Preparing For and Investigating Application Issues (15%)
Choose a testing methodology
This objetive may include but is not limited to: black box, integration, regression, coverage, API testing, performance testing, security testing
Black Box
Black box testing. This approach tests all possible combinations of end-user actions. Black box testing assumes no knowledge of code and is intended to simulate the end-user experience. You can use sample applications to integrate and test the application block for black box testing. You can begin planning for black box testing immediately after the requirements and the functional specifications are available.
http://en.wikipedia.org/wiki/Black-box_testing
Integration
http://en.wikipedia.org/wiki/Integration_testing
http://msdn.microsoft.com/en-us/library/aa292128(VS.71).aspx
Regression
http://en.wikipedia.org/wiki/Regression_testing
http://msdn.microsoft.com/en-us/library/aa292167(VS.71).aspx
Coverage
http://en.wikipedia.org/wiki/Code_coverage
http://msdn.microsoft.com/en-us/library/ms182496(VS.100).aspx
API testing
http://msdn.microsoft.com/en-us/library/cc300143.aspx
Performance testing
http://en.wikipedia.org/wiki/Software_performance_testing
http://msdn.microsoft.com/en-us/library/bb924375.aspx
Security testing
http://msdn.microsoft.com/en-us/magazine/cc507646.aspx
This objective does not include: load testing, Web testing, unit testing
Design an exception handling strategy
This objetive may include but is not limited to: HandleError attibute in MVC, common error pages, post-error processing, global vs page level.
HandleError attibute in MVC
The HandleError attribute (which appears on the default controllers in an MVC project) tells the framework that if an unhandled exception occurs in your controller that rather than showing the default Yellow Screen of Death it should instead serve up a view called Error. The controller-specific View folder will be checked first (eg. Views/Home/Error.aspx) and if it's not found, the Shared folder (Views/Home/Error.aspx) will be used.
http://weblogs.asp.net/scottgu/archive/2008/07/14/asp-net-mvc-preview-4-release-part-1.aspx
Common error pages
http://aspalliance.com/1008_Working_with_Custom_Error_Pages_Using_ASPNET.5
Post-error processing
Global vs. page level
http://www.15seconds.com/issue/030102.htm
Recommend and approach to debugging
This objetive may include but is not limited to: tools and approaches for a given scenario (for example, memory dumps, DebuggingAttributes, crashes vs hangs, deadlocks, assembly binding), when to attack a process (visual Studio Development Server vs. IIS vs. Internet Explorer), root cause analisys.
The objetive doesn’t include: basic breakpoints
Memory dumps
DebuggingAttributes
Crashes vs. hangs
Deadlocks
Asembly bindings
Root cause analisys
Recommend an approach to performace issues.
This objetive may include but is not limited to: wich instrumentation to watch or create, (including performance counters and event tracking) to analyze performance issues, page and fragment caching.
Designing Security Achitecture and Implementation (17%)
Plan for operational security
This objetive may include but is not limited to: approaches for process; and resource-level security, including local and remote resources; Code-Access Security (CAS), including trust level, process identity, application pool, and identity tag.
Approaches for process
http://msdn.microsoft.com/en-us/magazine/ee819091.aspx
Resource-level security
Code-Access Security (CAS)
http://en.wikipedia.org/wiki/Code_Access_Security
http://msdn.microsoft.com/en-us/library/930b76w0.aspx
Important!! Security changes in .Net 4
http://msdn.microsoft.com/en-us/library/dd233103(VS.100).aspx
Design and authentication and authorization model
This objetive may include but is not limited to: authentication providers, including WindowsForms, and custom user identity flowthrough (for example, trusted subsystem), role management, membership providers, URL authorization (for example, AuthorizationAttribute), file authorization, Authorization Manager (AzMan)
Authentication providers
http://msdn.microsoft.com/en-us/library/9wff0kyh(VS.100).aspx
Role management
http://msdn.microsoft.com/en-us/library/5k850zwb(VS.100).aspx
Membership provider
http://msdn.microsoft.com/en-us/library/tw292whz(VS.100).aspx
URL Athorization
http://msdn.microsoft.com/en-us/library/wce3kxhd(VS.100).aspx
AzMan
http://msdn.microsoft.com/en-us/library/ms998336.aspx
Plan for minimizing attack surfaces
This objetive may include but is not limited to: input validation, throttling inputs, request filtering, where to use Secure Sockets Layer (SSL)
Input validation (buscar material mas moderno)
http://msdn.microsoft.com/en-us/library/ms972961.aspx
Throttling inputs
Request filtering
http://msdn.microsoft.com/en-us/library/system.web.httprequest.filter(VS.100).aspx
SSL
http://en.wikipedia.org/wiki/HTTP_Secure
Designing Data Strategies and Structures (18%)
Index
Parte 0 | Parte 1 | Parte 2 | Parte 3a | Parte 3b
Design data access
This objetive may include but is not limited to: choosing data access technologies such as ADO.Net Data Services, Entity Framework, Windows Communications Foundation (WCF), and ASP.NET Web Services.ADO.NET Data ServicesEntity FrameworkWindows Communication Fourndation (WCF)ASP.Net Web Services
Design data presentation and interaction
This objetive may include but is not limited to: pulling data from data layer and binding into views, pages and controls, and poulling data back to data layer by using ModelBinders, data source controls, and HtmlHelper extensions, or programmatically.
Bindings
http://msdn.microsoft.com/en-us/magazine/ee819084.aspx
ModelBinders
http://msdn.microsoft.com/en-us/library/dd410405(VS.100).aspx
http://www.microsoft.com/belux/msdn/nl/chopsticks/default.aspx?id=798
Data source controls
http://aspnet.4guysfromrolla.com/articles/011106-1.aspx
HtmlHelper extensions
http://blogs.microsoft.co.il/blogs/gilf/archive/2009/01/13/extending-asp-net-mvc-htmlhelper-class.aspx
Plan for data validation
This objetive may include but is not limited to: contextual validation vs. data integrity, where to validate data, synchronisation between UI and data layer, data annotations.
Synchro between UI and data layer
|
Ya van cinco post, creo que tengo posibilidades de llegar a prepar
ar el examen. Lo que me he dado cuenta que los post se van convirtiendo mas en una especie de wiki que vuelvo y los updateo constantemente que en un blog en si. por lo que si existe una propuesta de armar esto de alguna otra forma es bienvenido.
Index
Parte 0 | Parte 1 | Parte 2 | Parte 3a | Parte 3b
Designing the User Experience (17%)
Index
Parte 0 | Parte 1 | Parte 2 | Parte 3a
Plan for cross-browser and/or form factors
This objective may include but is not limited to: evaluating the impact on client side behaviors, themes, bandwidth, style sheets (including application design - task based or scaled rendering of existing page), when to apply Browsers file, structural approaches, user agents, different platforms (mobile vs. desktop)
Evaluating the impact on
- client side behaviors
- themes
- bandwidht
- style sheets
Plan for globalization
This objective may include but is not limited to: designing to support local, regional, language, or cultural preferences, including UI vs. data localization (for example, implementing at database level or resource level), when to use CurrentCulture vs. CurrentUICulture, globalization rollout plan (for example, setting base default language, planning localization), handling Unicode data (for example, what fields to include, request encoding), right-to-left support, vertical text and non-Latin topographies, calendars, data formatting, sorting
UI Localization
Data Localization
Resources
CurrentCulture vs. CurrentUICulture
Planning localization
Unicode
righ-to-left support
Vertical text Non-Latin typos
Calendars / Data formatting
Sorting
Designing the User Experience (17%)
Index
Parte 0 | Parte 1 | Parte 2
Design the site structure.
This objective may include but is not limited to: designing application segmentation for manageability and security (for example, using areas, shared views, master pages, and nested master pages), appropriate use of style sheets, client-side scripting, themes, client ID generation, rendering element modes, routing engine
Una digresión, leamos un poco sobre UX http://en.wikipedia.org/wiki/User_experience
Materiales
Una pagina interesante para ver los cambios de Asp.Net 4 y que nos va a ayudar a entender un poco mas estos puntos http://www.asp.net/LEARN/whitepapers/aspnet4/default.aspx
Ahora yendo punto por punto vamos buscando mas material que nos pueda servir para prepararnos mejor.
Areas
Areas let you group controllers and views into sections of a large application in relative isolation from other sections. Each area can be implemented as a separate ASP.NET MVC project that can then be referenced by the main application. This helps manage complexity when you build a large application and makes it easier for multiple teams to work together on a single application.
Shared Views
Master Pages
http://msdn.microsoft.com/en-us/library/wtxbf3hh(VS.100).aspx Nested Master Pages
http://msdn.microsoft.com/en-us/library/x2b3ktt7(VS.100).aspx
Style Sheets
http://www.adobe.com/devnet/dreamweaver/articles/why_css.html
http://msdn.microsoft.com/en-us/library/h4kete56(VS.100).aspx
Client-side scripting
http://msdn.microsoft.com/en-us/library/aa479302.aspx
http://msdn.microsoft.com/en-us/library/aa479011.aspx
http://www.chadmyers.com/Blog/archive/2007/12/13/using-jquery-with-asp.net-mvc.aspx
Themes
http://msdn.microsoft.com/en-us/library/ykzx33wh(VS.100).aspx
Client ID generation
http://msdn.microsoft.com/en-us/library/system.web.ui.control.clientid(VS.100).aspx
http://gerardocontijoch.wordpress.com/2009/06/12/generacion-personalizada-de-ids-en-asp-net-4-0/
Rendering elements modes
By default, when a Web application or Web site targets the .NET Framework 4, the controlRenderingCompatibilityVersion attribute of the pages element is set to "4.0". This element is defined in the machine-level Web.config file and by default applies to all ASP.NET 4 applications:
<system.web>
<pages controlRenderingCompatibilityVersion="3.5|4.0"/>
</system.web>
The value for controlRenderingCompatibility is a string, which allows potential new version definitions in future releases. In the current release, the following values are supported for this property:
- "3.5". This setting indicates legacy rendering and markup. Markup rendered by controls is 100% backward compatible, and the setting of the xhtmlConformance property is honored.
- "4.0". If the property has this setting, ASP.NET Web server controls do the following:
- The xhtmlConformance property is always treated as "Strict". As a result, controls render XHTML 1.0 Strict markup.
- Disabling non-input controls no longer renders invalid styles.
- div elements around hidden fields are now styled so they do not interfere with user-created CSS rules.
- Menu controls render markup that is semantically correct and compliant with accessibility guidelines.
- Validation controls do not render inline styles.
- Controls that previously rendered
border="0" (controls that derive from the ASP.NET Table control, and the ASP.NET Image control) no longer render this attribute.
Routing engine
http://msdn.microsoft.com/en-us/magazine/dd347546.aspx
Continuara….
Plan for cross-browser and/or form factors.
This objective may include but is not limited to: evaluating the impact on client side behaviors, themes, bandwidth, style sheets (including application design - task based or scaled rendering of existing page), when to apply Browsers file, structural approaches, user agents, different platforms (mobile vs. desktop)
Plan for globalization.
This objective may include but is not limited to: designing to support local, regional, language, or cultural preferences, including UI vs. data localization (for example, implementing at database level or resource level), when to use CurrentCulture vs. CurrentUICulture, globalization rollout plan (for example, setting base default language, planning localization), handling Unicode data (for example, what fields to include, request encoding), right-to-left support, vertical text and non-Latin topographies, calendars, data formatting, sorting
Index
Parte 0
Parte 1
Designing the Application Architecture (19%)
Un buen libro del equipo de patterns&practices que nos puede ayudar con esta parte del examen es
http://msdn.microsoft.com/en-us/library/dd673617.aspx
Plan the division of application logic
This objective may include but is not limited to: choosing between client-side and server side processing, planning separation of concern, (for example, partitioning functionality between controllers and evaluating business and data service consumption), planning for long-running processes (for example, synchronous vs. asynchronous)
http://msdn.microsoft.com/en-us/library/428509ah(VS.100).aspx
http://msdn.microsoft.com/en-us/library/ms998548.aspx
http://blogs.msdn.com/diegumzone/archive/2006/10/09/3_2D00_Tier_2C00_-3_2D00_Layer_2C00_-MVC_3A00_-a-Trio-of-Famous-Trios.aspx
Long-running process (synchro vs. asynchro)
http://www.ajaxmatters.com/articles/asp/long_run_process_p1.aspx
http://www.codeproject.com/KB/aspnet/asynctransactionhandler.aspx
Analyze requirements and recommend a system topology
This objective may include but is not limited to: designing interaction between applications, mapping logical design to physical implementation, validating nonfunctional requirements and cross-cutting concerns (for example, communications, operations management, and security), evaluating baseline needs (for example, scale and quality of service)
Cross-cutting concerns
http://msdn.microsoft.com/en-us/library/ee658105.aspx
Evaluating baseline needs
Choose appropriate client-side technologies
This objective may include but is not limited to: JavaScript, ASP.NET AJAX, jQuery, Microsoft Silverlight
JavaScript
http://es.wikipedia.org/wiki/JavaScript
Asp.Net WebForms
http://www.asp.net/web-forms/
Asp.Net MVC
http://www.asp.net/mvc/
JQuery
http://docs.jquery.com/Tutorials
AJAX
http://www.asp.net/ajax/
Silverlight
http://www.silverlight.net/
http://msdn.microsoft.com/en-us/library/dd410060(VS.100).aspx
Choose appropriate server-side technologies
This objective may include but is not limited to: user controls, server controls, partials, custom HtmlHelper extensions, Web parts, inheriting controls, dynamic data controls
User controls
http://msdn.microsoft.com/en-us/library/y6wb1a0e(VS.100).aspx
Server controls
http://msdn.microsoft.com/en-us/library/zt27tfhy(VS.100).aspx
Web parts
http://msdn.microsoft.com/en-us/library/e0s9t4ck(VS.100).aspx
Partials
Custom HtmHelper extensions
http://msdn.microsoft.com/en-us/library/system.web.mvc.htmlhelper(VS.100).aspx
Inheriting controls
http://weblogs.asp.net/cfigueroa/archive/2009/07/28/herencia-visual-asp-net.aspx
dynamic data controls
http://weblogs.asp.net/scottgu/archive/2007/12/14/new-asp-net-dynamic-data-support.aspx
Desing state management
This objective may include but is not limited to: designing an application for the proper use of application state, session state, and request state (for example, ViewState, ControlState, Cache object, cookies, and client-side persistence)
Application state
http://msdn.microsoft.com/en-us/library/ms178594(VS.100).aspx
Session state
http://msdn.microsoft.com/en-us/library/ms178581(VS.100).aspx
Request state ( ViewState, ControlState, Cache object, cookies, and client-side persistence, Velocity)
http://msdn.microsoft.com/en-us/library/bb386448(VS.100).aspx
http://msdn.microsoft.com/en-us/library/z1hkazw7(VS.100).aspx
|
Rol del Web server y protocolo HTTP
El web server responde a llamadas generadas por un browser. La llamada básica es
GET /Default.aspx HTTP/1.1
Host: www.hoversoft.com.ar
En esta llamada por medio del verbo Get el browser le solicita el recurso Default.aspx (pagina por defecto de Asp.Net) del servidor hoversoft utilizando el protocolo HTPP 1.1 (Estandar actual)
El servidor puede responder con un recurso estático y cerrar la conexión (Stateless) o mas actualmente puede dejar información de sesión y la conexión abierta (por ejemplo llamadas mediante AJAX Asynchronous JavaScript and XML)
En este momento es importante revisar los verbos básicos del estandar HTTP 1.1
Los Request y Response son manejados por Asp.Net con wrappers que nos permiten realizar varias acciones con ellos.
La estructura de un response es algo similar a
HTTP/1.1 200 OK
Server: Microsoft/IIS 6.0
Content-Type: text/html
Content-Lenght: 38
<html><body>Hello, World!</body></html>
En la primera línea se encuentra el código de status, los cuales recomiendo conocer al menos los básicos.
En la tercera línea del response tenemos el MIME type, los cuales también es conveniente conocer los tipos básicos.
Se puede utilizar Microsoft Network monitor o un simple Telnet para ver y analizar el flujo de conexiones entre el servidor y el browser.
El examen 70-519 es parte del camino para la MCPD (Microsoft Ceritified Professional Developer). Al ser un examen nuevo no existen aun materiales programáticos para prepararlo. Encontraremos material en el examen 70-562 TS: Microsoft .Net Fameqork 3.5 Asp.Net development, (hay que tener en cuenta que este examen era relacionado al framework 3.5 y se utilizaba la version 2008 del VIsual Studio, mientras que el que voy a preparar utiliza el framework 4 y la version 2010 del Visual Studio)
Por ser un examen beta tengo chance para rendirlo hasta el 30 de abril, pero lo schedulee (valga el anglicismo) para el 20 de abril. Con lo que empecemos.
Guia
| Designing the Application Architecture (19%) -
Plan the division of application logic.
This objective may include but is not limited to: choosing between client-side and server side processing, planning separation of concern, (for example, partitioning functionality between controllers and evaluating business and data service consumption), planning for long-running processes (for example, synchronous vs. asynchronous) - Analyze requirements and recommend a system topology.
This objective may include but is not limited to: designing interaction between applications, mapping logical design to physical implementation, validating nonfunctional requirements and cross-cutting concerns (for example, communications, operations management, and security), evaluating baseline needs (for example, scale and quality of service) - Choose appropriate client-side technologies.
This objective may include but is not limited to: JavaScript, ASP.NET AJAX, jQuery, Microsoft Silverlight - Choose appropriate server-side technologies.
This objective may include but is not limited to: user controls, server controls, partials, custom HtmlHelper extensions, Web parts, inheriting controls, dynamic data controls - Design state management.
This objective may include but is not limited to: designing an application for the proper use of application state, session state, and request state (for example, ViewState, ControlState, Cache object, cookies, and client-side persistence) Designing the User Experience (17%) -
Design the site structure. This objective may include but is not limited to: designing application segmentation for manageability and security (for example, using areas, shared views, master pages, and nested master pages), appropriate use of style sheets, client-side scripting, themes, client ID generation, rendering element modes, routing engine -
Plan for cross-browser and/or form factors. This objective may include but is not limited to: evaluating the impact on client side behaviors, themes, bandwidth, style sheets (including application design - task based or scaled rendering of existing page), when to apply Browsers file, structural approaches, user agents, different platforms (mobile vs. desktop) -
Plan for globalization. This objective may include but is not limited to: designing to support local, regional, language, or cultural preferences, including UI vs. data localization (for example, implementing at database level or resource level), when to use CurrentCulture vs. CurrentUICulture, globalization rollout plan (for example, setting base default language, planning localization), handling Unicode data (for example, what fields to include, request encoding), right-to-left support, vertical text and non-Latin topographies, calendars, data formatting, sorting Designing Data Strategies and Structures (18%) -
Design data access. This objective may include but is not limited to: choosing data access technologies such as ADO.NETData Services, Entity Framework, Windows Communications Foundation (WCF), and ASP.NET Web Services -
Design data presentation and interaction. This objective may include but is not limited to: pulling data from data layer and binding into views, pages, and controls, and pulling data back to data layer by using ModelBinders, data source controls, and HtmlHelper extensions, or programmatically -
Plan for data validation. This objective may include but is not limited to: contextual validation vs. data integrity, where to validate data, synchronization between UI and data layer, data annotations Designing Security Architecture and Implementation (17%) -
Plan for operational security. This objective may include but is not limited to: approaches for process- and resource-level security, including local and remote resources, Code Access Security (CAS), including trust level, process identity, application pool, and identity tag -
Design an authentication and authorization model. This objective may include but is not limited to: authentication providers, including WindowsForms, and custom user identity flowthrough (for example, trusted subsystem), role management, membership providers, URL authorization (for example, AuthorizationAttribute), file authorization, Authorization Manager (AzMan) -
Plan for minimizing attack surfaces. This objective may include but is not limited to: input validation, throttling inputs, request filtering, where to use Secure Sockets Layer (SSL) Preparing For and Investigating Application Issues (15%) -
Choose a testing methodology. This objective may include but is not limited to: black box, white box, integration, regression, coverage, API testing, performance testing, security testing
This objective does not include: load testing, Web testing, unit testing -
Design an exception handling strategy. This objective may include but is not limited to: HandleError attribute in MVC, common error pages, post-error processing, global vs. page level -
Recommend an approach to debugging. This objective may include but is not limited to: tools and approaches for a given scenario (for example, memory dumps, DebuggingAttributes, crashes vs. hangs, deadlocks, assembly binding), when to attach to process (Visual Studio Development Server vs. IIS vs. Internet Explorer), root cause analysis This objective does not include: basic breakpoints -
Recommend an approach to performance issues. This objective may include but is not limited to: which instrumentation to watch or create (including performance counters and event tracing) to analyze performance issues, page and fragment caching Designing a Deployment Strategy (14%) -
Design a deployment process. This objective may include but is not limited to: Windows Installer (MSI) vs. xcopy vs. Web Deployment Tool, scaling, rolling deployments -
Design configuration management. This objective may include but is not limited to: using the ConfigSource attribute (for example, connection strings), staging vs. production vs. development, topologies, machine.config vs. web.config, using IIS vs. Visual Studio Development Server during development, application pools, configuration inheritance -
Plan for scalability and reliability. This objective may include but is not limited to: scaling up, scaling out, at physical level and at architectural level, impact of offloading technologies on load balancing, including state, synchronizing machine and encryption keys -
Design a health monitoring strategy. This objective may include but is not limited to: when to monitor application or business-related events (e.g., on UI every time clicked or in business layer), determining a strategy for using ASP.NET Health Monitoring, throttling, filtering, delivery method |
Materiales
Indispensable. Visual Studio 2010 profesional o superior. Se puede bajar el RC.
MSDN y seleccionar las opciones de .Net Framework 4
Material de Microsoft Learning no hay disponible aun.
Material bibliográfico Self-Pace Training Kit. Para el framework 3.5 (verificar las diferencias)
Diferencias entre los frameworks
En MSDN y en StackOverflow
Entradas
