Close

Study Notes for 70-486 - Developing ASP.NET MVC 4 Web Applications

After the 70-480 Programming HTML5 and CSS 3 Exam, I finally got around to taking 70-486 - Developing ASP.NET MVC 4 Web Applications which gets me 2/3 towards the destination for MCSD: Web Applications. Following are the set of notes I used along with MCT material which may help those preparing for the exam. The topic-by-topic breakdown is courtesy of a colleague and friend Frank Liao.

[link link link]

Design the Application Architecture

  • Plan the application layers.

    • This objective may include but is not limited to: plan data access; plan for separation of concerns; appropriate use of models, views, and controllers; choose between client-side and server side processing; design for scalability

  • Design a distributed application. [link]

    • This objective may include but is not limited to: design a hybrid application (on premise vs. off premise, including Windows Azure) [link link]; plan for session management in a distributed environment; plan web farms

  • Design and implement the Windows Azure role life cycle. [link link link link]

    • This objective may include but is not limited to: identify and implement Start, Run, and Stop events [link link];identify startup tasks (IIS configuration [app pool] [link], registry configuration [link], third-party tools [link]) [link]

  • Configure state management.

    • This objective may include but is not limited to: choose a state management mechanism (in-process and out of process state management, ViewState); plan for scalability; use cookies or local storage to maintain state; apply configuration settings in web.config file; implement sessionless state (for example, QueryString) [link]

  • Design a caching strategy.

    • This objective may include but is not limited to: implement page output caching (performance oriented); implement data caching; implement HTTP caching

  • Design and implement a Web Socket strategy. [link]

    • This objective may include but is not limited to: read and write string and binary data asynchronously (long-running data transfers); choose a connection loss strategy; decide a strategy for when to use Web Sockets

  • Design HTTP modules and handlers. [link link]

    • This objective may include but is not limited to: implement synchronous and asynchronous [link link] modules and handlers; choose between modules and handlers in IIS [link]

Design the User Experience

  • Apply the user interface design for a web application.

    • This objective may include but is not limited to: create and apply styles by using CSS; structure and lay out the user interface by using HTML; implement dynamic page content based on a design

  • Design and implement UI behavior.

    • This objective may include but is not limited to: implement client validation; use JavaScript and the DOM to control application behavior; extend objects by using prototypal inheritance; use AJAX to make partial page updates [link]; implement the UI by using JQuery

  • Compose the UI layout of an application.

    • This objective may include but is not limited to: implement partials for reuse in different areas of the application [link]; design and implement pages by using Razor templates (Razor view engine) [link link]; design layouts to provide visual structure; implement master/application pages [link]

  • Enhance application behavior and style based on browser feature detection. [link link link link]

    • This objective may include but is not limited to: detect browser features and capabilities; create a web application that runs across multiple browsers and mobile devices; enhance application behavior and style by using vendor-specific extensions, for example, CSS

  • Plan an adaptive UI layout.

    • This objective may include but is not limited to: plan for running applications in browsers on multiple devices (screen resolution, CSS, HTML); plan for mobile web applications [link]

Develop the User Experience

  • Plan for search engine optimization and accessibility.[link]

    • This objective may include but is not limited to: use analytical tools to parse HTML; view and evaluate conceptual structure by using plugs-in for browsers [link]; write semantic markup (HTML5 and ARIA) for accessibility, for example, screen readers [link link]

  • Plan and implement globalization and localization. [link link link link link]

    • This objective may include but is not limited to: plan a localization strategy; create and apply resources to UI including JavaScript resources; set cultures; create satellite resource assemblies

  • Design and implement MVC controllers and actions.

    • This objective may include but is not limited to: apply authorization attributes [link] and global filters [link link]; implement action behaviors [link link]; implement action results [link]; implement model binding [link]

  • Design and implement routes. [link link link link]

    • This objective may include but is not limited to: define a route to handle a URL pattern [link]; apply route constraints [link link]; ignore URL patterns [link]; add custom route parameters [link]; define areas [link]

  • Control application behavior by using MVC extensibility points.

    • This objective may include but is not limited to: implement MVC filters [link link] and controller factories [link link]; control application behavior by using action results [link link], viewengines [link], model binders [link], and route handlers [link]

  • Reduce network bandwidth.

    • This objective may include but is not limited to: bundle and minify scripts (CSS and JavaScript) [link link]; compress and decompress data (using gzip/deflate; storage) [link]; plan a content delivery network (CDN) strategy, for example, Windows Azure CDN [link]

Troubleshoot and Debug Web Applications

  • Prevent and troubleshoot runtime issues.

    • This objective may include but is not limited to: troubleshoot performance, security, and errors;implement tracing, logging (including using attributes for logging) [link], and debugging (including IntelliTrace) [link link]; enforce conditions by using code contracts [link link]; enable and configure health monitoring (including Performance Monitor) [link]

  • Design an exception handling strategy. [link link]

    • This objective may include but is not limited to: handle exceptions across multiple layers; display custom error pages using global.asax or creating your own HTTPHandler or set web.config attributes; handle first chance exceptions

  • Test a web application.

    • This objective may include but is not limited to: create and run unit tests, for example, use the Assert class, create mocks; create and run web tests

  • Debug a Windows Azure application.

    • This objective may include but is not limited to: collect diagnostic information by using Windows Azure Diagnostics API Implement on demand vs. scheduled; choose log types, for example, event logs, performance counters, and crash dumps [link]; debug a Windows Azure application by using IntelliTrace [link] and Remote Desktop Protocol (RDP) [link link]

Design and Implement Security

  • Configure authentication.

    • This objective may include but is not limited to: authenticate users; enforce authentication settings; choose between Windows [link], Forms [link link], and custom [link] authentication; manage user session by using cookies [link]; configure membership providers [link]; create custom membership providers [link]

  • Configure and apply authorization. [link]

    • This objective may include but is not limited to: create roles; authorize roles by using configuration; authorize roles programmatically ; create custom role providers [link link]; implement WCF service authorization [link link]

  • Design and implement claims-based authentication across federated identity stores. [link]

    • This objective may include but is not limited to: implement federated authentication by using Windows Azure Access Control Service [link]; create a custom security token by using Windows Identity Foundation [link]; handle token formats (for example, oAuth, OpenID, LiveID, and Facebook) for SAML and SWT tokens [link link link link]

  • Manage data integrity. [link]

    • This objective may include but is not limited to: apply encryption to application data [link]; apply encryption to the configuration sections of an application [link]; sign application data to prevent tampering [link]

  • Implement a secure site with ASP.NET. [link]

    • This objective may include but is not limited to: secure communication by applying SSL certificates; salt and hash passwords for storage [link link]; use HTML encoding to prevent cross-site scripting attacks (ANTI-XSS Library) [link link]; implement deferred validation [link] and handle unvalidated requests [link], for example, form, querystring, and URL [link]; prevent SQL injection attacks by parameterizing queries [link]; prevent cross-site request forgeries (XSRF) [link]

Share