Interview
Questions for Hiring .NET Developers
Without Getting Too Technical
If you are planning to interview candidates for a .NET developer position, here
are sample questions that we recommend.
You'll notice from the nature of these questions that they are not too
technical. This is intentional and we believe that for the
following reasons, the focus of an IT interview in general -- and a .NET
interview in particular -- should be on why something is done and not just what
needs to be done:
1) With the advent of modern development tool like Visual Studio and the wealth
of contexts-sensitive help such as IntelliSense, memorizing syntactical details is not as
critical as it used to be.
2) No matter how well a programmer is able to code a solution, if the
architectural foundation leading to that solution is flawed, it will be
pointless to discuss programming details.
|
|
General Questions about the Architecture of a .NET System:
|
| Q: |
What are the three primary layers of a multi-tier system
architecture? |
| A: |
1. User Interface (a.k.a. Presentation Layer); 2. Business Rules
(a.k.a. System Logic); 3. Data Layer. |
| |
|
| Q: |
In what sequence would you develop
the three layers? |
| A: |
I would first design the data layer, normalize it, and load it with sample
data. After that, the presentation and system logic layers are developed
in parallel. |
| |
|
| Q: |
What technology choices do you recommend for the three
layers? |
| A: |
The presentation layer should be pure
HTML. Anything beyond that
(with the exception of JavaScript
for client-side enhancements) will
probably cause incompatibilities with some browsers.
The system logic layer should be developed either with VB.NET or C#
(although other languages such as C++ are also supported).
For the data layer, any OLEDB-compliant database technology (such as SQL Server,
Oracle, Access, or Visual Foxpro) can be used.
|
| |
|
|
Q:
|
In
the context of OOP, what's PEM? |
|
A:
|
In the world of OOP
(Object-Oriented Programming), PEM
stands for Properties, Events,
and Methods. Properties are
attributes of an object. For
example, a visual object like a Link
Button has a property called Font
Size which determine its appearance
on the screen. It also has a Click
event, because a user is able to click
on it with the mouse. As a result
of the click by the user, the Link
Button takes certain action (i.e.
executes a piece of code) which is coded
in the click method (LinkButton1_Click). |
| |
|
| Q: |
What's CLR? |
| A: |
CLR is an acronym for
Common-Language-Runtime and it's part of the
.NET infrastructure which allows usage of multiple programming languages (e.g.
VB.NET and C#) in the same system. |
| |
|
| Q: |
What's JIT? |
| A: |
JIT
is an acronym for Just-In-Time and it's part of the optimization architecture of
the .NET compiler. |
| |
|
| Q: |
What's a Code-Behind file? |
| A: |
Visual Studio .NET creates Web applications using the Code-Behind model.
In this model, all the code associated with a webform
(ASPX file) in stored in
a separate file with a file extension of ASPX.VB (for
VB.NET) or ASPX.CS
(for C#). |
| |
|
| Q: |
What development tools do you need for a .NET system? |
| A: |
The most common tools are Visual Studio.NET for User Interface and Business
Rules development, in conjunction with database tools (such as
Enterprise
Manager and Query Analyzer for SQL Server).
Alternatively, some developers use
Web Matrix instead of Visual Studio.NET or a
Database Project (inside Visual Studio's "Other Projects") instead of SQL
Server's Enterprise Manager.
|
| |
|
| Q: |
What's a SQL Injection attack and how would you prevent
it? |
| A: |
A SQL Injection attack typically happens when additional commands are entered
into a user input textbox which feeds a dynamic SQL statement, before it's sent
to the back-end database. For example, instead of valid user ID, if the
hacker enters: ' Or 1=1 --,
he might be able to gain access to the system (since
1=1 is
always true).
There are two general approaches in preventing such attacks:
1. Validating the user input, removing any suspicious characters such as
--, and limiting the application's permissions and
privileges;
2. Avoiding dynamic SQL statements completely and replacing them with
parameterized stored procedures.
|
| |
|
| Q:
|
What
are Web Services? |
| A: |
Web Services
provide a technology for interaction
of disjoint systems, so that one
becomes the provider of certain
information and the other becomes the
consumer.
For example, the SQL Server
Reporting can interact with a .NET
project as a Web Service and expose
its functionality. Hence,
various features of the reporting
service (such as requesting reports
and managing subscribed deliveries)
become readily available to the .NET
project.
Before the introduction of Web
Services, a technology called "Remoting"
provided similar facilities. |
| |
|
| Q: |
What reporting/charting techniques can be used in a .NET
system? |
| A: |
Some of the common choices for reporting/charting in a .NET system are:
* SQL Server Reporting Services
* Crystal Reports for .NET
* Active Reports for .NET
* Chart FX for .NET
* Dundas Chart for .NET
* .NETCharting
The above alternatives generally offer similar functionalities, but might differ
in specific features such as:
* Generate output in various formats, such as PDF, Excel, and RTF
* Shading and other cosmetic features
* Email the output
* Use XML
* Publish as a Web Service
* Pricing/licensing
* Platform-specific requirements
(for example,
SQL Server Reporting Services requires a SQL Server database -- and license --
even if the target data is, say, on Oracle.)
|
| |
|
| Q: |
What's
the difference between OLTP and OLAP
databases? |
| A: |
OLTP (Online Transaction Processing)
databases are highly normalized and
optimized for high-volume data entry (but not
necessarily suitable for reporting).
OLAP (Online Analytical Processing)
databases, on the other hand, are somewhat
de-normalized and hold some
pre-calculated aggregate values that are specifically suited
for fast reporting.
|
| |
|
| Q: |
What's the difference between an
HTML Control and a Web Control? |
| A: |
HTML Controls
are more-or-less pre-.net objects that are used for migrating
older systems to .NET and they lack some of the programming features of Web
Controls.
Web Controls
offer richer functionalities (such as ability to render differently depending
on the client's browser) and should be used for .NET systems
that are written from ground up.
Nonetheless, the above comments serve
primarily as a starting point in the
decision to utilize HTML Controls or Web
Controls. The performance factor,
for example, may favor an HTML
Control with similar functionality over
its Web Control counterpart.
|
| |
|
| Q: |
Which .NET website(s) have you worked on? Was it an
Internet or an Intranet Site? What development language did you
use? Which database architecture was utilized? |
| A: |
|
| |
|
| Q: |
What was YOUR role in development of the above website(s)
and in which of the three layers was your focus? |
| A: |
|
|
Development and Technical Skills:
|
| Q: |
How do you access an SQL Server Database from the .NET
Framework? |
| A: |
There are two ways to access an SQL Server Database:
1. Using OLEDB (with System.Data.OleDb Namespace)
2. Using SQLCLIENT (with System.Data.SqlClient
Namespace)
|
| |
|
| Q: |
In order to access a SQL Server
database, when should you use each of the methods in your answer to the
previous question? |
| A: |
Since System.Data.SqlClient is specifically optimized for
accessing a SQL server database, it is generally preferred. However, in
the following situations, you should use System.Data.OleDb:
* If you're making enhancements to a system that's already built with System.Data.OleDb.
* If there's a future plan to migrate from SQL Server to another database
technology or if your system is simultaneously used at different installation
sites using different database technologies.
|
| |
|
|
Q:
|
How
do you compose an Inner-join
query? |
| A: |
An inner-join query
returns all rows from two tables
which share a common key.
the general syntax is:
Select table1columns,
table2columns From table1 Inner
Join Table2 On
table1.primarykey=table2.foreignkey |
| |
|
| Q: |
How do you "clone" an existing ASPX webpage, in order to
create another webpage that's similar to it? |
| A: |
This is a "trick" question! In most development environments, you can
simply use "File - Save As ..." and create another copy of the original file
under a different name. In Visual Studio.NET, however, "File - Save As
..." will rename the existing file, together with its code-behind
file.
Therefore, a safe way to clone an existing ASPX webpage is to go
outside Visual Studio.NET and use Windows Explorer. You'd then need to
change a couple of internal references to the old name at the top of the
ASPX file (namely Codebehind=
and Inherits=) and also
a reference at the top of the code
behind file (Public Class),
before Visual Studio.NET can open
the new ASPX file.
|
| |
|
| Q: |
How do you redirect a user from one ASPX webpage to
another? |
| A: |
There are at least two ways to accomplish this:
1. For an unconditional redirection, use
NaviageUrl property of
a Hyperlink control.
2. For a conditional redirection, once the required condition has been met using
an IF statement, use the Response.Redirect method.
|
| |
|
| Q: |
How do you prevent a user from directly opening an
ASPX webpage out of sequence? |
| A: |
Enforcing the planned sequence of webpages a user is allowed to see
(also known an session state management) is usually
accomplished in two different ways:
1. Using cookies (which
is the old method);
2. Using the Session() function, without cookies
(which is the
preferred method).
Either way, during the Load event of each ASPX webpage, the
correct sequence needs to be validated. Subsequently, if an
out-of-sequence or invalid situation is detected, the webpage needs to be
redirected. (See the previous question for details.)
|
| |
|
| Q: |
How do you create the parent record of a 1-to-many
relationship together with its children? |
| A: |
The wrong (but not uncommon) way would be to
do this in three steps:
1. Insert the parent record;
2. Retrieve the identity key of the parent record which was just inserted;
3. Insert the children, using the identity key of the parent record.
The right way would be to use two
Stored Procedures, one for
the parent and the other for the children. The ASPX file would only call
the 1st stored procedure (which would internally call the 2nd stored
procedure).
|
|
Ben
Aminnia, president of Pointer Corporation, is a database
architect with over 20 years of experience. He's also the president of
Los Angeles SQL Server Professionals Group www.sql.la
and a board member of Los Angeles .NET Developers Group
www.ladotnet.org. |
|
 |
|
Pointer
Corporation