Currently showing entries with the tag: optimization
|
page 1 of 1
|
.NET Interview Questions - Part 3
December 02, 2007 • 7:56PM • permalink
I received such an overwhelming response to my last two blog posts on .NET interview questions, that I decided to post a third.
Part 1 can be found here.
Part 2 can be found here.
Continuing from where we left off...
6. If placed in the Page_Load method of a ASP.NET page, what will the following code output?
Response.Write("<br />Before");
try
{
Response.Write("<br />In the 'try'");
int i = 0;
int j = 1 / i;
}
catch
{
Response.Write("<br />In the 'catch'");
Response.End();
return;
}
finally
{
Response.Write("<br />In the 'finally'");
}
Response.Write("<br />After");
Pretty simple question, right? Wrong!
I got it wrong the first time round too and even for the posting of this blog I made sure to execute the program and check the results!
You would see the following:
Before
In the 'try'
In the 'catch'
In the 'finally'
Remember that the finally clause will execute without exception (no pun intended). I tried to really drive that home by first executing Response.End, which even throws a second exception, and then executing a return function, in an attempt to leave the currently executing method.
Regardless of the return, the finally clause still executes before returning control to the return statement, preventing the display of the word "After".
7. Write a script to generate a dynamic image on a webpage, such as for use as a CAPTCHA, placing a watermark on an image or checking the referring url of a requested image?
For my example, I'll display 10 characters of randomly sized/styled/selected text in on a Red background. Note that I'm not going to introduce any warping, backgrounds or any other security features. This code is not intended for use as a real CAPTCHA and it would be trivial to write a OCR script to attack it.
I'm going to put the whole block of code without too much discussion. Most of the work is done by the GDI functions, which you can easily look up on MSDN. This would be placed in the OnLoad portion of a page and then called through a img object in the HTML like:
<img src="CaptchaImage.aspx" />
Note that we have previously defined the following helper structure to avoid repeated boxing/unboxing:
struct CaptchaCharacter
{
public char character;
public Font font;
}
The rest of the code follows:
int width = 600;
int height = 400;
int number_of_characters = 10;
string character_choices = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
string[] font_families = { "Tahoma", "Arial", "Verdana" };
int[] font_sizes = { 36, 60, 84, 108 };
Rectangle bmp_rect = new Rectangle(0, 0, width, height);
Bitmap bmp = new Bitmap(width, height);
Graphics graphics = Graphics.FromImage(bmp);
graphics.SmoothingMode = SmoothingMode.AntiAlias;
graphics.FillRectangle(Brushes.Red, bmp_rect);
CaptchaCharacter[] character_array = new CaptchaCharacter[number_of_characters];
Random rnd = new Random();
for (int x = 0; x < number_of_characters; x++)
{
CaptchaCharacter new_char = new CaptchaCharacter();
new_char.character = character_choices[rnd.Next(0, character_choices.Length)];
new_char.font = new Font(font_families[rnd.Next(0, font_families.Length)],
font_sizes[rnd.Next(0, font_sizes.Length)]);
character_array[x] = new_char;
}
StringFormat format = new StringFormat();
format.Alignment = StringAlignment.Center;
format.LineAlignment = StringAlignment.Center;
GraphicsPath path = new GraphicsPath();
for (int a = 0; a < number_of_characters; a++)
{
RectangleF rect = new RectangleF((width / number_of_characters) * a,
0,
width / number_of_characters,
height);
path.AddString(character_array[a].character.ToString(),
character_array[a].font.FontFamily,
0,
character_array[a].font.SizeInPoints,
rect,
format);
}
graphics.FillPath(Brushes.Black, path);
Response.ContentType = "image/gif";
bmp.Save(Response.OutputStream, ImageFormat.Gif);
for (int z = 0; z < character_array.Length; z++)
character_array[z].font.Dispose();
path.Dispose();
graphics.Dispose();
bmp.Dispose();
First a Bitmap object is created, which is what we will eventually output. After obtaining a reference to it's GDI Graphics object, we begin drawing on it. First a background rectangle with a Red brush is drawn and then a GraphicsPath object is created. We can use the built-in AddString method of the GraphicsPath to easily style and add our characters. We could have easily output the whole string at once, but we loop through each character to apply individual styling of FontFamily and font size to each character. Finally, we change the ResponseType of the our encapsulating page and save the bitmap to the built-in OutputStream (which will block all other output to the page).
Lately, I've seen a lot of really bad SQL come through the office on interviews. In our extensive interview process, many of the other developers focus on simple SQL problems, which is really all that is necessary for the day-to-day job at Demand.
Unlike some of the other developers, my boss constantly chastises me for worrying about security too much. I can't deny that I do obsess about security too much, given my background, but because of that I'll occasionally ask the following question, which I think any SQL developer should be able to answer:
8. Given a simple login box (with username and password fields), what input will compromise the database in a susceptible system?
I'll even go so far as to show you the poorly written code that will allow this... (Note that the code is looking for the password of the given user and will check it in C# code below, that's all it takes to allow an exploit).
string sql = string.Format(@"
SELECT
password
FROM [dbo].[Accounts]
WHERE username='{0}' ", Request.Form["username"]);
DataTable dt = new DataTable();
SqlConnection connection = new SqlConnection(connection_string);
SqlCommand command = new SqlCommand(sql, connection);
command.CommandType = CommandType.Text;
connection.Open();
SqlDataReader sdr = command.ExecuteReader(CommandBehavior.CloseConnection);
dt.Load(sdr);
sdr.Close(); //this will close the connection too
if (dt.Rows.Count > 0)
if (dt.Rows[0]["password"].ToString() == Request.Form["password"])
LoginUser();
First, the exploit. There are an infinite number of things you can do with a SQL Injection, but we'll use the simple input:
' AND 0=1 UNION SELECT '123456' -- in the username field and 123456 in the password field.
This turns the executed query into:
SELECT
password
FROM [dbo].[Accounts]
WHERE username='' AND 0=1 UNION SELECT '123456' --'
First, you'll note that the -- placed at the end will comment out the original query ending, including the single-quote. The end result has the WHERE-clause being interpreted as username='' AND 0=1. Obviously, the AND 0=1 portion will cause the entire clause to return FALSE. At this point, we UNION a literal '123456', which will allow us access to the site. (Note that this is a very simple example, in most cases you would most likely be selecting back the matching user account and hence could theoretically login to any account.)
Some may argue that I made the impossible possible by revealing the original source code, but that's not necessarily true. For anyone that's attempting a SQL-injection, it's most likely not a large leap to write a script to brute force the parameters of the victim query. At that point, you can literally do whatever you want by using a little ingenuity and the INFORMATION_SCHEMA object, supported by most RDMS.
.NET Quickies
* Using a method of the String object, what is the optimized .NET way of performing the (often executed) compound conditional:
if (some_string != null && some_string != "")
DoSomething();
String.IsNullOrEmpty()
(in my tests for this blog entry, it consistently performed 40-45% faster)
* When encoding data, what is the key overall difference between hashing and encrypting?
Hashing is a one-way mapping, while encryption has a corresponding decryption which will reverse the process.
* What is the effect of making a method of a class static and what might it's use be?
Static methods are not associated with any one instance of the class, nor are they able to access any instance fields of a class. Thus, instead of invoking the methods through an instance call, you use the name of the class instead (since you are referencing the single Type object of that class maintained by .NET), like so:
string s = "some test string";
bool starts_with_some = s.StartsWith("some");
bool not_null_or_empty = string.IsNullOrEmpty(s);
Static methods allow you to provide stand-alone methods that relate to a classes functionality. Another example might be a Country class. I might use it to represent a single country object, with fields/properties like CountryID, Name or ZipCodeList. I might also include a method to use the current class' data like GetIPRange() or FindContinent(). Finally, I could also add stand-alone (static) methods, like Country.GetAllCountries() to return a List containing the name of every country on Earth.
I want to add the additional note that since I've been seeing an increase in the number of "demand media" interview questions Google searches hit my blog, we have been working on restructuring our interview process to change the questions around and are now working towards a much more hands-on interview. Note that part of the review process includes reviewing my blog for any questions and removing them (or limiting the use of them) from our interview process. So make sure you know how to use .NET in ways outside the scope of these questions.
I also want to encourage people to continue contacting me with your questions and comments. As long as there is an interest in the topic, I will continue to present real-life .NET interview questions.
Part 1 can be found here.
Part 2 can be found here.
Continuing from where we left off...
6. If placed in the Page_Load method of a ASP.NET page, what will the following code output?
Response.Write("<br />Before");
try
{
Response.Write("<br />In the 'try'");
int i = 0;
int j = 1 / i;
}
catch
{
Response.Write("<br />In the 'catch'");
Response.End();
return;
}
finally
{
Response.Write("<br />In the 'finally'");
}
Response.Write("<br />After");
Pretty simple question, right? Wrong!
I got it wrong the first time round too and even for the posting of this blog I made sure to execute the program and check the results!
You would see the following:
Before
In the 'try'
In the 'catch'
In the 'finally'
Remember that the finally clause will execute without exception (no pun intended). I tried to really drive that home by first executing Response.End, which even throws a second exception, and then executing a return function, in an attempt to leave the currently executing method.
Regardless of the return, the finally clause still executes before returning control to the return statement, preventing the display of the word "After".
7. Write a script to generate a dynamic image on a webpage, such as for use as a CAPTCHA, placing a watermark on an image or checking the referring url of a requested image?
For my example, I'll display 10 characters of randomly sized/styled/selected text in on a Red background. Note that I'm not going to introduce any warping, backgrounds or any other security features. This code is not intended for use as a real CAPTCHA and it would be trivial to write a OCR script to attack it.
I'm going to put the whole block of code without too much discussion. Most of the work is done by the GDI functions, which you can easily look up on MSDN. This would be placed in the OnLoad portion of a page and then called through a img object in the HTML like:
<img src="CaptchaImage.aspx" />
Note that we have previously defined the following helper structure to avoid repeated boxing/unboxing:
struct CaptchaCharacter
{
public char character;
public Font font;
}
The rest of the code follows:
int width = 600;
int height = 400;
int number_of_characters = 10;
string character_choices = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
//NUMBERS 0+1, LETTERS I+O removed for legibility reasons
string[] font_families = { "Tahoma", "Arial", "Verdana" };
int[] font_sizes = { 36, 60, 84, 108 };
Rectangle bmp_rect = new Rectangle(0, 0, width, height);
Bitmap bmp = new Bitmap(width, height);
Graphics graphics = Graphics.FromImage(bmp);
graphics.SmoothingMode = SmoothingMode.AntiAlias;
graphics.FillRectangle(Brushes.Red, bmp_rect);
CaptchaCharacter[] character_array = new CaptchaCharacter[number_of_characters];
Random rnd = new Random();
for (int x = 0; x < number_of_characters; x++)
{
CaptchaCharacter new_char = new CaptchaCharacter();
new_char.character = character_choices[rnd.Next(0, character_choices.Length)];
new_char.font = new Font(font_families[rnd.Next(0, font_families.Length)],
font_sizes[rnd.Next(0, font_sizes.Length)]);
character_array[x] = new_char;
}
StringFormat format = new StringFormat();
format.Alignment = StringAlignment.Center;
format.LineAlignment = StringAlignment.Center;
GraphicsPath path = new GraphicsPath();
for (int a = 0; a < number_of_characters; a++)
{
RectangleF rect = new RectangleF((width / number_of_characters) * a,
0,
width / number_of_characters,
height);
path.AddString(character_array[a].character.ToString(),
character_array[a].font.FontFamily,
0,
character_array[a].font.SizeInPoints,
rect,
format);
}
graphics.FillPath(Brushes.Black, path);
Response.ContentType = "image/gif";
bmp.Save(Response.OutputStream, ImageFormat.Gif);
//we dispose all the Graphics objects
for (int z = 0; z < character_array.Length; z++)
character_array[z].font.Dispose();
path.Dispose();
graphics.Dispose();
bmp.Dispose();
First a Bitmap object is created, which is what we will eventually output. After obtaining a reference to it's GDI Graphics object, we begin drawing on it. First a background rectangle with a Red brush is drawn and then a GraphicsPath object is created. We can use the built-in AddString method of the GraphicsPath to easily style and add our characters. We could have easily output the whole string at once, but we loop through each character to apply individual styling of FontFamily and font size to each character. Finally, we change the ResponseType of the our encapsulating page and save the bitmap to the built-in OutputStream (which will block all other output to the page).
Lately, I've seen a lot of really bad SQL come through the office on interviews. In our extensive interview process, many of the other developers focus on simple SQL problems, which is really all that is necessary for the day-to-day job at Demand.
Unlike some of the other developers, my boss constantly chastises me for worrying about security too much. I can't deny that I do obsess about security too much, given my background, but because of that I'll occasionally ask the following question, which I think any SQL developer should be able to answer:
8. Given a simple login box (with username and password fields), what input will compromise the database in a susceptible system?
I'll even go so far as to show you the poorly written code that will allow this... (Note that the code is looking for the password of the given user and will check it in C# code below, that's all it takes to allow an exploit).
string sql = string.Format(@"
SELECT
password
FROM [dbo].[Accounts]
WHERE username='{0}' ", Request.Form["username"]);
DataTable dt = new DataTable();
SqlConnection connection = new SqlConnection(connection_string);
SqlCommand command = new SqlCommand(sql, connection);
command.CommandType = CommandType.Text;
connection.Open();
SqlDataReader sdr = command.ExecuteReader(CommandBehavior.CloseConnection);
dt.Load(sdr);
sdr.Close(); //this will close the connection too
if (dt.Rows.Count > 0)
if (dt.Rows[0]["password"].ToString() == Request.Form["password"])
LoginUser();
First, the exploit. There are an infinite number of things you can do with a SQL Injection, but we'll use the simple input:
' AND 0=1 UNION SELECT '123456' -- in the username field and 123456 in the password field.
This turns the executed query into:
SELECT
password
FROM [dbo].[Accounts]
WHERE username='' AND 0=1 UNION SELECT '123456' --'
First, you'll note that the -- placed at the end will comment out the original query ending, including the single-quote. The end result has the WHERE-clause being interpreted as username='' AND 0=1. Obviously, the AND 0=1 portion will cause the entire clause to return FALSE. At this point, we UNION a literal '123456', which will allow us access to the site. (Note that this is a very simple example, in most cases you would most likely be selecting back the matching user account and hence could theoretically login to any account.)
Some may argue that I made the impossible possible by revealing the original source code, but that's not necessarily true. For anyone that's attempting a SQL-injection, it's most likely not a large leap to write a script to brute force the parameters of the victim query. At that point, you can literally do whatever you want by using a little ingenuity and the INFORMATION_SCHEMA object, supported by most RDMS.
.NET Quickies
* Using a method of the String object, what is the optimized .NET way of performing the (often executed) compound conditional:
if (some_string != null && some_string != "")
DoSomething();
String.IsNullOrEmpty()
(in my tests for this blog entry, it consistently performed 40-45% faster)
* When encoding data, what is the key overall difference between hashing and encrypting?
Hashing is a one-way mapping, while encryption has a corresponding decryption which will reverse the process.
* What is the effect of making a method of a class static and what might it's use be?
Static methods are not associated with any one instance of the class, nor are they able to access any instance fields of a class. Thus, instead of invoking the methods through an instance call, you use the name of the class instead (since you are referencing the single Type object of that class maintained by .NET), like so:
string s = "some test string";
bool starts_with_some = s.StartsWith("some");
//StartsWith uses the instance s
bool not_null_or_empty = string.IsNullOrEmpty(s);
//IsNullOrEmpty is a static method
Static methods allow you to provide stand-alone methods that relate to a classes functionality. Another example might be a Country class. I might use it to represent a single country object, with fields/properties like CountryID, Name or ZipCodeList. I might also include a method to use the current class' data like GetIPRange() or FindContinent(). Finally, I could also add stand-alone (static) methods, like Country.GetAllCountries() to return a List
I want to add the additional note that since I've been seeing an increase in the number of "demand media" interview questions Google searches hit my blog, we have been working on restructuring our interview process to change the questions around and are now working towards a much more hands-on interview. Note that part of the review process includes reviewing my blog for any questions and removing them (or limiting the use of them) from our interview process. So make sure you know how to use .NET in ways outside the scope of these questions.
I also want to encourage people to continue contacting me with your questions and comments. As long as there is an interest in the topic, I will continue to present real-life .NET interview questions.
0 comments
Simple Speed Testing in .NET - System.Diagnostics.Stopwatch
August 18, 2007 • 6:48AM • permalink
One of the biggest problems with the .NET Framework is that so many new features are released with each major version that minor additions and features usually slip through the cracks. In my experience, very few classes have been overlooked during the transition from 1.1 to 2.0 as much as the Stopwatch class (System.Diagnostics.Stopwatch).
This is a replacement for what most people probably do to test two different blocks of code that perform the same action and compare the speed between them. The process usually goes something like: log the current time, run the test, take the difference between the current time and your logged time, rinse, repeat.
As an alternative, the Stopwatch class was built using low-level API calls, with less overhead than other .NET methods. If the hardware and Windows version of the computer support a high-resolution performance counter, it will use this counter instead of the standard PC clock.
Here is a simple example:
using System.Diagnostics;
Stopwatch sw = new Stopwatch();
string s1 = "";
string s2 = "";
string letters = "abcdefghijklmnopqrstuvwxyz";
int iterations = 50000;
sw.Start();
for (int i = 0; i < iterations; ++i)
s1 += letters[i % 26];
sw.Stop();
Response.Write("Test 1: " + sw.ElapsedMilliseconds + "ms");
sw.Reset();
sw.Start();
for (int i = 0; i < iterations; ++i)
string.Concat(s2, letters[i % 26]);
sw.Stop();
Response.Write(" | Test 2: " + sw.ElapsedMilliseconds + "ms");
As it mentions above, don't forget to Reset your Stopwatch between tests or your subsequent tests will have their times inflated (since otherwise the Stopwatch will continue incrementing from the point that it was stopped).
The Stopwatch has a few other useful methods and properties, such as IsRunning and IsHighResolution. You can view the MSDN description of the Stopwatch class here.
In case you're curious, the string.Concat function outperformed the += operator by over 550 times in repeated tests on my machine. This is due to the fact that the += creates multiple (immutable) string objects, while the string.Concat uses a buffer technique to avoid that. More to come on this topic in a future post.
This is a replacement for what most people probably do to test two different blocks of code that perform the same action and compare the speed between them. The process usually goes something like: log the current time, run the test, take the difference between the current time and your logged time, rinse, repeat.
As an alternative, the Stopwatch class was built using low-level API calls, with less overhead than other .NET methods. If the hardware and Windows version of the computer support a high-resolution performance counter, it will use this counter instead of the standard PC clock.
Here is a simple example:
using System.Diagnostics;
//Note: make sure you have this at the top of the class
Stopwatch sw = new Stopwatch();
//do any preliminary processing here, to not inflate your test results
string s1 = "";
string s2 = "";
string letters = "abcdefghijklmnopqrstuvwxyz";
int iterations = 50000;
//TEST 1
sw.Start();
for (int i = 0; i < iterations; ++i)
s1 += letters[i % 26];
sw.Stop();
//END - TEST 1
Response.Write("Test 1: " + sw.ElapsedMilliseconds + "ms");
//note that you can also use sw.ElapsedTicks
sw.Reset();
//Don't forget to reset the Stopwatch before your second test!!!
//TEST 2
sw.Start();
for (int i = 0; i < iterations; ++i)
string.Concat(s2, letters[i % 26]);
sw.Stop();
//END - TEST 2
Response.Write(" | Test 2: " + sw.ElapsedMilliseconds + "ms");
As it mentions above, don't forget to Reset your Stopwatch between tests or your subsequent tests will have their times inflated (since otherwise the Stopwatch will continue incrementing from the point that it was stopped).
The Stopwatch has a few other useful methods and properties, such as IsRunning and IsHighResolution. You can view the MSDN description of the Stopwatch class here.
In case you're curious, the string.Concat function outperformed the += operator by over 550 times in repeated tests on my machine. This is due to the fact that the += creates multiple (immutable) string objects, while the string.Concat uses a buffer technique to avoid that. More to come on this topic in a future post.
Book Review: Microsoft Windows Internals
August 12, 2007 • 1:06AM • permalink
Microsoft Windows Internals by David Solomon and Mark Russinovich dictates the internals of multiple parts of the Windows operating system, mainly focusing on Windows XP, Windows 2000 and Windows Server 2003 (including 64-bit versions and any IA-64 specifics). 
The book is directed at Operating System and Device Driver developers and every concept coupled with specific Win32 API functions or kernel variables that can be used to follow along or test out the concepts it presents. Additionally, sysadmins will be able to use the book as a very low-level reference manual since the kernel variables are matched up to performance counters that can be viewed using the standard Windows Performance Monitor.
The book moves from the basic systems that power the operating system using a layering technique to build your knowledge of Windows as you read. Startup, shutdown, processes, threads, virtual memory, security, I/O, caching and more - and then ending with the higher-level support that Windows provides for networking and a simple crash analysis of a basic BSoD (Blue-Screen-of-Death). The book also touches on several protocols like TCP/IP, uPnP and NTFS which helps give developers an overall understanding of how the different systems work together to drive the Windows user experience.
Occasionally it reads like a bloated advertisement for Russinovich's SysInternals toolset (http://www.sysinternals.com) - that is until you take the time to download any of the tools. Process Explorer in particular is one of the most valuable Windows Tools I've ever encountered and eliminates any need for the primitive Task Manager that you might have had in the past. The tools are used throughout the text in experiments that illustrate various parts of the Windows kernel.
The book moves from the basic systems that power the operating system using a layering technique to build your knowledge of Windows as you read. Startup, shutdown, processes, threads, virtual memory, security, I/O, caching and more - and then ending with the higher-level support that Windows provides for networking and a simple crash analysis of a basic BSoD (Blue-Screen-of-Death). The book also touches on several protocols like TCP/IP, uPnP and NTFS which helps give developers an overall understanding of how the different systems work together to drive the Windows user experience.
Occasionally it reads like a bloated advertisement for Russinovich's SysInternals toolset (http://www.sysinternals.com) - that is until you take the time to download any of the tools. Process Explorer in particular is one of the most valuable Windows Tools I've ever encountered and eliminates any need for the primitive Task Manager that you might have had in the past. The tools are used throughout the text in experiments that illustrate various parts of the Windows kernel.
A screenshot of Process Explorer.
Additionally, the humor of Solomon and Russinovich keep an otherwise boring subject more interesting than it should be, including which Registry key is spoofed to display the current computer's processor in the Control Panel's System applet and a BSoD Screensaver to install on your co-worker's computers.
To sum it up, this is one of the best books about Windows Development that I've read since Petzold's classic "Programming Windows 95" (Programming Windows 4th edition). Anyone interested in learning more about the fundamentals of Windows development should pick up a copy. A better understanding of the systems underlying your programs will allow for better optimization and performance, as well as a means to perform some "down and dirty" debugging work at the kernel level.
.NET Interview Questions - Part 1
August 07, 2007 • 9:52AM • permalink
With MANY open .NET development positions in the Media Department, I've had many opportunities to refine my interview process. Below is a summary of my experience, including some of the general .NET questions we ask most job candidates at Demand Media (and why). Since we are constantly refining the interview process and adding new questions and since this is going to be a rather long entry, I'll split it up into several separate posts.
General Interview Notes
First, a couple of general caveats:
1) I try to give the interviewee the benefit of the doubt. A lot of the time, the people I talk to have more years of experience than I've been alive, so I understand that a lot of them are intimidated by my youth.
2) Look up something about the company on the Internet. Of course nobody has time to redo their entire resume to cater to a specific company, but look up something about the company and try to tune your responses to items that might relate.
3) Most interviews I've been on included the question: "Do you have any questions for me?" That's your cue. Ask any intelligent question without appearing to be a snob, but make sure you ask something (besides your compulsory question about which snacks are kept in which kitchen.) A few stand-by questions I used to use are: "Will I be able to continue my personal education and learn here?", "How quickly do you adapt to new technologies and upgrades to existing technologies?", "What is the team dynamic like?" and "How much room is there for career growth at XXXXXXX Company?"
4) Your resume is your first impression. Use it as a way to highlight your strengths, not as a laundry list of items you "used once in school". There are two main items in particular I see all the time: C++ and .NET 3.5 - usually only by candidates who can't explain ANY intricate features of either.
5) An interview should be a learning process, as well. If you don't understand a question or an answer to a question, ask!
6) TURN OFF YOUR CELL PHONE!!! For many people I've encountered during my career (including me), a cell phone going off during an interview is an instant death sentence. You can start juggling keyboards after that - it's not going to matter...
And now finally...
.NET Questions
1) Describe the difference between a reference type variable and a value type variable?
This is a good question we use to get rid of the riff-raff right away. If you can't form some semblence of an answer to this question, we won't even consider you a candidate for a job.
While we look for many keywords, a simple description of the fact that a value type stores the actual value of the data and the reference type stores an address or pointer to the data usually suffices.
If you don't somehow relate the reference and value types to their storage location on the stack and the heap, that will definitely become question 1b.
2) Describe the process of using an integer variable (of any size) as a bitmap for boolean flags?
This is a process I brought with me to Demand (inherited from Intermix Media, where I propagated the idea as well), but I think it's fairly clear why this is a simple, but vital idea. (Although, I'm assuming below a basic knowledge of binary numbers and bitwise mathematics.)
The idea is that any number can be viewed as a series of bytes and then bits. First I'll describe the process, then I'll demonstrate it in both basic C/C++/C# code and then using .NET additions.
As you should already know, any number can be represented in binary form, which means any number can be represented as a sum of one or more powers of two. We can show this number a number of ways:
123 (decimal) OR
(100 * 1) + (10 * 2) + (1 * 3) OR
(10^2 * 1) + (10^1 * 2) + (10^0 * 3) OR
(64 * 1) + (32 * 1) + (16 * 1) + (8 * 1) * (4 * 0) + (2 * 1) + (1 * 1) OR
(2^6 * 1) + (2^5 * 1) + (2^4 * 1) + (2^3 * 1) * (2^2 * 0) + (2^1 * 1) + (2^0 * 1) OR
1111011 (binary)
If the above binary number is extended to represent a 32-bit int,it would look like:
00000000000000000000000001111011
with the leftmost bit being bit 31 and the rightmost bit being bit 0.
This allows us to see the above as a series of 32 switches or Boolean (True/False) flags that can be accessed (counting from 0 and from the right) by taking a bitwise AND of the number and the "on" value.
As you can see from the above representation, the fourth bit from the right is in the 2^3 position. So, if we take the bitwise AND of our value with 2^3 (8), we get the following:
= 123 & 8
= 8
Since the result (8) is the same as the flag (8), the integer (123) does contain the flag!
When adding flags into your integer, you instead use the bitwise OR. This is always used to switch flags on, so if the flag already exists in your number - it will have no effect, as shown in the following examples:
= 123 | 8
= 123
= 123 | 4
= 127
Finally, to remove a class you take the bitwise AND of the bitwise NOT of the value you're trying to remove. The bitwise NOT inverts the value, so the AND masks any other bits that are currently set, like:
= 127 & (~4)
= 123
The example I usually like to use is to build out the character classes in an RPG-like setting.
Simple C-style Example:
/* CC_ is for Character Class */
int CC_DWARF = 1;
int CC_FIGHTER = 2;
int CC_NINJA = 4;
int CC_SAMURAI = 8;
int CC_ELF = 16;
int CC_MAGICIAN = 32;
int CC_PALADIN = 64;
int CC_HOBBIT = 128;
int CC_PRIEST = 256;
int CC_DARKLORD = 1073741824;
int character_dwarf_fighter = CC_DWARF | CC_FIGHTER;
int character_samurai_elf = CC_SAMURAI | CC_ELF;
int super_crazy_bad_guy = CC_FIGHTER | CC_NINJA | CC_SAMURAI | CC_MAGICIAN | CC_DARKLORD;
int super_crazy_bad_guy2 = super_crazy_bad_guy;
super_crazy_bad_guy2 &= ~(CC_DARKLORD);
if ((super_crazy_bad_guy2 & CC_DARKLORD) == CC_DARKLORD)
Response.Write("This guy is nothing now!");
if ((super_crazy_bad_guy2 & CC_PRIEST) == CC_PRIEST)
Response.Write("This guy is holier than I am!");
Simple .NET/C#-style Example:
[Flags]
public enum CharacterClasses : int
{
Dwarf = 1,
Fighter = 2,
Ninja = 4,
Samurai = 8,
Elf = 16,
Magician = 32,
Paladin = 64,
Hobbit = 128,
Priest = 256,
DarkLord = 1073741824
};
CharacterClasses super_crazy_bad_guy = CharacterClasses.Fighter | CharacterClasses.Ninja | CharacterClasses.Samurai | CharacterClasses.Magician | CharacterClasses.DarkLord;
Response.Write(super_crazy_bad_guy.ToString());
super_crazy_bad_guy -= CharacterClasses.DarkLord;
Response.Write(super_crazy_bad_guy.ToString());
super_crazy_bad_guy |= CharacterClasses.Elf;
Response.Write(super_crazy_bad_guy.ToString());
if ((super_crazy_bad_guy &= CharacterClasses.Elf) != 0)
Response.Write("An elf!");
if ((super_crazy_bad_guy &= CharacterClasses.Paladin) != 0)
Response.Write("A paladin!");
.NET Quickies
* What is the root class that all other .NET classes are derived from?
System.Object
* Name as many ways as you can think of to find a certain character in a string?
String.Contains, "Character Crawl" using any of (for/foreach, String.Chars, String.CharAt, String[], bit masking, plus many others), String.IndexOf, String.LastIndexOf, etc.
* What is a GUID?
Global Unique IDentifier - A 128-bit value that is statistically impossible to be duplicated in a closed environment. (Bonus points if you throw in a note about using it in a multi-server environment by setting the machinekey, generating on the SQL server, using a Key server, etc.)
More to come! Also, if anyone has any suggestions for questions that I should add into my interview process, please send me them!
General Interview Notes
First, a couple of general caveats:
1) I try to give the interviewee the benefit of the doubt. A lot of the time, the people I talk to have more years of experience than I've been alive, so I understand that a lot of them are intimidated by my youth.
2) Look up something about the company on the Internet. Of course nobody has time to redo their entire resume to cater to a specific company, but look up something about the company and try to tune your responses to items that might relate.
3) Most interviews I've been on included the question: "Do you have any questions for me?" That's your cue. Ask any intelligent question without appearing to be a snob, but make sure you ask something (besides your compulsory question about which snacks are kept in which kitchen.) A few stand-by questions I used to use are: "Will I be able to continue my personal education and learn here?", "How quickly do you adapt to new technologies and upgrades to existing technologies?", "What is the team dynamic like?" and "How much room is there for career growth at XXXXXXX Company?"
4) Your resume is your first impression. Use it as a way to highlight your strengths, not as a laundry list of items you "used once in school". There are two main items in particular I see all the time: C++ and .NET 3.5 - usually only by candidates who can't explain ANY intricate features of either.
5) An interview should be a learning process, as well. If you don't understand a question or an answer to a question, ask!
6) TURN OFF YOUR CELL PHONE!!! For many people I've encountered during my career (including me), a cell phone going off during an interview is an instant death sentence. You can start juggling keyboards after that - it's not going to matter...
And now finally...
.NET Questions
1) Describe the difference between a reference type variable and a value type variable?
This is a good question we use to get rid of the riff-raff right away. If you can't form some semblence of an answer to this question, we won't even consider you a candidate for a job.
While we look for many keywords, a simple description of the fact that a value type stores the actual value of the data and the reference type stores an address or pointer to the data usually suffices.
If you don't somehow relate the reference and value types to their storage location on the stack and the heap, that will definitely become question 1b.
2) Describe the process of using an integer variable (of any size) as a bitmap for boolean flags?
This is a process I brought with me to Demand (inherited from Intermix Media, where I propagated the idea as well), but I think it's fairly clear why this is a simple, but vital idea. (Although, I'm assuming below a basic knowledge of binary numbers and bitwise mathematics.)
The idea is that any number can be viewed as a series of bytes and then bits. First I'll describe the process, then I'll demonstrate it in both basic C/C++/C# code and then using .NET additions.
As you should already know, any number can be represented in binary form, which means any number can be represented as a sum of one or more powers of two. We can show this number a number of ways:
123 (decimal) OR
(100 * 1) + (10 * 2) + (1 * 3) OR
(10^2 * 1) + (10^1 * 2) + (10^0 * 3) OR
(64 * 1) + (32 * 1) + (16 * 1) + (8 * 1) * (4 * 0) + (2 * 1) + (1 * 1) OR
(2^6 * 1) + (2^5 * 1) + (2^4 * 1) + (2^3 * 1) * (2^2 * 0) + (2^1 * 1) + (2^0 * 1) OR
1111011 (binary)
If the above binary number is extended to represent a 32-bit int,it would look like:
00000000000000000000000001111011
with the leftmost bit being bit 31 and the rightmost bit being bit 0.
This allows us to see the above as a series of 32 switches or Boolean (True/False) flags that can be accessed (counting from 0 and from the right) by taking a bitwise AND of the number and the "on" value.
As you can see from the above representation, the fourth bit from the right is in the 2^3 position. So, if we take the bitwise AND of our value with 2^3 (8), we get the following:
= 123 & 8
= 8
Since the result (8) is the same as the flag (8), the integer (123) does contain the flag!
When adding flags into your integer, you instead use the bitwise OR. This is always used to switch flags on, so if the flag already exists in your number - it will have no effect, as shown in the following examples:
= 123 | 8
= 123
= 123 | 4
= 127
Finally, to remove a class you take the bitwise AND of the bitwise NOT of the value you're trying to remove. The bitwise NOT inverts the value, so the AND masks any other bits that are currently set, like:
= 127 & (~4)
= 123
The example I usually like to use is to build out the character classes in an RPG-like setting.
Simple C-style Example:
/* CC_ is for Character Class */
int CC_DWARF = 1;
int CC_FIGHTER = 2;
int CC_NINJA = 4;
int CC_SAMURAI = 8;
int CC_ELF = 16;
int CC_MAGICIAN = 32;
int CC_PALADIN = 64;
int CC_HOBBIT = 128;
int CC_PRIEST = 256;
int CC_DARKLORD = 1073741824;
int character_dwarf_fighter = CC_DWARF | CC_FIGHTER;
//value is 3
int character_samurai_elf = CC_SAMURAI | CC_ELF;
//value is 24
int super_crazy_bad_guy = CC_FIGHTER | CC_NINJA | CC_SAMURAI | CC_MAGICIAN | CC_DARKLORD;
//value is 1073741870
//let's remove the CC_DARKLORD class
int super_crazy_bad_guy2 = super_crazy_bad_guy;
super_crazy_bad_guy2 &= ~(CC_DARKLORD);
//value of super_crazy_bad_guy2 is now 46
//OR CC_FIGHTER | CC_NINJA | CC_SAMURAI | CC_MAGICIAN
//let's check super_crazy_bad_guy2 for CC_DARKLORD
if ((super_crazy_bad_guy2 & CC_DARKLORD) == CC_DARKLORD)
Response.Write("This guy is nothing now!");
//this will print...
//let's check super_crazy_bad_guy2 for CC_DARKLORD
if ((super_crazy_bad_guy2 & CC_PRIEST) == CC_PRIEST)
Response.Write("This guy is holier than I am!");
//this will NOT print...
Simple .NET/C#-style Example:
[Flags]
public enum CharacterClasses : int
{
Dwarf = 1,
Fighter = 2,
Ninja = 4,
Samurai = 8,
Elf = 16,
Magician = 32,
Paladin = 64,
Hobbit = 128,
Priest = 256,
DarkLord = 1073741824
};
CharacterClasses super_crazy_bad_guy = CharacterClasses.Fighter | CharacterClasses.Ninja | CharacterClasses.Samurai | CharacterClasses.Magician | CharacterClasses.DarkLord;
Response.Write(super_crazy_bad_guy.ToString());
//prints Fighter, Ninja, Samurai, Magician, DarkLord
super_crazy_bad_guy -= CharacterClasses.DarkLord;
Response.Write(super_crazy_bad_guy.ToString());
//prints Fighter, Ninja, Samurai, Magician
super_crazy_bad_guy |= CharacterClasses.Elf;
Response.Write(super_crazy_bad_guy.ToString());
//prints Fighter, Ninja, Samurai, Elf, Magician
if ((super_crazy_bad_guy &= CharacterClasses.Elf) != 0)
Response.Write("An elf!");
//this will print
if ((super_crazy_bad_guy &= CharacterClasses.Paladin) != 0)
Response.Write("A paladin!");
//this will NOT print
.NET Quickies
* What is the root class that all other .NET classes are derived from?
System.Object
* Name as many ways as you can think of to find a certain character in a string?
String.Contains, "Character Crawl" using any of (for/foreach, String.Chars, String.CharAt, String[], bit masking, plus many others), String.IndexOf, String.LastIndexOf, etc.
* What is a GUID?
Global Unique IDentifier - A 128-bit value that is statistically impossible to be duplicated in a closed environment. (Bonus points if you throw in a note about using it in a multi-server environment by setting the machinekey, generating on the SQL server, using a Key server, etc.)
More to come! Also, if anyone has any suggestions for questions that I should add into my interview process, please send me them!
|
page 1 of 1
|
