Codechef4u is a community for computer professionals,by computer professionals,just like you; who loves sharing and helping each others,Join them
Share your post

State management interview questions part 2

State management interview questions part 2

11.  What is Query string?

A query string is information that is appended to the end of a page URL.

Example: &lastName=kendre

12.  What is application state?

Application state is a global storage mechanism that is accessible from all pages in the Web application. Thus, application state is useful for storing information that needs to be maintained between server round trips and between requests for pages.

13.  What is Session state?

ASP.NET allows you to save values by using session state — which is an instance of the HttpSessionState class — for each active Web-application session.

14.  What is Profile Properties?

ASP.NET provides a feature called profile properties, which allows you to store user-specific data. This feature is similar to session state, except that the profile data is not lost when a user's session expires. The profile-properties feature uses an ASP.NET profile, which is stored in a persistent format and associated with an individual user.

15.  What is Session?

As we know, HTTP is a stateless protocol; it can't hold client information on a page. Session provides a facility to store information on server memory. It can support any type of object to store along with our own custom objects. For every client, session data is stored separately, which means session data is stored on a per client basis.

16.  What are Advantages and disadvantages of Session?


1. It helps maintain user state and data all over the application.
2. It is easy to implement and we can store any kind of object.
3. Stores client data separately.
4. Session is secure and transparent from the user.


1. Performance overhead in case of large volumes of data/user, because session data is stored in server memory.
2. Overhead involved in serializing and de-serializing session data, because in the case of StateServer and SQLServer session modes, we need to serialize the objects before storing them.


17. Explain in detail Session state modes?

Session state supports three modes:

1.  InProc

2.  State Server

3.  SQL Server

InProc Mode

1. This mode stores the session data in the ASP.NET worker process.
2. This is the fastest among all of the storage modes.
3. This mode effects performance if the amount of data to be stored is large.
4. If ASP.NET worker process recycles or application domain restarts, the session state will be lost.

State Server mode

1. In this mode, the session state is serialized and stored in memory in a separate process.
2. State Server can be maintained on a different system.
3. State Server mode involves overhead since it requires serialization and de-serialization of objects.
4. State Server mode is slower than InProc mode as this stores data in an external process.

SQL Server Mode

In this storage mode, the Session data is serialized and stored in a database table in the SQL Server database.

1. This is reliable and secures storage of a session state.
2. This mode can be used in the web farms.
3. It involves overhead in serialization and de-serialization of the objects.
4. SQL Server is more secure than the InProc or the State server mode.


18. What is Session Identifier?


Session Identifier is used to identify session; it uses SessionID property to identify session.


When a page is requested, browser sends a cookie with a session identifier. This identifier is used by the web server to determine if it belongs to an existing session. If not, a Session ID (120 - bit string) is generated by the web server and sent along with the response.


19.  What do you understand by StateServer(Out-Proc) mode?

1. StateServer session mode is also called Out-Proc session mode.
2. StateServer uses a stand-alone Windows Service which is independent of IIS and can also be run on a separate server. This session state is totally managed by aspnet_state.exe.
3. This server may run on the same system, but it's outside of the main application domain where your web application is running. This means if you restart your ASP.NET process, your session data will still be alive


20.  Under StateServer(Out-Proc) mode the session state is managed by?>


< >

State management interview questions part 1

State management interview questions part 1

1.  What is State Management?

State management is a mechanism to preserve state (i.e. state of a webpage, a control or an object etc.) between subsequent requests to server from one or more clients. HTTP is a stateless protocol by nature reason state management required.

In ecommerce application how you can get current cart added product details or order details on confirmation page, simply solution is using state management.


2.  What are client based state management options?

The following list of state management options that involve storing information either in the page or on the client computer.

1. View state
2. Control state
3. Hidden fields
4. Cookies
5. Query strings

3.  What are server side state management options?

The following list of state managment is ways to maintain state information on the server.

1. Application state
2. Session state
3. Profile Properties

4.  What is the difference between Session.Clear() and Session.Abandon() in ASP.NET?

As we understand that Session is a Collection and it stores data as Key/Value pair. So,

 1. Session.Clear() clears all the session values but doesn't destroy the Session. however,
 2. Session.Abandon() destroys the session object.

In other words, Session.Clear() is like deleting all files inside a folder (say "Root") but Session.Abandon() means deleting the "Root" folder.

5.  Can we Enable/Disable ViewState?

Yes, you can enable disable ViewState with different levels

Control Level:

ViewState for a specific control can be enabled or disabled by setting EnableViewState property as follows:

aControl.EnableViewState = false;

Page Level :

We can enable/disable ViewState for a complete page as follows:

<%@ Page Language="C#" EnableViewState="false" %>

Application Level:

For whole application, we can enable/disable views in configuration file as follows:

  <pages enableViewState="false">

6.  What is stateless and statefull?


A stateless protocol is a communication protocol treats each request as independent transaction and not related to any previous requests.


A protocol which requires keeping of the internal state on the server is known as a statefull protocol.

7.   What is View state?

It is the mechanism or method that the ASP.NET page framework uses to preserve page and control values between round trips.

This provides a dictionary object for retaining values between multiple requests for the same page.
This is the default method that the page uses to preserve page and control property values between round trips.

8.   What is Control state?

The ControlState property allows you to persist property information that is specific to a control and cannot be turned off like the ViewState property.

9.   What is Hidden field?

Hidden field control is used to store information, which renders as a standard HTML hidden field. When a page is submitted to the server, the content of a hidden field is sent in the HTTP form collection along with the values of other controls.

10.  What is Cookie?

A cookie is a small amount of data that is stored either in a text file on the client file system or in-memory in the client browser session. It contains site-specific information that the server sends to the client along with page output. Cookies can be temporary (with specific expiration times and dates) or persistent.

< > 

Web.Config Interview Questions and Answers Part I

Web.Config Interview Questions and Answers Part I

1.  What is Web.Config?

Web.config is main settings and configuration file for an ASP.NET and MVC web applications. It is an XML document that resides in the root directory of the site or application. Web.config contains all application settings and decides how the web application will act.

2.  What can be stored in Web.config file?

There are number of important settings that can be stored in the configuration file. Here are some of the most frequently used configurations, stored conveniently inside Web.config file..

a.      Database connections.
b.      Session States
c.      Error Handling (CustomError Page Settings.)
d.      Security (Authentication modes)

3.   What is the use of customErrors tag in web.config file?

CustomErrors tag provides information about custom error messages for an ASP.NET application. The customErrors element can be defined at any level in the application file hierarchy.


   <customErrors defaultRedirect="/testApp/resources/error/ErrorAppLevel.aspx" mode="On">
      <error redirect="/testApp/resources/error/Error404.aspx" statusCode="404" />

The customErrors section consists of defaultRedirect and mode attributes which specify the default redirect page and the on/off mode respectively.

The subsection of customErrors section allows redirecting to specified page depending on the error status code.

Status Codes details:

a. 400: Bad Request
b. 401: Unauthorized access
c. 404:  Not Found

4.   How to Encrypt/Decrypt the web.config file in .NET?

You can Encrypt/Decrypt web.config or any other configuration files, there are two options to complete this task

1.   Using protected configuration classes in the System.Configuration namespace to encrypt and decrypt sections of a Web configuration file.
2.   You can use the ASP.NET IIS Registration Tool (Aspnet_regiis.exe) to encrypt or decrypt sections of a Web configuration file.

ASP.NET will automatically decrypt encrypted configuration elements when the Web.config file is processed.

5.   How to use two connection strings on development vs production?

Visual Studio has a best feature that allows you to have more than one Web.Config file for different environments.Web.Config transformations in Visual Studio  allow you to override Web.config settings based on Solution configuration (Debug / Release).

 However, you might want to have a different Web.Config file for each environment - for example Web.Staging.Config or Web.Live.Config. The best thing about this feature is that it is easy to set up and you can be up and running in no time.

For more details …

6. Leaving Tracing Enabled in Web-Based Applications is good practice?

Unfortunately tracing enabled in production environment is dangerous because it is also one of the most useful tools that a hacker can use to attack your applications.

Typical misconfiguration:

trace enabled="true" localOnly="false"/>

Secure use:

trace enabled="false" localOnly="true"/>


7.  Does web.config file case-sensitive?

Yes,web.config file is case-sensitive.

8.  Explain <authentication /> element in Web.config?

Configures ASP.NET authentication support. This element can be declared only at the machine, site, or application level.

A.  Windows
B.  Forms
C.  Passport
D.  None



    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" timeout="2880" defaultUrl="~/" />


9.  Can one directory contain multiple web.config files?

No. One directory can contain only one file.

10.  Leaving cookieless Session State Enabled is good practice?

Allowing session storing in the page URLs is dangerous because side effect of making those applications much more vulnerable to session hijacking attacks.

Secure Use 

sessionState cookieless="UseCookies"/>

< >