/2001/10/synthesis" xmlns:svg="http://www.w3.org/2000/svg" class="emphasis"><em>HTTPHandler</em></span>, and setting Web.config attributes, and setting Web.config attributes
        3. Handling first chance exceptions
        4. Objective summary
        5. Objective review
      3. Objective 4.3: Test a web application
        1. Creating and running unit tests
          1. Running integration tests
          2. Creating mocks
        2. Creating and running web tests
          1. Types of load tests
          2. Test planning
        3. Objective summary
        4. Objective review
      4. Objective 4.4: Debug a Windows Azure application
        1. Collecting diagnostic information
        2. Choosing log types
        3. Debugging a Windows Azure application
        4. Objective summary
        5. Objective review
      5. Chapter summary
      6. Answers
        1. Objective 4.1: Thought experiment
        2. Objective 4.1: Review
        3. Objective 4.2: Thought experiment
        4. Objective 4.2: Review
        5. Objective 4.3: Thought experiment
        6. Objective 4.3: Review
        7. Objective 4.4: Thought experiment
        8. Objective 4.4: Review
    8. 5. Design and implement security
      1. Objective 5.1: Configure authentication
        1. Authenticating users
          1. Anonymous authentication
          2. Basic authentication
          3. Digest authentication
          4. Forms authentication
          5. Windows authentication
          6. ASP.NET Impersonation authentication
          7. Client Certificate authentication and IIS Client Certificate authentication
          8. Custom authentication
        2. Enforcing authentication settings
        3. Choosing between Windows, Forms, and custom authentication
        4. Managing user session by using cookies
        5. Configuring membership providers
        6. Creating custom membership providers
        7. Objective summary
        8. Objective review
      2. Objective 5.2: Configure and apply authorization
        1. Creating roles
        2. Authorizing roles by using configuration
        3. Authorizing roles programmatically
        4. Creating custom role providers
        5. Implementing WCF service authorization
        6. Objective summary
        7. Objective review
      3. Objective 5.3: Design and implement claims-based authentication across federated identity stores
        1. Implementing federated authentication by using Windows Azure Access Control Service
        2. Creating a custom security token by using Windows Identity Foundation
        3. Handling token formats for SAML and SWT tokens
        4. Objective summary
        5. Objective review
      4. Objective 5.4: Manage data integrity
        1. Understanding encryption terminology
        2. Applying encryption to application data
        3. Applying encryption to the configuration sections of an application
        4. Signing application data to prevent tampering
        5. Objective summary
        6. Objective review
      5. Objective 5.5: Implement a secure site with ASP.NET
        1. Securing communication by applying SSL certificates
        2. Salting and hashing passwords for storage
        3. Using HTML encoding to prevent cross-site scripting attacks (AntiXSS Library)
        4. Implementing deferred validation and handle unvalidated requests
        5. Preventing SQL injection attacks by parameterizing queries
        6. Preventing cross-site request forgeries (XSRFs)
        7. Objective summary
        8. Objective review
      6. Chapter summary
      7. Answers
        1. Objective 5.1 Thought experiment
        2. Objective 5.1 Review
        3. Objective 5.2 Thought experiment
        4. Objective 5.2 Review
        5. Objective 5.3 Thought experiment
        6. Objective 5.3 Review
        7. Objective 5.4 Thought experiment
        8. Objective 5.4 Review
        9. Objective 5.5 Thought experiment
        10. Objective 5.5 Review
    9. A. About the Author
    10. Index
    11. About the Author
    12. Special Upgrade Offer
    13. Copyright