Question 46 :
What is serialization, how it works in .NET?
Serialization is when you persist the state of an object to a storage medium so an exact copy can be re-created at a later stage.
Serialization is used to save session state in ASP.NET.
Serialization is to copy objects to the Clipboard in Windows Forms
Serialization is used by remoting to pass objects by value from one application domain to another
Question 47 :
What exactly is being serialized when you perform serialization?
The object's state (values)
Question 48 :
How does output caching work in ASP.NET?
Output caching is a powerful technique that increases request/response throughput by caching the content generated from dynamic pages. Output caching is enabled by default, but output from any given response is not cached unless explicit action is taken to make the response cacheable.
To make a response eligible for output caching, it must have a valid expiration/validation policy and public cache visibility. This can be done using either the low-level OutputCache API or the high-level @ OutputCache directive. When output caching is enabled, an output cache entry is created on the first GET request to the page. Subsequent GET or HEAD requests are served from the output cache entry until the cached request expires.
The output cache also supports variations of cached GET or POST name/value pairs.
The output cache respects the expiration and validation policies for pages. If a page is in the output cache and has been marked with an expiration policy that indicates that the page expires 60 minutes from the time it is cached, the page is removed from the output cache after 60 minutes. If another request is received after that time, the page code is executed and the page can be cached again. This type of expiration policy is called absolute expiration - a page is valid until a certain time.
Question 49 :
What is connection pooling and how do you make your application use it?
Opening database connection is a time consuming operation.
Connection pooling increases the performance of the applications by reusing the active database connections instead of create new connection for every request.
Connection pooling Behaviour is controlled by the connection string parameters.
Follwing the the 4 parameters that control most of the connection pooling behaviour.
1. Connect Timeout
2. Max Pool Size
3. Min Pool Size
Question 50 :
What are different methods of session maintenance in ASP.NET?
Session State Service.
Microsoft SQL Server.
The default location for session state storage is in the ASP.NET process itself.
Session State Service
As an alternative to using in-process storage for session state, ASP.NET provides the ASP.NET State Service. The State Service gives you an out-of-process alternative for storing session state that is not tied quite so closely to ASP. Net's own process.
To use the State Service, you need to edit the sessionState element in your ASP.NET application's web.config file:
You'll also need to start the ASP.NET State Service on the computer that you specified in the stateConnectionString attribute. The .NET Framework installs this service, but by default it's set to manual startup. If you're going to depend on it for storing session state, you'll want to change that to automatic startup by using the Services MMC plug-in in the Administrative Tools group.
If you make these changes, and then repeat the previous set of steps, you'll see slightly different behavior: session state persists even if you recycle the ASP.NET process.
There are two main advantages to using the State Service. First, it is not running in the same process as ASP.NET, so a crash of ASP.NET will not destroy session information. Second, the stateConnectionString that's used to locate the State Service includes the TCP/IP address of the service, which need not be running on the same computer as ASP.NET. This allows you to share state information across a web garden (multiple processors on the same computer) or even across a web farm (multiple servers running the application). With the default in-process storage, you can't share state information between multiple instances of your application.
The major disadvantage of using the State Service is that it's an external process, rather than part of ASP.NET. That means that reading and writing session state is slower than it would be if you kept the state in-process. And, of course, it's one more process that you need to manage. As an example of the extra effort that this can entail, there is a bug in the initial release of the State Service that allows a determined attacker to crash the ASP.NET process remotely. If you're using the State Service to store session state, you should install the patch from Microsoft Security Bulletin MS02-66, or install SP2 for the .NET Framework.
Microsoft SQL Server
The final choice for storing state information is to save it in a Microsoft SQL Server database. To use SQL Server for storing session state, you need to perform several setup steps:
Run the InstallSqlState.sql script on the Microsoft SQL Server where you intend to store session state. This script will create the necessary database and database objects. The .NET Framework installs this script in the same folder as its compilers and other toolsâ€“for example, C:\WINNT\Microsoft.NET\Framework\v1.0.3705 on a Windows 2000 computer with the 1.0 version of the Framework. Edit the sessionState element in the web.config file for your ASP.NET application as follows:
Supply the server name, user name, and password for a SQL Server account that has access to the session state database in the sqlConnectionString attribute.
Like the State Service, SQL Server lets you share session state among the processors in a web garden or the servers in a web farm. But you also get the additional benefit of persistent storage. Even if the computer hosting SQL Server crashes and is restarted, the session state information will still be present in the database, and will be available as soon as the database is running again. That's because SQL Server, being an industrial-strength database, is designed to log its operations and protect your data at (almost) all costs. If you're willing to invest in SQL Server clustering, you can keep the session state data available transparently to ASP.NET even if the primary SQL Server computer crashes.
Like the State Service, SQL Server is slower than keeping session state in process. You also need to pay additional licensing fees to use SQL Server for session state in a production application. And, of course, you need to worry about SQL Server-specific threats such as the "Slammer" worm.