. NET Pen Test set (iii)

Source: Internet
Author: User
Tags html form soap dedicated server

1. What is the name of the implied parameter of the set method that passed in a property?

Value whose type and property have the same type of reputation.

2. Does C # support multiple inheritance?

Unsupported between classes, support between interfaces. A class-to-interface is called an implementation, not an inheritance.

3. What is the common base class for all objects in C #?

System.Object

4. How to pass the Chinese parameters through hyperlinks?

A: With URL encoding, through QueryString transmission, with UrlEncode encoding with UrlDecode decoding.

5. The difference between string, String;int, Int32;boolean, BOOL

String, Int32, Boolean, and so on are all classes defined in. NET, and string, int, and bool are equivalent to the aliases defined in C # for those classes. Cts.

6. What is the difference between Server.Transfer and Response.Redirect?

A: Server.Transfer is only the control in the server steering, in the client browser address bar will not show the post-turn address, Response.Redirect is a full jump, the browser will get the address of the jump, and resend the request link. This way, you can see the link address after the jump from the address bar of the browser.

Server.Transfer is the server requests the resources, the server directly accesses the URL of the destination address, reads the response content of that URL, and then sends the content to the browser, the browser does not know where the server sent the content from, So its address bar is still the original address. This process has been interactive between the browser and the Web server.

Response.Redirect is the server based on logic, send a status code, tell the browser to re-request that address, in general, the browser will use all the parameters just requested to re-request. This process has undergone two interactions between the browser and the Web server.

7. Is it not that the string is immutable? String s= "abc"; s= "123" Is it a change?

String is immutable in this code, s originally pointed to a string object, the content is "ABC", and then we point S to "123", then the object pointed by S is changed? The answer is no. At this point, S does not point to the original object, and point to another string object, the content is "123", the original object is still in memory, but s this reference variable no longer points to it.

8. Is it possible to make a call to a non-static method from within a static method?

No. Because the non-static method is to be associated with an object, you must create an object before you can make a method call on the object, and the static method call does not need to create the object, which can be called directly. That is, when a static method is called, there may not be any instance objects created, and if a call to a non-static method is emitted from a static method, which object does that non-static method relate to? This logic cannot be established, so a static method cannot emit a call to a non-static method inside.

9,. Is there a memory leak in net, please describe it briefly.

The so-called memory leak refers to an object or variable that is not being used by the program has been occupied in memory. NET has garbage collection mechanism, it can guarantee that an object is no longer referenced when the object becomes an orphan, the object will be automatically erased from memory by the garbage collector. Although. NET can reclaim useless objects, but. NET still exists due to improper use of memory leak issues: NET memory leaks: Long life-cycle objects that hold references to short life-cycle objects are most likely to have a memory leak, although short-life-cycle objects are no longer needed, but because long-life-cycle objects hold their references and cannot be recycled, this is the case. NET memory leaks in the scene, in layman's terms, is that the programmer may have created an object, the object has been no longer used, the object has been referenced, that is, the object is useless but can not be recycled by the garbage collector, this is. NET in the case of memory leaks, for example, the caching system, we loaded an object in the cache (for example, in a global Dictionary object), and then no longer use it, the object has been cached reference, but is no longer used. Extensions: Use weak references so that they can be recycled even if they are referenced.

10, say some of the commonly used classes, interfaces, please give 5

Common classes: StreamReader, WebClient, dictionary<k,v>, StringBuilder, SqlConnection, FileStream, File, Regex, list<t>

Common interfaces: IDisposable, IEnumerable, IDbConnection, IComparable, ICollection, IList, IDictionary

11, the relationship between BS and CS and the difference.

c/S is the abbreviation of Client/server. The client needs to install the dedicated client software.

b/S is an abbreviation for Brower/server, as long as a browser is installed on the client. In this structure, the user interface is implemented entirely through the WWW browser, and some transaction logic is implemented at the front end, but the main logic is implemented on the server side. The browser interacts with the database through the Web Server.

c/S and b/s difference:

1). Different hardware environments:

c/S is generally established in a dedicated network, a small range of network environment, LAN and then through a dedicated server to provide connectivity and data exchange services.

b/S is built on the WAN, need not be specialized network hardware environment, example with telephone Internet, renting equipment. Information is managed by itself. Have more than C/s to adapt to the range, generally as long as there are operating systems and browsers on the line

2). different for security requirements

c/S is generally oriented to a relatively fixed user group, the ability to control information security is very strong. Generally highly confidential information system using C/s structure is suitable. Can be published through the B/s part of the public information.

b/S is built on the wide area network, the security control ability is relatively weak, may target the unknown user.

3). handling problems differently

c/S program can handle the user face fixed, and in the same area, security requirements of high demand, operating system-related. Should all be the same system. C/S client because it is a local program, and local hardware, programs, such as the ability to control other programs, can read and write local disk files, can interact with the hardware.

b/S is built on the wide area network, facing different user groups, dispersed area, this is the C/s can not be made. The minimum relationship with the operating system platform, it should be so B/s difficult and local hardware, programs, files to interact, such as difficult to control the other programs, hard to read and write local disk files, difficult to interact with the hardware, of course, can be solved with ActiveX technology, such as net silver is so solved, The problem with this is that it may be rejected by the customer and confined to the Windows operating system.

C/S is also divided into two-tier architecture and three-tier architecture. Two-tier architecture: Client program direct database; three-tier architecture: Client Access Service-side services, the main logic code written on the service side of the service, and then the service-side service to access the database, Oracle version of the distributed call Center, WCF.

12, write a single case (Singleton) class.

Public filemanager{     Private FileManager () {} public     static FileManager Instance = new FileManager ();}

13. What is SQL injection? How do I avoid SQL injection?

The user constructs an illegal parameter based on the system's program and causes the program to execute a malicious SQL statement that is not expected by the programmer. SQL injection can be avoided by using parameterized SQL. Using parameterized Paramter

1 ' or 1=1

14, say some of the database optimization experience?

Index internal principle: Imagine as dictionary, insert, delete, update slow, plus the index also takes up space, query faster. The speed increase is obvious after the index is added.

(1) use indexes to improve query speed on frequently retrieved fields (SELECT * from person where [email protected]).

(2)only the necessary fields are listed in Select, not *.

(3) avoid the implicit type conversion caused by the full table scan, the use of functions on the index will also cause a full table scan (because the index is only established for the field, once the expression or function is used, then the index is invalidated, of course, you can also use "function index", "Expression index" to solve the problem), Using an index does not necessarily improve query speed.

(4) avoid using calculations on indexed columns (where name+ ' A ' [email protected])

15, talk about ViewState. Talk about the understanding of the principle of ASP. Talk about the ASP. NET life cycle.

Label, textbox, when disabling ViewState, the different performance of the self-increment

HTTP is stateless, WebForm in order to implement HTTP-based "stateful" to simplify development, ViewState is used to maintain state between two requests. Before the page returns, the state of the interface is serialized to ViewState, so that the state is saved in the browser, and the next time the page is submitted, the ViewState is submitted to the server, so that the server is restored according to ViewState state. So WebForm development is like having a state. Talk about custom autoinc controls.

16. The difference between post and get

The get parameters are displayed in the browser address bar, and the post parameters are not displayed in the browser address bar;

Pages submitted using post when you click on the "Refresh" button, the browser will generally prompt "whether to resubmit", and get will not;

The page with get can be crawled by the search engine, but not by post;

The amount of data that can be submitted with post is very large, and the amount of data that can be submitted with get is very small (2k), which is limited by the length of the Web address.

Post can be used for file submission, while using get is not possible.

17, the HTTP default port number is (80), the FTP default port number is (21), SQL Server's default port number is (1433)

18, the operator ++a (a plus 1, then the value of the expression is a plus 1 after the value), a++ (the expression value is a, and then a plus 1).

19. What is the execution result of the following program?

int i = 10; Console.WriteLine (i++); Console.WriteLine (++i); Console.WriteLine (I=20);

Answer:

10

12

20

20, if not VisualStudio, which command line to compile C # program?

Answer: csc.exe.

21. Which of the following nouns is not directly related to webservice? B

A, UDDI

B, GUID

C, WSDL

D, SOAP

Soap and HTTP relationships: SOAP is based on HTTP protocol, and unlike normal Web pages, Web pages return html,soap are XML data that conforms to the SOAP protocol.

22. Classes in the. Net framework are specifically intended for C #, right?

Answer: wrong. Vb. NET and other languages can call classes in the. NET Framework. CTS, CLS.

23. Open question: Speak as many languages as possible based on the. Net framework.

Reference solutions: C #, vb.net, F #, PowerShell, IronPython, J #, Ruby.net

24. What is the relationship between. Net, ASP, C #, VisualStudio?

For:. NET generally refers to the. NET Framework, which provides the foundation. NET classes, these classes can be any kind of. NET programming language calls, the. NET Framework also provides basic functionality such as CLR, JIT, GC, and so on.

Asp. NET is a technology used in. NET for Web development, and the page portion of the ASP is written in the ASPX file, and the logical code is usually code-behind in C # and VB. NET, etc. to support. NET language writing.

C # is the most widely used support. NET programming language. In addition to C # there are vb.net, IronPython and so on.

VisualStudio is a Microsoft-provided integrated development environment (IDE) for. NET development, and using VisualStudio can simplify a lot of work without programmers calling csc.exe and other command lines for program compilation, and VisualStudio provides automatic code completion , code highlighting and other functions to facilitate the development. In addition to VisualStudio, there are free, open-source Ide,visualstudio Express versions of SharpDevelop, MonoDevelop, and so on.

25. What problems does Ajax solve? How do I use Ajax? What are the problems with Ajax that need attention? Where is Ajax used in the project?

A: The problem of Ajax solution is "No Refresh Update page", with the traditional HTML form to update the page, each time to submit the request to the server, the server returned and then redraw the interface, so the interface will go through: Submit → turn white → re-display such a process, the user experience is very poor, Using AJAX does not cause the page to be resubmitted or refreshed.

The most essential implementation of AJAX is the use of XMLHttpRequest in JavaScript for HTTP requests, development often using UpdatePanel, jquery and other ways to simplify the development of Ajax, UpdatePanel Way to implement Ajax the simplest , but the data traffic is relatively large, because the entire viewstate is transmitted back and forth, and is not flexible, for complex requirements you can use the AJAX features provided by jquery.

UpdatePanel's internal principle.

The most important problem with Ajax is the inability to cross-domain requests (www.rupeng.com→so.rupeng.com), which means that you cannot send requests to pages that differ from the current domain name, and can be resolved using the proxy page on the service side of the domain where the current page resides.

26, net by the language first compiled (IL), and then executed with (JIT) compile its cost platform code, to achieve the interoperability of the object under the heterogeneous platform.

27. What is the difference between the two sessions of application, cookies and session?

A: Application is the information that is used to access the entire Web site, and the session is used to access information associated with a particular visitor.

28. Open question: What is the website of the technical category you often visit?

Blog Park (www.cnblogs.com), CSDN, CodePlex, CodeProject, MSDN documentation, MSDN Forums

29. Your understanding of the. NET GC

GC is a. NET garbage collector that can recycle memory resources, and programmers don't have to worry about resource recycling, and can be recycled when an object doesn't have any references. An object that can be recycled does not necessarily have to be recycled immediately, and the GC chooses the time to recycle it. You can call Gc.collect () to have the GC reclaim immediately. The GC cannot reclaim unmanaged resources, generally implements the IDisposable interface for unmanaged resources, and then uses the Using keyword to recycle resources.

30. Write an SQL statement: Remove the starting character from the user table in the Name column is all records of "Beijing"

SELECT * FROM [user] Wherer name like ' Beijing% '

. NET Pen Test set (iii)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.