What is .Net?
The Microsoft.NET is Microsoft’s application development platform that enables developers to easily create Windows applications, web applications, and web services using a myriad of different programming languages, and without having to worry about low-level details like memory management and processor-specific instructions.
What is the .NET Framework?
The .NET Framework is a development and execution environment that allows different programming languages & libraries to work together seamlessly to create Windows, Web, or Mobile applications that are easier to build, manage, deploy, and integrate with other networked systems or as standalone applications.
The .NET Framework consists of:
The Common Language Runtime (CLR)
A language-neutral development & execution environment that provides services to help “manage” application execution
The Framework Class Libraries (FCL)
A consistent, object-oriented library of prepackaged functionality.
What is CLR (Common Runtime Language)?
.NET programs are compiled by the language compilers into assemblies that consist of Microsoft Intermediate Language (MSIL) instructions. Microsoft Intermediate Language (MSIL) is a CPU-independent set of instructions that can be efficiently converted to native code.
Common Language Runtime shortly called as CLR provides a universal execution engine for .NET applications and it is provided by the .NET Framework. A runtime is an environment in which programs are executed. The CLR is therefore an environment in which we can run our .NET applications that have been compiled to MSIL.
It provides a number of services, including the following:
Code management (loading and execution)
Application memory isolation
Verification of type safety
Conversion of IL to native code
Access to metadata (enhanced type information)
Managing memory for managed objects
Enforcement of code access security
Exception handling, including cross-language exceptions
Interoperation between managed code, COM objects, and pre-existing DLLs (unmanaged code and data)
Automation of object layout
Support for developer services (profiling, debugging, and so on)
What is CTS (Common Type System)?
The common type system defines how types are declared, used, and managed in the runtime, and is also an important part of the runtime’s support for cross-language integration. The Common type system performs the following functions:
Establishes a framework that helps enable cross-language integration, type safety, and high performance code execution.
Provides an object-oriented model that supports the complete implementation of many programming languages.
Defines rules that languages must follow, which helps ensure that objects written in different languages can interact with each other.
What is garbage collection (GC)?
Garbage collection (GC) is an automatic memory management mechanism that allows the computer to detect when an object can no longer be accessed. It then automatically releases the memory used by that object (as well as calling a clean-up routine, called a “finalizer,” which is written by the user). Some garbage collectors, like the one used by .NET, compact memory and therefore decrease your program’s working set.
So the garbage collection in the Microsoft .NET common language runtime environment completely absolves the developer from tracking memory usage and knowing when to free memory. The garbage collector checks to see if there are any objects in the heap that are no longer being used by the application. If such objects exist, then the memory used by these objects can be reclaimed.
What is MSIL (Microsoft Intermediate Language)?
.NET programs are compiled by the language compilers into assemblies that consist of Microsoft Intermediate Language (MSIL) instructions. Microsoft Intermediate Language (MSIL) is a CPU-independent set of instructions that can be efficiently converted to native code.
MSIL includes instructions for loading, storing, initializing, and calling methods on objects, as well as instructions for arithmetic and logical operations, control flow, direct memory access, exception handling, and other operations.
Before you can run Microsoft intermediate language (MSIL), it must be converted by a .NET Framework just-in-time (JIT) compiler to native code, which is CPU-specific code that runs on the same computer architecture as the JIT compiler.
When you run your program, the MSIL is compiled again, using the Just In Time (JIT) compiler (a process often called Jiting ). The result is machine code, executed by the machine’s processor.
What is CLS Common Language Specification?
Common Language Specification – CLS are the specification laid out for any new language to adapt to the .NET platform. It is a sort of guidelines that are laid to which a language should adhere to be called to support .NET.
So the Common Language Specification is a set of constructs and constraints that serves as a guide for library writers and compiler writers. It allows libraries to be fully usable from any language supporting the CLS, and for those languages to integrate with each other. The Common Language Specification is a subset of the common type system (CTS).
What is Namespace?
Namespace is a group of classes, structures, interfaces, enumerations, and delegates, organized in a logical hierarchy by function, that enable you to access the core functionality you need in your applications.
Namespaces are the way that .NET avoids name clashes between classes. A namespace is no more than a grouping of data types, but it has the effect that the names of all data types within a namespace automatically get prefixed with the name of the namespace. It is also possible to nest namespaces within each other.
Each namespace in the FCL can contain multiple namespaces, or they can contain classes that expose properties and methods that you call in your applications. The namespaces within the FCL are grouped by the functionality they provide, which makes it very easy to find what you’re looking for.
Explain the security features implemented by CLR?
In Microsoft.Net the use of an intermediate language coupled with the run-time environment provided by the Common Language Runtime offers assembly developers immediate security advantages.
File format and metadata validation
The Common Language Runtime verifies that the PE file format is valid and that addresses do not point outside of the PE file. This helps provide assembly isolation. The Common Language Runtime also validates the integrity of the metadata that is contained in the assembly.
Code verification
The MSIL code is verified for type safety at JIT compile time. This is a major plus from a security perspective because the verification process can prevent bad pointer manipulation, validate type conversions, check array bounds, and so on. This virtually eliminates buffer overflow vulnerabilities in managed code, although developers still need to carefully inspect any code that calls unmanaged application programming interfaces (APIs) for the possibility of buffer overflow.
Integrity checking
The integrity of strongly named assemblies is verified using a digital signature to ensure that the assembly has not been altered in any way since it was built and signed. This means that attackers cannot alter source code in any way by directly manipulating the MSIL instructions. Also, code runs only against the specific version of a library it was designed for. This prevents version-compatibility surprises as libraries are updated.
Code access security
The virtual execution environment provided by the Common Language Runtime allows additional security checks to be performed at runtime. Specifically, code access security can make various run-time security decisions based on the identity of the calling code.
What is Code Access Security in .Net framework?
Code access security authorizes code when it attempts to access secured resources, such as the file system, registry, network, other .NET assemblies and so on, or when it attempts to perform other privileged operations, such as calling unmanaged code or using reflection.
Code access security is an important additional defense mechanism that developers can use to provide constraints on a piece of code. An administrator can configure code access security policy to restrict the resource types that code can access and the other privileged operations it can perform. From a Web application standpoint, this means that in the event of a compromised process where an attacker takes control of a Web application process or injects code to run from inside the process, the additional constraints that code access security provides can limit the damage that can be done.
In .Net Framework; the authentication (identification) of code is based on evidence about the code, for example, its strong name, publisher, or installation directory. Authorization is based on the code access permissions granted to code by security policy.
What is an application domain?
An application domain (often AppDomain) is a virtual process that serves to isolate an application. All objects created within the same application scope (in other words, anywhere along the sequence of object activations beginning with the application entry point) are created within the same application domain. Multiple application domains can exist in a single operating system process, making them a lightweight means of application isolation.
An OS process provides isolation by having a distinct memory address space. While this is effective, it is also expensive, and does not scale to the numbers required for large web servers. The Common Language Runtime (CLR), on the other hand, enforces application isolation by managing the memory use of code running within the application domain. This ensures that it does not access memory outside the boundaries of the domain. It is important to note that only type-safe code can be managed in this way (the runtime cannot guarantee isolation when unsafe code is loaded in an application domain).
What are Generics in .Net framework 2.0?
Generics are related to the idea of Templates in C++. They permit classes, structs, interfaces, delegates, and methods to be parameterized by the types of data they store and manipulate. Without generics, general purpose methods or data structures (like Lists, Stacks, etc.) typically use the built-in Object type to store data of any type. While the use of the built-in Object type makes the implementation very flexible, it has drawbacks with regards to Performance and Type Safety.
For example, it is possible to use any user defined type, e.g. TeacherClass, as a parameter in calls to these general purpose classes. However, the general purpose data structures cannot be sure that the type passed in is what is expected. If it is not, it frequently results in ugly runtime errors in the application. Also, if the type is returned from the method call after processing, the result must explicitly be cast back to the appropriate type, which adds further overhead. Generics provide a way to create strongly typed parameters, allowing reuse of the general purpose routine without the associated type safety issues and the overhead of run-time type checking. Generics are available to any .NET language in the .NET Framework 2.0.
The post Top .Net Framework interview Questions & Answers appeared first on IQ Online Training.