HOT Hover Over Technologies

Después de esperar y esperar, los examenes beta de .Net 4 están pasando a producción. Por lo que me empiezan a llegar las noticias esperadas. Y la primera es 70-519 aprobado. Vamos por los otros! (esto me salió medio mundialista)

Sigo en el camino de la certificación.

Sólo posteo la guía no voy a llegar a poner links. Pero bueno la red proveera.

• Map entities and relationships by using the Entity Data Model.
  
  This objective may include but is not limited to: using the Visual Designer, building an entity data model from an existing database, managing complex entity mappings in EDMX, editing EDM XML, mapping to stored procedures, creating user-defined associations between entities, generating classes with inheritance and mapping them to tables
  
  This objective does not include: using MetadataWorkspace
• Map entities and relationships by using LINQ to SQL.
  
  This objective may include but is not limited to: using the Visual Designer, building a LINQ to SQL model from an existing database, mapping to stored procedures
• Create and customize entity objects.
  
  This objective may include but is not limited to: configuring changes to an Entity Framework entity, using the ADO.NET EntityObject Generator (T4), extending, self-tracking entities, snapshot change tracking, ObjectStateManager, partial classes, partial methods in the Entity Framework
• Connect a POCO model to the Entity Framework.
  
  This objective may include but is not limited to: implementing the Entity Framework with persistence ignorance, user-created POCO entities
  
  This objective does not include: using the POCO templates
• Create the database from the Entity Framework model.
  
  This objective may include but is not limited to: customizing the Data Definition Language (DDL) (templates) generation process, generating scripts for a database, Entity Data Model tools
• Create model-defined functions.
  
  This objective may include but is not limited to: editing the Conceptual Schema Definition Language CSDL, enabling model-defined functions by using the EdmFunction attribute, complex types

• Configure connection strings and providers.
  
  This objective may include but is not limited to: managing connection strings including Entity Framework connection strings, using the ConfigurationManager, correctly addressing the Microsoft SQL Server instance, implementing connection pooling, managing User Instanceand AttachDBfilename, switching providers, implementing multiple active result sets (MARS)
  
  This objective does not include: using the ConnectionStringBuilder; Oracle data provider; creating and using a custom provider; using third-party providers
• Create and manage a data connection.
  
  This objective may include but is not limited to: connecting to a data source, closing connections, maintaining the life cycle of a connection
• Secure a connection.
  
  This objective may include but is not limited to: encrypting and decrypting connection strings, using Security Support Provider Interface (SSPI) or SQL Server authentication, read only vs. read/write connections
  
  This objective does not include:  Secure Sockets Layer (SSL)
• Manage the DataContext and ObjectContext.
  
  This objective may include but is not limited to: managing the life cycle of DataContext and ObjectContext, extending the DataContext and ObjectContext, supporting POCO
• Implement eager loading.
  
  This objective may include but is not limited to: configuring loading strategy by using LazyLoadingEnabled, supporting lazy loading with POCO, explicitly loading entities
• Cache data.
  
  This objective may include but is not limited to: DataContext and ObjectContext cache including identity map, local data cache
  
  This objective does not include: Velocity, SqlCacheDependency
• Configure ADO.NET Data Services.
  
  This objective may include but is not limited to: creating access rules for entities, configuring authorization and authentication, configuring HTTP verbs

• Execute a SQL query.
  
  This objective may include but is not limited to: DBCommand, DataReader, DataAdapters, DataSets, managing data retrieval by using stored procedures, using parameters, System.Data.Common namespace classes
• Create a LINQ query.
  
  This objective may include but is not limited to: syntax-based and method-based queries, joining, filtering, sorting, grouping, aggregation, lambda expressions, paging, projection
  
  This objective does not include: compiling queries
• Create an Entity SQL (ESQL) query.
  
  This objective may include but is not limited to: joining, filtering, sorting, grouping, aggregation, paging, using functions, query plan caching, returning a reference to an entity instance, using parameters with ESQL, functionality related to EntityClient classes
• Handle special data types.
  
  This objective may include but is not limited to: querying BLOBs, filestream, spatial and table-valued parameters
  
  This objective does not include: implementing data types for unstructured data, user-defined types, Common Language Runtime (CLR) types
• Query XML.
  
  This objective may include but is not limited to: LINQ to XML, XmlReader, XmlDocuments, XPath
  
  This objective does not include: XSLT, XmlWriter
• Query data by using ADO.NET Data Services.
  
  This objective may include but is not limited to: implementing filtering and entitlement in ADO.NET Data Services, addressing resources, creating a query expression, accessing payload formats, Data Services interceptors

• Create, update, or delete data by using SQL statements.
  
  This objective may include but is not limited to: Create/Update/Delete (CUD), using DataSets, calling stored procedures, using parameters
• Create, update, or delete data by using DataContext.
  
  This objective may include but is not limited to: CUD, calling stored procedures, using parameters
  
  This objective does not include: ObjectTrackingEnabled
• Create, update, or delete data by using ObjectContext.
  
  This objective may include but is not limited to: CUD, calling stored procedures, using parameters, setting SaveOptions
• Manage transactions.
  
  This objective may include
  but is not limited to: System.Transactions, DBTransaction, rolling back a transaction, Lightweight Transaction Manager (LTM)
  
  This objective does not include: distributed transactions, multiple updates within a transaction, multiple synchronization of data within an acidic transaction
• Create disconnected objects.
  
  This objective may include but is not limited to: creating self-tracking entities in the Entity Framework, attaching objects, DataSets, table adapters

• Monitor and collect performance data.
  
  This objective may include but is not limited to: logging generated SQL (ToTraceString), collecting response times, implementing performance counters, implementing logging, implementing instrumentation
• Handle exceptions.
  
  This objective may include but is not limited to: resolving data concurrency issues (handling OptimisticConcurrency exception, Refresh method), handling errors, transaction exceptions, connection exceptions, timeout exceptions, handling an exception from the Entity Framework disconnected object, security exceptions
• Protect data.
  
  This objective may include but is not limited to: encryption, digital signature, hashing, salting, least privilege
• Synchronize data.
  
  This objective may include but is not limited to: online/offline Entity Framework, synchronization services, saving locally
• Deploy ADO.NET components.
  
  This objective may include but is not limited to: packaging and publishing from Visual Studio, deploying an ADO.NET Services application; packaging and deploying Entity Framework metadata
  
  This objective does not include: configuring IIS, MSDeploy, MSBuild

Managing the Service Instance Life Cycle (13%)

Manage service instances.

This objective may include but is not limited to: per call: per session; single; code and configuration; activation and deactivation; durable services; throttling

http://msdn.microsoft.com/en-us/magazine/cc163590.aspx

Manage sessions.

This objective may include but is not limited to: code and configuration; session management attributes; throttling; reliable sessions; transport-level and application-level sessions; invoking a callback contract.

Implement transactions.

This objective may include but is not limited to: distributed transactions; transactional queues; transaction flow; configuring transaction binding attributes; WS-AtomicTransaction (WS-AT); transactional behavior attributes at the service and operation level; using transactions in code.

Manage concurrency.

This objective may include but is not limited to: single, multiple, and reentrant concurrency modes; SynchronizationContext and CallbackBehavior

This objective does not include: deadlocks and other mutithreading issues

Manage consistency between instances, sessions, transactions, and concurrency

This objective may include but is not limited to: possible combinations between instances, sessions, transactions, and concurrency (for example, instance mode single with concurrency mode multiple)

Securing Services (17%)

Configure secure Bindings

This objective may include but is not limited to: transport, message, mixed mode

http://msdn.microsoft.com/en-us/library/ms731172(v=VS.100).aspx

Configure message security

This objective may include but is not limited to: specifying protection levels on different message parts

http://msdn.microsoft.com/en-us/library/ms789036.aspx

Implement Authentication

• Implement Authentication.
  This objective may include but is not limited to: Microsoft ASP.NET Membership Provider, Custom Provider, Windows Integrated Security, certificates (X.509), Federated Authentication endpoint identity; configuring client credentials; Custom Validator
  This objective does not include: Geneva Framework
• Implement Authorization.
  This objective may include but is not limited to: role based, claim based; configuring role providers for endpoints; principal permission attribute
  This objective does not include: rights-management authorization such as Active Directory Rights Management Services (AD RMS)
• Implement Impersonation.
  This objective may include but is not limited to: configuration and code; configuring WCF-specific Internet Information Services (IIS) impersonation properties; configuring impersonation options; operation-based and service-based
• Implement security auditing.
  This objective may include but is not limited to: using serviceSecurityAudit behavior, service auditing, audit log

Consuming Services (19%)

Create a service proxy

This objective may include but is not limited to: using a proxy class or channel factory to create a proxy; creating a proxy for an asynchronous communication; creating a proxy for a duplex communication

This objective does not include: SvcUtil command line switches

Proxy class
http://msdn.microsoft.com/en-us/library/ms733133.aspx

Channel factory
http://msdn.microsoft.com/en-us/library/ms734681(v=VS.100).aspx

Asynchronous communication
http://msdn.microsoft.com/en-us/library/ms730059(v=VS.100).aspx

Duplex communication
http://msdn.microsoft.com/en-us/library/ms731935(v=VS.100).aspx

Configure client endpoints.

This objective may include but is not limited to: standard bindings, custom bindings created from standard binding elements; configuring behaviors; code-based and configuration-based bindings; configuring addresses

This objective does not include: security; creating custom behaviors

Standard binding
http://msdn.microsoft.com/en-us/library/ms731092(v=VS.100).aspx
http://msdn.microsoft.com/en-us/library/ms730879(v=VS.100).aspx

Custom binding created from standard binding elements

Configuring behaviors
http://msdn.microsoft.com/en-us/library/aa702788(v=VS.100).aspx

Code-based and configuration-based bindings
http://msdn.microsoft.com/en-us/library/ms731144(v=VS.100).aspx
http://msdn.microsoft.com/en-us/library/ms731862(v=VS.100).aspx

Configuring addresses
http://msdn.microsoft.com/en-us/library/aa751841(v=VS.100).aspx

Invoke a service

This objective may include but is not limited to: invoking a service operation synchronously and asynchronously; handling service faults; using the Message class; managing the life cycle of the proxy (open channels, close channels, abort channels, handle faulted channels); implemented duplex communication

Invoking synchronously and asynchronously
http://msdn.microsoft.com/en-us/library/ms730059(v=VS.100).aspx

Handling service faults
http://msdn.microsoft.com/en-us/library/ms733721.aspx

Message class
http://msdn.microsoft.com/en-us/library/ms734675.aspx

Life cycle of the proxy

Duplex communication
http://msdn.microsoft.com/en-us/library/ms731064.aspx

Consume RESTful services.

This objective may include but is not limited to: access HTTP context; JSON/POX

Access HTTP context

JSON/POX

Implement service discovery

This objective may include but is not limited to: configuring target scope; monitoring service announcements.

Configuring target scope

Monitoring service announcements

Hosting and Configuring Services (18%)

Create and configure endpoints.

This objective may include but is not limited to: default and standard bindings; custom bindings created from standard binding elements; standard endpoints; transports including HTTP, TCP, named pipes; UDP, MSMQ code-based service configuration; message encoding

This objective does not include: creating a custom binding element; creating new standard endpoints, loading configuration from a location other than the default application configuration file, security transaction, reliable sessions

Default and standard bindings
Custom bindings created from standard binding
http://msdn.microsoft.com/en-us/library/ms733033(v=VS.100).aspx

Standard endpoint
http://msdn.microsoft.com/en-us/library/ms733821(v=VS.100).aspx

Transport including HTTP, TCP, named pipes
http://msdn.microsoft.com/en-us/library/ms729350(v=VS.100).aspx

Configure Behaviors,

This objective may include but is not limited to: applying service, endpoint, and operation behaviors in configuration and code.

This objective does not include: creating a custom behavior; creating and using dispatch behaviors; loading configuration from a location other than the default application configuration file

Configuration file
http://msdn.microsoft.com/en-us/library/ms733932(v=VS.100).aspx

Implement self hosting

This objective may include but is not limited to: configuring and instantiating a service host

This objective does not include: implementing a custom service host

Hosting a service
http://msdn.microsoft.com/en-us/library/bb332338.aspx#msdnwcfhc_topic3

Implement Web server hosting

This objective may include but is not limited to: configuring IIS/WAS for WCF; deploying to IIS/WAS; file-less configuration; specifying a ServiceHost

This objective does not include: Windows Application Server

Configuring web hosting
http://msdn.microsoft.com/en-us/library/ms734710(v=VS.100).aspx

Deploying to IIS/WAS
http://msdn.microsoft.com/en-us/library/aa751792(v=VS.100).aspx

File-less configuration

ServiceHost
http://msdn.microsoft.com/en-us/library/aa702697(v=VS.100).aspx

Link a un post sobre temas del examen

http://www.jamesjfoster.com/blog/post/Resource-Links-for-70-513-WCF-Certification-Exam.aspx

Creating Services (20%)

Create service and operation contracts.

This objective may include but is not limited to: one-way, duplex, and request reply; creating and specifying fault contracts; configuration-based contracts; exposing service metadata; serialization (e.g., data contract serializer vs. XML serializer)

This objective does not include: designing service and operation contracts; transactions, instantiation, security-related attributes

OperationContract attibute
http://msdn.microsoft.com/en-us/library/system.servicemodel.operationcontractattribute.aspx

FautContract attribute
http://msdn.microsoft.com/en-us/library/ms752208.aspx

Exposing service metadata
http://msdn.microsoft.com/en-us/library/ms730243.aspx

Serialization
http://msdn.microsoft.com/en-us/magazine/cc163569.aspx

Create data contracts.

This objective may include but is not limited to: managing Known Types; controlling data serialization; using required and order attributes on data members; implementing versioning using IExtensibleDataObject; POCOs

This objective does not include: using custom serializer (ISerializationSurrogate)

KnownType attribute
http://msdn.microsoft.com/en-us/library/ms730167.aspx

Serialization
http://msdn.microsoft.com/en-us/magazine/cc163569.aspx

Data member order
http://msdn.microsoft.com/en-us/library/ms729813.aspx

Versioning
http://msdn.microsoft.com/en-us/library/ms731138.aspx

IExtensibleDataObject
http://msdn.microsoft.com/en-us/library/ms731083.aspx

POCO
http://blogs.windowsclient.net/zuker/archive/2008/05/21/wcf-poco-support-in-net-v3-5-sp1.aspx

Create message contracts.

This objective may include but is not limited to: body and header elements; using required and order attributes on members

Implement generic message handling.

This objective may include but is not limited to: creating a catch-all contract; reading and writing messages; working with properties; working with headers

This objective does not include: inheriting from Message class; using BodyWritter; creating Fault messages

Catch-all contract

Reading and writing messages

Implementing RESTful services.

This objective may include but is not limited to: accessing HTTP context; WebGet/WebInvoke, UriTemplates; JSON/POX

http://msdn.microsoft.com/en-us/library/dd203052.aspx

HTTP context

WebGet/WebInvoke
http://msdn.microsoft.com/en-us/library/bb412172.aspx

UriTemplates

JSON/POX

Create and configure a Routing service.

This objective may include but is not limited to: filters, static and dynamic, context-based routing; router interfaces.

Create and configure a Discovery service.

This objective may included but is not limited to: configuring ad hoc and managed modes; Discovery scopes; service announcements

TS: Windows Communication Foundation Development with Microsoft .NET Framework 4

Habiendo rendido el examen 70-519 (beta) me empiezo a preparar para el de WCF. No se resultados aun.

Va el summary de skills necesarios. Y en post posteriores (valga la redundancia) lo ire desarrollando.

• Create service and operation contracts.
  This objective may include but is not limited to: one-way, duplex, and request reply; creating and specifying  fault contracts; configuration-based contracts; exposing service metadata; selecting serialization (e.g., data contract serializer vs. XML serializer)
  This objective does not include: designing service and operation contracts; transactions, instantiation, security-related attributes
• Create data contracts.
  This objective may include but is not limited to: managing Known Types; controlling data serialization; using required and order attributes on data members; implementing versioning using IExtensibleDataObject; POCOs
  This objective does not include: using custom serializer (ISerializationSurrogate)
• Create message contracts.
  This objective may include but is not limited to: body and header elements; using required and order attributes on members
• Implement generic message handling.
  This objective may include but is not limited to: creating a catch-all contract; reading and writing messages; working with properties; working with headers
  This objective does not include: inheriting from Message class; using BodyWriter; creating Fault messages
• Implement RESTful services.
  This objective may include but is not limited to: accessing HTTP context; WebGet/WebInvoke, UriTemplates; JSON/POX
• Create and configure a Routing service.
  This objective may include but is not limited to: filters, static and dynamic, context-based routing, content-based routing; router interfaces
• Create and configure a Discovery service.
  This objective may include but is not limited to: configuring ad hoc and managed modes; Discovery scopes; service announcements

• Create and configure endpoints.
  This objective may include but is not limited to: default and standard bindings; custom bindings created from standard binding elements; standard endpoints; transports including HTTP, TCP, named pipes, UDP, MSMQ code-based service configuration; message encoding
  This objective does not include: creating a custom binding element; creating new standard endpoints, loading configuration from a location other than the default application configuration file, security, transaction, reliable sessions
• Configure Behaviors.
  This objective may include but is not limited to: applying service, endpoint, and operation behaviors in configuration and code
  This objective does not include: creating a custom behavior; creating and using dispatch behaviors,loading configuration from a location other than the default application configuration file
• Implement self hosting.
  This objective may include but is not limited to: configuring and instantiating a service host
  This objective does not include: implementing a custom service host
• Implement Web server hosting.
  This objective may include but is not limited to: configuring IIS/WAS for WCF; deploying to IIS/WAS; file-less configuration; specifying a ServiceHost
  This objective does not include: Windows Application Server

• Create a service proxy.
  This objective may include but is not limited to: using a proxy class or channel factory to create a proxy; creating a proxy for an asynchronous communication; creating a proxy for a duplex communication
  This objective does not include: SvcUtil command-line switches
• Configure client endpoints.
  This objective may include but is not limited to: standard bindings, custom bindings created from standard binding elements, configuring behaviors; code-based and configuration-based bindings; configuring addresses
  This objective does not include: security; creating custom behaviors
• Invoke a service.
  This objective may include but is not limited to: invoking a service operation synchronously and asynchronously; handling service faults ; using the Message class; managing the life cycle of the proxy (open channels, close channels, abort channels, handle faulted channels); implementing duplex communication
• Consume RESTful services.
  This objective may include but is not limited to: access HTTP context; JSON/POX
• Implement service Discovery.
  This objective may include but is not limited to: configuring target scope; monitoring service announcements

• Configure secure Bindings.
  This objective may include but is not limited to: transport, message, mixed mode
• Configure message security.
  This objective may include but is not limited to: specifying protection levels on different message parts
• Implement Authentication.
  This objective may include but is not limited to: Microsoft ASP.NET Membership Provider, Custom Provider, Windows Integrated Security, certificates (X.509), Federated Authentication endpoint identity; configuring client credentials; Custom Validator
  This objective does not include: Geneva Framework
• Implement Authorization.
  This objective may include but is not limited to: role based, claim based; configuring role providers for endpoints; principal permission attribute
  This objective does not include: rights-management authorization such as Active Directory Rights Management Services (AD RMS)
• Implement Impersonation.
  This objective may include but is not limited to: configuration and code; configuring WCF-specific Internet Information Services (IIS) impersonation properties; configuring impersonation options; operation-based and service-based
• Implement security auditing.
  This objective may include but is not limited to: using serviceSecurityAudit behavior, service auditing, audit log

• Manage service instances.
  This objective may include but is not limited to: per call; per session; single; code and configuration; activation and deactivation; durable services; throttling
• Manage sessions.
  This objective may include but is not limited to: code and configuration; session management attributes; throttling; reliable sessions; transport-level and application-level sessions; invoking a callback contract
• Implement transactions.
  This objective may include but is not limited to: distributed transactions; transactional queues;transaction flow; configuring transaction binding attributes; WS-AtomicTransaction (WS-AT); transactional behavior attributes at the service and operation level; using transactions in code
• Manage concurrency.
  This objective may include but is not limited to: single, multiple, and reentrant concurrency modes; SynchronizationContext and CallbackBehavior
  This objective does not include: deadlocks and other multithreading issues
• Manage consistency between instances, sessions, transactions, and concurrency.
  This objective may include but is not limited to: possible combinations between instances, sessions, transactions, and concurrency (for example, instance mode single with concurrency mode multiple)

• Configure message logging.
  This objective may include but is not limited to: configuring message listeners; logging level; message filters; configuring logging known PII
  This objective does not include: secure message logs
• Configure diagnostics.
  This objective may include but is not limited to: WMI; performance counters; event logging
• Debug client-service interactions.
  This objective may include but is not limited to: sending server exception details to client; end-to-end tracing; interpreting output from the trace viewer (single message and end to end)
  This objective does not include: tracing viewer features outside of viewing traces

Una primera aproximación al tipo dynamic introducido en la versión 4.0 de C#

El tipo dynamic nos va a permitir instanciar un objeto en tiempo de ejecución. Con lo que podremos hacer cosas como:

            dynamic duck = GetDynamic();
           
            Console.WriteLine(duck.bark());

La instanciación se evalúa en tiempo de ejecución por lo que si el objeto devuelto por GetDynamic() no contiene definición del método bark() recibiremos un error en tiempo de ejecución.

Qué diferencia tiene con var? Básicamente var es una asignación por inferencia, o sea que en tiempo de compilación será el compilador el encargado de inferir el tipo de acuerdo al contexto, un par de ejemplos sencillos:

var duck = new Duck();

En este ejemplo sencillamente el compilador infiere que duck es una instancia de la clase Duck;

            var duck = animals.Where(a => a.HasFeather() && a.LegQty() == 2)
                .FirstOrDefault();

En este ejemplo es un poco más complicado inferir el tipo. Igualmente el compilador lo realizará en tiempo de compilación.

Ahora cual sería la diferencia con el que es la base de nuestra jerarquía de clases object? A simple vista parecería que son similares. Pero recordemos que hasta la versión 4.0 de C# nuestro lenguaje era estáticamente tipado. por lo que utilizar object no hacía que el compilador no verifique el tipo en tiempo de compilación, sino todo lo contrario. Cada vez que el compilador encuentra un object validará que las operación que se realizan con él sean válidas para el tipo casteado. Aquí entran los conceptos de boxing y unboxing.

Veamos ejemplo:

            Object dog = GetObject();
            Console.WriteLine(dog.bark());

Este ejemplo directamente no compila. object no contiene un método bark()

            Console.WriteLine(((Dog)dog).bark());

El precioso mundo del casteo. Aquí vemos que necesariamente en momento de compilación el compilador debe conocer cual es la clase para poder utilizar los métodos que correspondan.

Las posibilidades son infinitas. Como así también salirnos de la tutela de nuestro compilador puede complicarnos la vida.

Designing a Deployment Strategy (14%)

Index

Parte 0 | Parte 1 | Parte 2 | Parte 3a | Parte 3b | Parte 4 | Parte 5 | Parte 6

Design a deployment process

This objetive may include but not limited to: Windows Installer (MSI) vs. xcopy vs. Web Deployment Tool, scaling, rolling deployments.

Windows Installer MSI
http://msdn.microsoft.com/en-us/library/aa367449(VS.85).aspx

xcopy
http://msdn.microsoft.com/en-us/library/f735abw9.aspx

Web Deployment Tool
http://channel9.msdn.com/posts/VisualStudio/Web-Development-and-Deployment-with-Visual-Studio-2010/
http://blogs.msdn.com/webdevtools/archive/2009/02/04/web-deployment-with-vs-2010-and-iis.aspx
http://live.visitmix.com/MIX10/Sessions/FT14

Scaling

Rolling deployments

Design configuration management

This objetive may include but is not limited to: using the ConfigSource attribute (for example, connection strings), staging vs. production vs. development, topologies, machine config vs, web.config, using IIS vs. Visual Studio Development Server during development, application pools, configuration inheritance.

ConfigSource attribute
http://msdn.microsoft.com/en-us/library/ms228167.aspx

Staging vs. production vs. development
http://www.slideshare.net/ecastrom/easing-aspnet-web-and-sql-server-database-deployment-withvs-2010-and-msdeploy-2167629

Machine config vs. web.config

Application pools

Configuration inheritance

Plan for scalability and reliability

This objetive may include but is not limited to: scaling up, scaling out, at physical level and at architectural level, impact of offloading technologies on load balancing, including slate, synchronazing machine and encryption keys.

Scaling Up

Scaling Out (physical and architectural level)

http://msdn.microsoft.com/en-us/magazine/cc500561.aspx

Design a health monitoring strategy

This objetive may include but is not limited to: when to monitor application or business-related events (e.g.. on UI every time clicked or in business layer) determining a strategy for using ASP.NET Health Monitoring, throttling, filtering, delivery method

Preparing For and Investigating Application Issues (15%)

Choose a testing methodology

This objetive may include but is not limited to: black box, integration, regression, coverage, API testing, performance testing, security testing

Black Box
Black box testing. This approach tests all possible combinations of end-user actions. Black box testing assumes no knowledge of code and is intended to simulate the end-user experience. You can use sample applications to integrate and test the application block for black box testing. You can begin planning for black box testing immediately after the requirements and the functional specifications are available.
http://en.wikipedia.org/wiki/Black-box_testing

Integration 
http://en.wikipedia.org/wiki/Integration_testing
http://msdn.microsoft.com/en-us/library/aa292128(VS.71).aspx

Regression
http://en.wikipedia.org/wiki/Regression_testing
http://msdn.microsoft.com/en-us/library/aa292167(VS.71).aspx

Coverage
http://en.wikipedia.org/wiki/Code_coverage
http://msdn.microsoft.com/en-us/library/ms182496(VS.100).aspx

API testing
http://msdn.microsoft.com/en-us/library/cc300143.aspx

Performance testing
http://en.wikipedia.org/wiki/Software_performance_testing
http://msdn.microsoft.com/en-us/library/bb924375.aspx

Security testing
http://msdn.microsoft.com/en-us/magazine/cc507646.aspx

This objective does not include: load testing, Web testing, unit testing

Design an exception handling strategy

This objetive may include but is not limited to: HandleError attibute in MVC, common error pages, post-error processing, global vs page level.

HandleError attibute in MVC
The HandleError attribute (which appears on the default controllers in an MVC project) tells the framework that if an unhandled exception occurs in your controller that rather than showing the default Yellow Screen of Death it should instead serve up a view called Error. The controller-specific View folder will be checked first (eg. Views/Home/Error.aspx) and if it's not found, the Shared folder (Views/Home/Error.aspx) will be used.
http://weblogs.asp.net/scottgu/archive/2008/07/14/asp-net-mvc-preview-4-release-part-1.aspx

Common error pages
http://aspalliance.com/1008_Working_with_Custom_Error_Pages_Using_ASPNET.5

Post-error processing

Global vs. page level
http://www.15seconds.com/issue/030102.htm

Recommend and approach to debugging

This objetive may include but is not limited to: tools and approaches for a given scenario (for example, memory dumps, DebuggingAttributes, crashes vs hangs, deadlocks, assembly binding), when to attack a process (visual Studio Development Server vs. IIS vs. Internet Explorer), root cause analisys.

The objetive doesn’t include: basic breakpoints

Memory dumps

DebuggingAttributes

Crashes vs. hangs

Deadlocks

Asembly bindings

Root cause analisys

Recommend an approach to performace issues.

This objetive may include but is not limited to: wich instrumentation to watch or create, (including performance counters and event tracking) to analyze performance issues, page and fragment caching.

Designing Security Achitecture and Implementation (17%)

Plan for operational security

This objetive may include but is not limited to: approaches for process; and resource-level security, including local and remote resources; Code-Access Security (CAS), including trust level, process identity, application pool, and identity tag.

Code-Access Security (CAS)
http://en.wikipedia.org/wiki/Code_Access_Security
http://msdn.microsoft.com/en-us/library/930b76w0.aspx

Important!!  Security changes in .Net 4
http://msdn.microsoft.com/en-us/library/dd233103(VS.100).aspx

Design and authentication and authorization model

This objetive may include but is not limited to: authentication providers, including WindowsForms, and custom user identity flowthrough (for example, trusted subsystem), role management, membership providers, URL authorization (for example, AuthorizationAttribute), file authorization, Authorization Manager (AzMan)

Authentication providers
http://msdn.microsoft.com/en-us/library/9wff0kyh(VS.100).aspx

Role management
http://msdn.microsoft.com/en-us/library/5k850zwb(VS.100).aspx

Membership provider
http://msdn.microsoft.com/en-us/library/tw292whz(VS.100).aspx

URL Athorization
http://msdn.microsoft.com/en-us/library/wce3kxhd(VS.100).aspx

AzMan
http://msdn.microsoft.com/en-us/library/ms998336.aspx

Plan for minimizing attack surfaces

This objetive may include but is not limited to: input validation, throttling inputs, request filtering, where to use Secure Sockets Layer (SSL)

Input validation (buscar material mas moderno)
http://msdn.microsoft.com/en-us/library/ms972961.aspx

Throttling inputs

Request filtering
http://msdn.microsoft.com/en-us/library/system.web.httprequest.filter(VS.100).aspx

SSL
http://en.wikipedia.org/wiki/HTTP_Secure

Designing the User Experience (17%)

UI Localization

Data Localization

Resources

CurrentCulture vs. CurrentUICulture

Planning localization

Unicode

righ-to-left support

Vertical text Non-Latin typos

Calendars / Data formatting

Sorting