ASP.Net Interview Questions For Beginners and Professionals

Here in this article, we will cover ASP.NET Interview Questions related to Security, Cache management and so on.

What is Caching and what are the benefits of using it?

Performance has always been a concern for web-based applications. So, caching is a mechanism that improves performance for an application by storing data in memory for fast access. When the application accesses data from the Cache (in other words in-memory) instead of fetching it from the original data store (maybe a database), it will definitely improve performance.

But caching benefits are not limited to performance only, it also improves application Scalability as well as Availability. 
  • Load on the server is reduced when data is fetched from the Cache instead of the original source, thus improving scalability of an application.
  • Caching normally keeps the serving application's data even if the original source is temporarily down, thus improving availability of an application. 

Cache Management in ASP.NET?

ASP.NET provides support for Cache Management in nearly all versions. In .NET Framework 3.5 and older, the support for caching was provided by classes available in System.Web.Caching. But this support was limited to System.Web meaning for ASP.NET Web Applications only. Now, with .NET Framework 4.0 and later, this support is enhanced to non-Web Applications also by providing APIs in System.Runtime.Caching.

ASP.NET supports the following three types of Caching: 
  • Page Output Caching
  • Partial Page Caching
  • Data Caching

Page Output Cache Vs Partial Page Cache Vs Application Data Cache in ASP.NET

Page Output Cache

For a Page Output Cache, the output of a complete web page is stored in a cache. So, when that web page is accessed again, it will be loaded from the cache instead of fetching page data again from the data source.

Partial Page Cache

For a Partial Page Cache (also known as Page Fragment Cache), a part or fragment of a web page is stored in the Cache as opposed to a complete page cache for the Page Output Cache. For example, caching a user control on a web page that displays product categories using Page Fragment Cache.

Data Cache

In some scenarios, we may store frequently used objects in a cache using the ASP.NET Cache API. So, later on, that object will be loaded from the cache instead of instantiating the object again and fetching data from the original source for it.

How to use Page Output Cache in ASP.NET

Implementing a Page Output Cache in ASP.NET is simple. For Page Output Caching, the @ OutputCache directive is used on an ASP.NET page as follows:

<%@ OutputCache Duration="50" VaryByParam="None" %>

Duration value is in seconds and it tells the page how long to cache the contents.

Now, when we access the page, will it verify that it exists in the Cache? If yes, then verify that it is expired? If not then fetch it from Cache and render it otherwise create a new instance of the page and put it back into the Cache.

The other parameter of this directive is "VaryByParam". If it's value is specified to something as follows:

<%@ OutputCache Duration="50" VaryByParam="ProductId" %>

Now the Cache is dependent on the value of this parameter, if the value of the parameter remains the same then the page will be fetched from the Cache otherwise it will be refreshed again.

For in-depth details of the Page Output Cache, see Control Page Output Caching in ASP.NET.

How to use Page Fragment or Partial Page Cache in ASP.NET?

Page Fragment Caching uses the same @ OutputCache directive with the VaryByControl parameter as follows:

<%@ OutputCache Duration="50" VaryByParam="None" VaryByControl="ControlName" %>

In this case, the Cache is dependent on the value of the Control specified in the VaryByControl parameter. For example, content on a page is dependent on the selected values of a dropdownlist, so, VaryByControl will have the dropdownlist control name as value.
How to use Data Cache in ASP.NET?

We have already explained the usage of the Data Cache above in this series of ASP.NET Interview Questions that in specific situations, we need to store objects into the cache. Adding an object to Cache and accessing it from the Cache is simple.

We can use the "Add" method to add an object to the Cache as:

Cache.Add(key, value, dependencies, absoluteExpiration, slidingExpiration, priority, onRemoveCallback);

if (Cache["ProductKey"] == null)

 Cache.Add("ProductKey",objProduct, null, DateTime.Now.AddSeconds(60), Cache.NoSlidingExpiration, CacheItemPriority.High, null); 

To retrieve it back:

Product objProduct = (Product) Cache["ProductKey"];

Further, in this article and next article, we will be explaining ASP.NET Security Interview Questions.

Authentication Vs Authorization

Authentication and Authorization are two key security related concepts that are independent but normally go together.

Authentication is a process that verifies the identity of a user. On ther hand, Authorization is the process of assigning rights/privileges to an already authenticated user.

For example, when a user tries to login a web application. The user identity is first verified that he/she is a valid registered user of the application. If his/her identity is validated successfully then the appropriate privileges are assigned accordingly. Different users may have different privileges on the same application. For example, user1 can only view/read some records while user2 may have privileges for all CRUD (Create, Read, Update and Delete) operations on the same data.
What is the difference between Windows Authentication and Forms Authentication in ASP.NET?

Windows Authentication is a way to authenticate a user against Windows accounts. Windows authentication mode is suitable for corporate users in Windows environment.

In the case of Forms Authentication, a separate list of users is maintained for authentication. For example, we can maintain the list in the database and authenticate the user against it.

We can set authentication mode in web.config as follows:

<authentication mode="Forms">

 What is Protected Configuration in ASP.NET?

While developing an ASP.NET application, we normally store a number of important sensitive information in our config files like encryption keys, connection strings and so on. Application vulnerability increases if this sensitive information is stored as plain text. So Protected Configuration is an ASP.NET feature that enables encryption of such sensitive information in configuration files.

To read more see the Blog: webdevelopmenthelp