For more environment-specific settings in an ASP.NET Core application, one might use files like appsettings.__________.json.

  • development
  • production
  • environment
  • config
In ASP.NET Core, environment-specific settings can be stored in JSON configuration files named appsettings.{EnvironmentName}.json. These files allow you to configure settings specific to different environments like development, production, or any custom environment you define.

You're working on an enterprise application where specific endpoints should be accessible only to users from the "HR" and "Admin" departments. How would you enforce this using the [Authorize] attribute?

  • Define an authorization policy that checks the user's department and apply it using the [Authorize] attribute.
  • Create a custom attribute for HR and Admin access and use it on the controller actions.
  • Use role-based authorization and assign roles to users based on their department.
  • Use URL-based access control by including department information in the route.
To restrict access to specific departments, you can define an authorization policy that checks the user's department and apply it using the [Authorize] attribute. This allows you to control access at the action level based on the user's department affiliation.

In ASP.NET Core Razor views, what's the role of the AntiForgeryToken?

  • To protect against Cross-Site Request Forgery (CSRF) attacks
  • To encrypt sensitive form data
  • To validate user credentials
  • To enhance page load performance
The AntiForgeryToken in ASP.NET Core Razor views is primarily used to protect against Cross-Site Request Forgery (CSRF) attacks. It generates a hidden form field containing a token that is validated on the server when the form is submitted. This ensures that the form submission originates from a trusted source, preventing unauthorized actions.

How can you override or bypass the [Authorize] attribute applied at the controller level for a specific action?

  • [AllowAnonymous] attribute
  • [Authorize(Roles = "Admin")]
  • [IgnoreAuthorization] attribute
  • [SkipAuthorization] attribute
You can override or bypass the [Authorize] attribute applied at the controller level for a specific action by using the [AllowAnonymous] attribute on that specific action. This attribute allows unauthenticated access to the action, even if the controller has a broader authorization policy.

In scenarios where the database schema and model are out of sync, developers can use _________ in Entity Framework Core to reconcile differences.

  • Migrations
  • Code-First Approach
  • Code-First Migrations
  • Scaffolding
Developers can use "Migrations" in Entity Framework Core to reconcile differences between the database schema and the data model. Migrations enable you to evolve the database schema over time while keeping it in sync with your application's data model.

When working with model validation in Razor forms, which Razor tag helper can be used to display validation messages for a specific property?

  • validation-for
  • validation-summary
  • model-validation
  • input-validation
In Razor forms, you can use the validation-for Razor tag helper to display validation messages for a specific property. This tag helper generates HTML markup that shows validation messages associated with a model property. It's a handy tool for providing feedback to users when form validation fails for a particular field.

While browsing through an ASP.NET Core project, you notice that some HTML files have a .cshtml extension. What are these files called in the context of ASP.NET Core?

  • Razor Views
  • Web Forms
  • HTML Templates
  • XML Documents
Files with a .cshtml extension in an ASP.NET Core project are called Razor Views. Razor is a view engine that allows you to embed C# code within HTML to generate dynamic content. These files are responsible for rendering the HTML output for the web application.

You are tasked with setting up an ASP.NET Core environment on a Linux machine. What steps would be essential to ensure the application can be developed, built, and run seamlessly?

  • Install .NET Runtime
  • Configure IIS
  • Set Up Visual Studio
  • Configure NGINX
On a Linux machine, the essential step is to install the .NET Runtime to enable ASP.NET Core development. Unlike Windows, IIS is not typically used on Linux, and Visual Studio is primarily a Windows IDE. NGINX is a web server and reverse proxy but isn't required for setting up a development environment.

For creating custom middleware, the delegate needs to accept a _________ and return a Task.

  • HttpContext
  • HttpRequest
  • HttpResponse
  • CancellationToken
For creating custom middleware in ASP.NET Core, the delegate used in the middleware pipeline should accept an HttpRequest and return a Task. Middleware operates on the incoming request, and by convention, it often manipulates the request and response. Therefore, it takes an HttpRequest as input. The Task return type allows asynchronous operations to be performed in the middleware.

When might you need to apply Identity migrations in ASP.NET Core?

  • When you add or modify user-related data models
  • Only during the initial setup
  • When you want to improve authentication speed
  • When deploying the application
Identity migrations should be applied when you add or modify user-related data models. It's not limited to the initial setup; you should apply migrations whenever there are changes in the Identity-related data structures, such as adding new user properties or changing validation rules.