I'm going to be taking this next week, so I thought I'd post my study notes as I assemble them.

• May include but is not limited to: using the ConnectionStringBuilder; leveraging the ConfigurationManager; protecting the connection string; using Security Support Provider Interface (SSPI) or SQL Server authentication; correctly addressing the SQL Server instance; managing “User Instance” and AttachDBfilename

The ConnectionStringBuilder objects allow for an abstract way of building a connection string for ADO.NET.  There is a good writeup on the data access blog showing basic usage.  There is a SqlConnectionStringBuilder, OleDbConnectionStringBuilder, OdbcConnectionStringBuilder, and an OracleConnectionStringBuilder.

The ConfigurationManager has a specific section for storing connection strings and the ConnectionStrings property to manipulate them.  See this article on MSDN for more information.  An area that doesn't get much attention is that the Connection string configuration can be stored in a separate config file.  See the section titled "Using external configuration files" to see how to use the configSource property.

MSDN has an article on securing configuration strings.  An important part to pay attention to is encrypting connection string information stored in config files.  Scott Forsyth has a post on using aspnet_regiis to protect web.config files.  Daruish Tasdighi has an article at codeproject about protecting the contents using the ConfigurationSection.ProtectSection / UnprotectSection methods.

• Manage connection objects.
  May include but is not limited to: managing connection state, managing connection pool; implementing persistent data connections; implementing Multiple Active Result Sets (MARS); encrypting and decrypting data

Managing connection state.  I think that is knowing that there are methods on the connection object to open and close the connection.  The connection will be closed when the connection object is disposed.

There is a great post by Sijin Joseph about connection pooling with all the different connection objects.  I wasn't aware that there is no connection pooling with ODBC using the managed providers.  Also interesting was that connection pooling for SQL Server was disabled while debugging in Visual Studio.  Another thing to be aware of is that when using Integrated Security for SQL Server, the domain/user is added to the list of things that need to match for a connection to be reused.

To have a persistent data connection, you disable connection pooling and keep the instance of the connection object around.  The connection will remain open until the connection object is disposed or the close method is used.

Eric Moreau has a post on using MARS.  It is only supported in the SQL Server and Oracle managed providers. 

You can encrypt/decrypt the data passed from the client back and to the database server by adding the Encrypt keyword to the connection string for SQL Server or using the Encrypt property on the SqlConnectionStringBuilder.

• Work with data providers.
  May include but is not limited to: limitations, behaviors, performance, installation issues, deployment issues; ODBC, Microsoft OLE DB, SqlClient, managed providers, third-party providers, native providers

I guess this is a nice way of saying, "Know everything about ADO.NET".  Some of the things I'm aware of are the just because you have a managed provider available, you still need the native dll libraries.  Oracle, for example.  The client needs the oracle client libraries in order to connect to Oracle.  I mentioned some of the shortcomings of ODBC above in regards to pooling.  A great source for third party data providers can be found at the mono project (Firebird, MySql, SQLLite, PostgresSQL, Mimer, Sybase..)

• Connect to a data source by using a generic data access interface.
  May include but is not limited to: System.Data.Common namespace classes

The common namespace is the abstract definition for all data providers.  You would use this when you aren't sure which data provider your application will ultimately use.  Using the DbProviderFactory you can instantiate objects for a specific data provider.   Suman Chakrabarti has a post showing how to use the DbProviderFactory class.

• Handle and diagnose database connection exceptions.
  May include but is not limited to: implementing try/catch handlers

Joydip Kanjilal has a post on handling exceptions in ADO.NET.  If you catch a SqlException, you would examine the number property to determine the root cause of the problem.

Next -> Section II Selecting and Querying Data

UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 2

Create a client application to access a remote object.

• Create a remote object.
• Configure a client application programmatically.
• Configure a client application manually by using configuration files.
• Access the remoting service by calling a remote method.
• Call a remote method synchronously in a client application.

To create a remote object, configure the client application to use remoting.  This can be done using a config file, or programatically.  MSDN has information on setting up a client application.

You can see how to progmatically setup a client on Jibin Pan's article at c-sharpcorner. 

MSDN has information on how to setup a client using configuration files.

To call a remote method, create the object as usual (if you have remoting configured for the type) or use Activator.GetObject.

By default remoting calls are synchronous.  So I think they meant to say "Call a remote method asynchronously in a client application".  MSDN has information on how to do invoke a method asynchronously.

Create and configure a server application.

• Create a server application domain.
• Configure a server application programmatically.
• Configure a server application by using configuration files.
• Compile and build a server application.

In general, it's good to look at the Remoting FAQ at thinktecture.

To create a server app domain, look at these instructions on MSDN.  Use a configuration file, and use RemotingConfiguration.Configure to read it in.  The objects are available at that point.

To do it programically, look at this article at Express Computer. 

The MSDN article has instructions on how to configure the server application.

I don't see why building a server application is any different that other types of applications.  You just compile to get an executable.  Make sure that the configuration file (if you're using a config file) gets named to <app>.exe.config and is deployed with the executable.

UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 2

Configure SOAP messages.

• Configure the formatting of SOAP messages for a Web service method.
• Specify the basic information for a Web service application.
• Specify the bindings of a Web service application by using the WebServiceBindingAttribute attribute.
• Configure a Web service application by using a Machine.config file.
• Configure a Web service application by using a Web.config file.

MSDN has a section on formatting SOAP messages.  Know about the SoapDocumentMethod attribute and SoapDocumentService attribute.  Know that you can control the formatting using XML Serialization attributes.

I guess the basic information for a web service application would be specified using the WebService attribute.  You can control the name of the web service, and the namespace.

Binding defines a concrete set of operations.  It is implemented by the WebServiceBinding attribute.  You can specify what WSI spec your service conforms to (as of now, Basic Profile 1.1 or none), whether or not the service emits conformance claims, the location of the binding (defaults to your web service), and the namespace associated with the binding.  Christian Weyer has some thoughts about the attribute on his blog.

The XML Web Services repository has a good FAQ.  In in, some of the things controlled by the web/machine.config are pointed out.  Here's how to enable/disable WSDL generation.  Also you can control the location of a dynamic reference to a web service in the config file.

PRO: Designing and Optimizing Data Access by Using Microsoft SQL Server 2005

Design client libraries to write applications that administer a SQL Server service.

• Design server management objects (SMO) applications.
• Design replication management objects (RMO) applications.
• Design automation management objects (AMO) applications.
• Design SQL Server Networking Interface (SNI) for asynchronous queries.

Here's MSDN's section on SMO.  Darshan Singh has an overview of SMO at YukonXML.com.  David Hayden has an example of how to create a table using SMO.

MSDN's section on RMO.  There is not a lot of community activity in respects to RMO.  Here's my take.  Probably good to know how to create a publication (EnabledTransPublishing on ReplicationDatabase, Create a TransPublication object), create a subscription (TransPullSubscription, or TransSubscription), how to cause a syncronization (TransSynchronizationAgent).  Keep in mind I've never use these objects, these are the ones that strike me as important.

It appears that AMO really means Analysis Management Objects.  There appears to be no reference anywhere to "automation management objects" anywhere.  Here's MSDN's section on AMO.  Liu Tang and Paul Bradley wrote a overview for MSDN magazine.

SNI For Async?  It looks like SNI is used for tracing.  Here's an article at MSDN that mentions SNI.

Next up-> MARS

PRO: Designing and Optimizing Data Access by Using Microsoft SQL Server 2005

Design caching strategies.

• Select ADO.NET caching.
• Design custom caching functionality.
• Design a refresh strategy for cached data.

ADO.NET doesn't have a cache.  ASP.NET does.  ADO.NET retrieves results into objects like DataSets that can be cached in the ASP.NET cache or your own Cache app.

Designing your caching functionality seems like a lot of work.  You have to manage the size of the cache, object expiration, object invalidation.  I use the Enterprise library and that provides a lot of the plumbing.

Refreshing cached data is done using Query Notifications via the SqlDependency or SqlNotificationRequest objects.  There is a good article on MSDN outlining how to set this up.  Steve Smith mentions the changes that have occured since Beta 2 on his blog.

Next up->Client Libraries

PRO: Designing and Optimizing Data Access by Using Microsoft SQL Server 2005

Design appropriate data access technologies.

Design an appropriate data access object model.

Design a cursor strategy for a data access component.

• Decide when to use cursors.
• Decide how to maximize cursor performance.
• Detect which applications are using cursors and evaluate whether to remove them.

I just looked at my testing schedule and realized I'm taking this test in two days.  Time to get cramming...

The first two items are kind of vague.  I don't think there's much to be said there.

My cursor strategy is... don't use them.  However it appears there are times when it is faster.  Andy Machanic has found that they solve the running sum problem much faster than traditional relational methods.  However he found using CLR worked much better.

Maximizing performance would be centered around opening it as FAST_FORWARD.

There's a couple of ways that I can think of to detect whether or not an "app" is using cursors.  You can scan through the system tables(sys.procedure) looking for the word OPEN CURSOR.  That won't work if a) the stored procs are encrypted, b) the stored procs utilize CLR, or c) the app uses dynamic SQL. The best option would be to profile the database, looking for cursor events.

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework

Copy a Web application to a target server by using the Copy Web tool.

Precompile a Web application by using the Publish Web tool.

Optimize and troubleshoot a Web application.

• Customize event-level analysis by using the ASP.NET health-monitoring API.
• Use performance counters to track the execution of an application.
• Troubleshoot a Web application by using ASP.NET tracing.
• Optimize performance by using the ASP.NET Cache object.

The Copy Web Tool allows you to copy your website from your machine to another machine.  It can connect to a remote machine through http (using Frontpage extensions), FTP.  It can also deploy to your local IIS machine, or your file system.  It does a bi directional sync, meaning changes from your machine are uploaded to the server and changes from the server are downloaded to your machine.

The Publish web tool allows you to precompile your website.  You can then deploy the website without the accompanying source code.  You publish to either a local file path, ftp or http.  If you select the "Allow this precompiled site to be updateable" option, the HTML is not compiled into the assembly.  If you select the "Use fixed naming and single page assemblies" option, you will get an assembly for each page.  Skins and Themes are still compiled into a single assembly.  The last option available to you is whether or not you want to strongly name the assemblies.

In the last section of this MSDN article, Jeff Prosise describes the health monitoring API.  There is also a Patterns and Practices article describing best uses of the feature.

There are quite a few performance counters.  Look (in perfmon) under ASP .NET Apps v2.0.50727 .  Counters that look interesting to watch are Anonymous Requests / Sec, Error Events Raised / Sec, Request Execution Time, Request Wait Time, Requests Executing,  Requests / Sec, Sessions Total.

To get tracing information from an ASP.NET application, you still have to enable tracing in the web.config file.  You request http://localhost/myapp/trace.axd to view the trace logs.  There is an article at ExtremeExperts.com on the new tracing features.

Thiru Thangarathinam has a overview of the new caching features at 15seconds.com.  Important changes appear to be the SqlCacheDependency.

Next up->Master Pages

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework

Create a composite Web application control.

• Create a user control.
• Convert a Web Forms page to a user control.
• Include a user control in a Web Forms page.
• Manipulate user control properties.
• Handle user control events within the user control code-declaration block or code-behind file.
• Create instances of user controls programmatically.
• Develop user controls in a code-behind file.
• Create a templated user control.

Add New Item->Web User Control.

There is an article on MSDN on how to convert a page to a user control.  It's a little easier than in 1.1 if you are using single-file pages.  Rename to .ascx, change @Page to @Control. Remove HTML, Body and Form tags from the HTML Code.

There is also an article on MSDN on how to include user controls in a page.  Add a Register directive to the top of the page, specifying a prefix, tagname and a relative URL to the user control.  You can also now drag the user control from your project onto the page and it will wire it up.

You manipulate a user control as you would any other control, through a member variable of the page.

To handle a user control event within the user control code declaration block, you add it the event as an attribute to the tag.  Here is an example of a usercontrol that has an event named TextStringChanged.

<uc1:MyUserControl ID="MyUserControl1" runat="server" TextString="Phil was here" OnTextStringChanged="TextStringChanged"/>

To handle it in the code-behind file, you treat it like a event on any other type of control.  Add a event handler delegate to the event.

To programatically create a usercontrol, use the LoadControl method of the Page.  That returns a reference to a new instance of the user control.  Then you must add it to a controls collection in order for it to appear on a page.

Creating templated usercontrols sounds tricky, but it's not that bad.  Try the walkthough on MSDN .

Next up->Copy / Publish Web tool

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework

Create, delete, and edit data in a connected environment.

• Retrieve data by using a DataReader object.
• Build SQL commands visually in Server Explorer.
• Build SQL commands in code.
• Create parameters for a command object.
• Perform database operations by using a command object.
• Retrieve data from a database by using a command object.
• Perform asynchronous operations by using a command object.
• Perform bulk copy operations to copy data to a SQL Server computer.
• Store and retrieve binary large object (BLOB) data types in a database.

To use a DataReader, you create a command object, open the associated connection, and call the ExecuteDataReader method.

To build SQL Commands visually in Server Explorer, right click on the Database in the Server Explorer and select "New Query".

To build SQL Commands in code, you create a SQLCommand instance, set the commandtext property with the SQL Statement, add parameter objects to the parameters collection, and associate a connection to the command object.

Creating parameters is done by creating SqlParameter objects, setting the name, dbtype and value, and append to the command's parameters collection.

To perform database operations using a command object, invoke the ExecuteNonQuery method.  It executes the SQL statement of the command object and returns the number of rows affected.

To retrieve data using a command object, you can call the ExecuteDataReader, ExecuteScalar, or ExecuteXMLReader methods.

The command object now supports async operations.  There are BeginExecuteNonQuery, BeginExecuteDataReader, or BeginExecuteXmlReader methods.  Vishnu Prasad has a writeup on this at DevX.

They've added managed support for SQL Bulk Copies in the SqlBulkCopy class.  David Hayden has an example of how to use this class.

Working with Blobs isn't as hard as it used to be.  You just set the parameter's dbtype to SqlString and assign the large string to the parameter's value property.  No AppendChuck, GetChunk.  There is another method that I found interesting from Vadivel's blog.  I don't think that will be on the test.

Next up-> Composite Web Controls

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework

Manage connections and transactions of databases.

• Configure a connection to a database graphically by using the Connection Wizard.
• Configure a connection by using Server Explorer.
• Configure a connection to a database by using the connection class.
• Connect to a database by using specific database connection objects.
• Enumerate through instances of Microsoft SQL Server by using the DbProviderFactories.GetFactoryClasses method.
• Open a connection by using the Open method of a connection object.
• Close a connection by using the connection object.
• Secure a connection to protect access to your data source.
• Create a connection designed for reuse in a connection pool.
• Control connection pooling by configuring ConnectionString values based on database type.
• Use connection events to detect database information.
• Handle connection exceptions when connecting to a database.
• Perform transactions by using the ADO.NET Transaction object.

Again, I still haven't found a "Connection Wizard".  Referring to my earlier post, There is a Data Source Configuration Wizard. 

To configure a connection in the server explorer, right click on Data Connections node, and select Add New Connection.

Also, there is no Connection class.  There are a few objects that have a Connection property.  There are classes that implement IDbConnection, but strictly speaking, (unless we talking about sharepoint) there is no Connection class.  However, if you have a class that implements IDbConnection (SqlConnection, OleDbConnection...), you configure it using the ConnectionString property.

To connect to a SQL Server database, use the SqlConnection object.  Call the Open method after setting the connection string.

Alex Homer has an example of how to use DbProviderFactories.GetFactoryClasses at Devx.com.  It returns a datatable of all the classes that registered as DbProviderFactories in the machine.config.

To close the connection, invoke the close method on the connection object.  Obviously, an exception will be thrown if the connection is no longer open.  You can inspect the state property to see if the connection is still active.

To protect Datasource information, you're supposed to put the ConnectionStrings in the ConnectionStrings section of the web.config.  Then you encrypt the contents using the method outlined by David Hayden's site.

To create a connection that will stay in a pool, make sure your connections are connecting to the database with the same login.  Reportedly having minor differences in the connection string will cause it not to pool. 

There is information about controlling connection pooling at MSDN via ConnectionString values.

There are two events worth listening to on a SqlConnection.  InfoMessage (fired when warnings or informational messages are returned by SQL Server), and StateChanged (fired when the state of the connection has changed).

To handle exceptions when connecting to a database, catch SqlException (if SQL rejected the connection), or InvalidOperationException (The connection was already opened, or you haven't given the connection object enough info.)

To Begin a transaction on an open connection, call the BeginTransaction method on the SqlConnection object.  That returns a transaction object that you control the Commit or Rollback with.  There is a new locking level, snapshot isolation which bears understanding.

There is also a new Systems.Transaction namespace.  This is used for distributed transactions.  John Papa has a writeup on MSDN covering the feature.

Next up-> Data objects

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework

Implement data-bound controls.

• Use tabular data source controls to return tabular data.
• Use hierarchical data source controls to display hierarchical data.
• Display data by using simple data-bound controls.
• Display data by using composite data-bound controls.
• Display data by using hierarchical data-bound controls.
• Use the FormView control to display the values of a single table record from a data source.

Tabular data source controls would be the SqlDataSource, AccessDataSource, and ObjectDataSource.  SqlDataReader and AccessDataSources should be self explanatory.  The ObjectDatasource allows the binding of custom business objects, including datasets.  GridViewGuy has a walkthrough on using the component on his site.

There are two hierarchical data source controls.  SiteMapDataSource, and the XmlDataSource.  The SiteMapDataSource reads SiteMap info from the SiteMapProvider for the website.  It keeps current as the user navigates the website.  The XmlDataSource allows you to bind XML.  Keyvan Nayyeri has a tutorial on the XMLDataSource at CodeProject.

Most web controls can be bound.  You should know the difference between Eval (Readonly data) and Bind(Two way binding; data might be changed).  There is an article at MSDN on this.

Composite Databound controls are the Gridview, DataList,  DetailsView and the Repeater.  Dino Esposito has an article at MSDN on the GridView.  It's old, but it still applies.  Wei Meng Lee has an article on the Datalist.  The data reader doesn't seem to have changed.   GridViewGuy has an article on the DetailsView.

To display hierarchical data, you can use the new TreeView.  Technically, you could also use the SiteMapPath or the Menu.  Thiru Thangarathinam has a very comprehensive article on binding with this control at 15seconds.

The FormView is a templated control that works on a record by record basis.  You provide a readonly layout in the ItemTemplate, and a layout for edits in the EditItemTemplate. There is an overview at ASP.NET.

Next up -> Database Connections

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework

Program a Web application.

• Redirect users to another Web page by using a server-side method.
• Detect browser types in Web Forms.
• Ascertain the cause of an unhandled exception at the page level.
• Programmatically access the header of a Web page.
• Implement cross-page postbacks.
• Assign focus to a control on a page when the page is displayed.
• Avoid performing unnecessary processing on a round trip by using a page's IsPostBack property.
• Access encapsulated page and application context.
• Avoid unnecessary client-side redirection by using the HttpServerUtility.Transfer method.
• Avoid round trips by using client-side scripts.
• Use a page's Async attribute to create a page that has built-in asynchronous capabilities.
• Convert HTML server controls to HTML elements.

There are two ways to redirect users to another web page.  Response.Redirect, which aborts processing the current page and tells the user's browser to go somewhere else, Server.Transfer and Server.Execute.  There is the PostBackURL property for button controls, but I consider that client side functionality.  Mike Pope has a writeup about the advantages of Server.Transfer vs. PostBackURL. 

To detect the browser type, use the Browser property on the response object.  There are plenty of new properties in the HttpBrowserCapabilities object. Mostly to support mobile device features.

Unhandled exceptions at the Page level are supposed to be handled in the Error event of the page.  Victor Garcia Aprea has an post on the exceptions to this rule.

To access the header, use the methods on the Response property, AppendHeader (AddHeader is obsolete) and ClearHeaders methods; Headers property.

Cross page postbacks are a new feature.  To make use of the them, set the PostBackURL property to a different page.  There are a few good writeups on this feature.  Scott Allen at OdeToCode, Naveedullah Khan at DotNetPakistan, Ting-hao Yang at MSDN.

To assign focus to a control, set the DefaultFocus attribute of the Form element to the HTML id of the control to get focus.  Scott Guthrie has a post on this feature.  There is also a Focus method on controls.

The IsPostBack feature hasn't changed.  Understand that when you use Server.Transfer, IsPostBack in the transferred page is set to the value of the initial page.

The Page and Application objects still exist.  The Page has its own Cache for Page specific information,  Application has it's own cache for the entire website.

To avoid round trips using client side script, you can either use the Validation controls, or write your own script, registering it by calling RegisterClientSideScript, RegisterStartupScript, or RegisterOnSubmitStatement.

The Async feature allows you to send requests to get data.  When the data is returned, you then resume building the page.  Fritz Onion has a writeup on the feature.  Bipin Joshi also has a good article.

To convert an HTML Server control back to a plain old HTML element, just remove the RunAt=Server attribute.  Obviously this won't work with Web Controls.

Next up-> Data Bound Controls

• Configure system-wide settings in the Machine.config file.
• Configure settings for a Web application in the Web.config file.
• Manage a Web application's configuration by using the Web Site Administration Tool.

You can change the system wide settings by manually editing the machine.config file in the config subdirectory of the framework or you can change it programatically by using the Configuration classes.  Same with web.config

There two articles at ExtremeExperts.com that cover configuration.  Part 1 and Part 2

The Web Site Administration Tool  Ludmal has a quick article outlining the feature set

Next up->Web Applications

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework

Add and configure Web server controls.

• Add Web server controls to a Web Form.
• Configure the properties of Web server controls programmatically.
• Configure Web server control properties by using the Microsoft Visual Studio Property Editor.
• Specify whether events of a control cause a Web Form to post to the server.
• Configure a control to receive postback events.
• Access controls in Web Forms pages when working with naming containers and child controls.
• Create HTML server controls in the designer.
• Set HTML server control properties programmatically.
• Use HTML server controls to programmatically access HTML tags.
• Create HTML controls as elements in an HTML document.
• Use the AdRotator Web server control to manage banners and pop-up windows.
• Use the Button Web server control to send a command to the server when a button is clicked.
• Display a calendar on a Web page by using the Calendar Web server control.
• Implement the CheckBox Web server control.
• Implement the FileUpload Web server control.
• Create and manipulate links on a Web Form by using the HyperLink Web server control.
• Display an image on a Web Form by using the Image Web server control.
• Implement a button on a Web Form by using the ImageButton Web server control.
• Define hotspot regions within an image by using the ImageMap Web server control.
• Use the Label Web server control to display customized text on a Web page.
• Display a hyperlink style button on a Web Form by using the LinkButton Web server control.
• Display lists of information by using controls that derive from the ListControl class.
• Create a Web Form with static text by using the Literal Web server control.
• Implement pagination for controls on a page by using the Pager Web server control.
• Use the Panel Web server control to arrange controls in groups on a page.
• Create a container for a group of View controls by using the MultiView Web server control.
• Use the View Web server control to create a Web application.
• Create a mutually exclusive set of choices by using the RadioButton Web server control.
• Construct a table by using the Table, TableRow, and TableCell Web server controls.
• Enable users to type information into a Web Form by using the TextBox Web server control.
• Create a wizard by using the Wizard Web server control to collect data through multiple steps of a process.
• Use the XML Web server control to create XML data at the location of the control.
• Customize the appearance of Web server controls by using Web control templates.
• Programmatically edit settings in a Web site's configuration file.
• Dynamically add Web server controls to a Web Forms page.

The first three bullets shouldn't be problematic.  The next two are about setting the AutoPostback property of web controls. 

To access controls within a naming container, use the FindControl method.  Remember that FindControl only finds controls within its own Naming Container.

"Create HTML server controls in the designer." and "Set HTML server control properties programmatically" shouldn't present new challenges.

To create HTML controls as elements in the HTML document, you can add the RunAt=Server attribute to existing HTML elements, or you can add elements at runtime by creating an HtmlGenericControl and adding it to the controls collection.

The AdRotator component hasn't changed much.  It is now bindable to a database.  As I recall, you used to have to create an XML file for it to use.  Doug Seven has a article on the AdRotator component (based on an older version of the framework)

The Button control has a few minor changes.  It has an OnClientClick property.  You put in javascript code that will execute when the user clicks the button.  There is also a UseSubmitBehavior, which if set, turns the button into an HTML submit button.  In addition, there is a PostBackUrl property which states which page should be loaded when a button causes a postback.  Dino Esposito has a writeup on some of the complications in using this property.  Buttons also govern a new feature called ValidationGroups implemented using the ValidationGroup property.  Peter Blum has a writeup explaining the new feature.

Mike Pope found what was new with the Calendar control (And most others as well).

No changes on the CheckBox control except it can be a part of a ValidationGroup. 

The FileUpload control is new, but it is functionally identical to the HtmlInputFile control.  Anand Narayanaswany has a quick tutorial on using the control.

The Hyperlink control hasn't changed.

The image control also hasn't changed significantly except the property that Mike points out, GenerateEmptyAlternativeText.

The ImageButton has the same changes as the button control.

ImageMap control is brand new.  You define hotspots over a image in different shapes (Circle, Rectange, Polygon).  With each hotspot, you specify a PostBackValue.  That is the value that is sent back to the page if you said that postbacks should occur.  The other option is to have it navigate to a specific URL when the hotspot is clicked.

The label control hasn't changed much.  Support for skinning is about it.

LinkButton also has the same new properties as the button control.

There are four controls that derive from ListControl: CheckBoxList, DropDownList, ListBox, and RadioButtonList.  They all support the new data binding model.  There is a property call AppendDataBoundItems that allows you to add bound items below items that you've added manually.  That seems to be about it.

The Literal control has a mode property, allowing you to state how to treat the literal: Encode (The contents are HTML-Encoded), PassThrough (The contents are not touched), or Transform (Remove unsupported elements for WML or cHTML renderings)

The Pager control was dropped from the final release.

The Panel control has some improvements.  There is a ScrollBars property that allows you to specify whether or not content is scrolled within the panel.  There is a DefaultButton property that specifies which button is depressed when <Enter> is pressed within the panel.  There is a GroupingText property which is displayed as a title in the panel.

The MultiView control is a nice new control.  It's purpose is control a collection of View controls, of which only one can be visible at a time.  Jason N. Gaylord has a tutorial on ASP Alliance.

Remember that Views can only be used within a MultiView control.

The Radiobutton control hasn't changed.  Join a Radiobutton to a group using the GroupName property.  It supports validation groups.

The Table, TableRow, and TableCell controls don't appear to have changed.

The Textbox has support for Autocomplete, that appears to be all I see as changed.

The wizard is a templated control that allows you to create a wizard without having to worry about the plumbing of the previous/next/finished buttons.  Dino Esposito has a writeup at MSDN on the control.

The XML Control hasn't changed.  It's used to bring XML back to the client which can then be transformed into presentable data.

Web control templates?  Maybe they mean skinning.  Thiru Thangarathinam has a writeup at 15seconds.com about skinning.  To me it seems they took CSS to the next level.

You would modify the web.config file using the ASP.NET Configuration API.  Note that the account must have write access to successfully update the config.

To programmatically add controls to a webpage, just create a new object, add it to the page's controls collection.  Scott Mitchell has a quick overview of how to do this.

Next up->Web Application Settings

Evaluate the technical feasibility of an application design concept.

• Evaluate the proof of concept.
• Recommend the best technologies for the features and goals of the application.
• Weigh implementation considerations.
• Investigate existing solutions for similar business problems.

Create a proof-of-concept prototype.

• Evaluate the risks associated with the proposed technology or implementation.
• Validate that the proposed technology can be used in the application.
• Demonstrate to stakeholders that the proposed solution will address their needs.

Evaluate the technical specifications for an application to ensure that the business requirements are met.

• Translate the functional specification into developer terminology, such as pseudo code and UML diagrams.
• Suggest component type and layer.

Evaluate the logical design of an application.

• Evaluate the logical design for performance.
• Evaluate the logical design for maintainability.
• Evaluate the logical design for extensibility.
• Evaluate the logical design for scalability.
• Evaluate the logical design for security.
• Evaluate the logical design against use cases.
• Evaluate the logical design for recoverability.
• Evaluate the logical design for data integrity.

Evaluate the physical design of an application. Considerations include the design of the project structure, the number of files, the number of assemblies, and the location of these resources on the server.

• Evaluate the physical design for performance.
• Evaluate the physical design for maintainability.
• Evaluate how the physical location of files affects the extensibility of the application.
• Evaluate the physical design for scalability.
• Evaluate the physical design for security.
• Evaluate the physical design for recoverability.
• Evaluate the physical design for data integrity.

Choose an appropriate layout for the visual interface.

• Decide the content flow within the application.
• Evaluate user navigation needs.
• Identify the goal of the UI.
• Ensure the congruency and consistency of the user experience throughout the application.
• Choose techniques to control the layout.

Evaluate a strategy for implementing a common layout throughout the UI.

• Suggest an applicable UI standard based on the application specification. Considerations include MDI, SDI, control grouping, and so on.

Choose an appropriate control based on design specifications.

• Evaluate the type of data that must be captured or displayed.
• Evaluate available controls. Considerations include standard .NET Framework controls and custom, internally developed, and third-party controls.
• Evaluate the manner in which available controls are implemented in previous and ongoing projects or applications.
• Evaluate the user demographic.
• Evaluate the user environment.

Choose an appropriate data validation method at the UI layer.

• Choose a validation method based on the data type provided.
• Decide how to report the feedback. Considerations include callbacks, exceptions, and writing to an event log.
• Identify the source of invalid data.
• Identify the cause of an invalid entry.
• Evaluate whether invalid data can be prevented.
• Evaluate whether an exception must be thrown.
• Evaluate whether an exception must be logged.
• Evaluate whether visual feedback, such as a message box or color, is required.

Choose appropriate user assistance and application status feedback techniques.

• Design a user assistance mechanism.
• Choose an appropriate application status feedback technique based on available control types.
• Choose an appropriate application status feedback technique to support accessibility.
• Design an application status feedback mechanism.

Establish the required characteristics of a component.

• Decide when to create a single component or multiple components.
• Decide in which tier of the application a component should be located.
• Decide which type of object to build.

Create the high-level design of a component.

• Establish the life cycle of a component.
• Decide whether to use established design patterns for the component.
• Decide whether to create a prototype for the component.
• Document the design of a component by using pseudo code, class diagrams, sequence diagrams, activity diagrams, and state diagrams.
• Evaluate tradeoff decisions. Considerations include security vs. performance, performance vs. maintainability, and so on.

Develop the public API of a component.

• Decide the types of clients that can consume a component.
• Establish the required component interfaces.
• Decide whether to require constructor input.

Develop the features of a component.

• Decide whether existing functionality can be implemented or inherited.
• Decide how to handle unmanaged and managed resources.
• Decide which extensibility features are required.
• Decide whether a component must be multithreaded.
• Decide which functions to implement in the base class, abstract class, or sealed class.

Develop an exception handling mechanism.

• Decide when it is appropriate to raise an exception.
• Decide how a component will handle exceptions. Considerations include catching and throwing a new exception; catching, wrapping, and throwing the wrapped exception; catching and terminating, and so on.

Develop the data access and data handling features of a component.

• Analyze data relationships.
• Analyze the data handling requirements of a component.

Develop a component to include profiling requirements.

• Identify potential issues, such as resource leaks and performance gaps, by profiling a component.
• Decide when to stop profiling on a component.
• Decide whether to redesign a component after analyzing the profiling results.

Consume a reusable software component.

• Identify a reusable software component from available components to meet the requirements.
• Identify whether the reusable software component needs to be extended.
• Identify whether the reusable software component needs to be wrapped.
• Identify whether any existing functionality needs to be hidden.
• Test the identified component based on the requirements.

Choose an appropriate exception handling mechanism.

• Evaluate the current exception handling mechanism.
• Design a new exception handling technique.

Choose an appropriate implementation approach for the application design logic.

• Choose an appropriate data storage mechanism.
• Choose an appropriate data flow structure.
• Choose an appropriate decision flow structure.

Choose an appropriate event logging method for the application.

• Decide whether to log data. Considerations include policies, security, requirements, and debugging.
• Choose a storage mechanism for logged events. For example, database, flat file, event log, or XML file.
• Choose a systemwide event logging method. For example, centralized logging, distributed logging, and so on.
• Decide logging levels based upon severity and priority.

Evaluate the application configuration architecture.

• Decide which configuration attributes to store.
• Choose the physical storage location for the configuration attributes.
• Decide in which format to store the configuration attributes.

Perform a code review.

Evaluate the testing strategy.

• Create the unit testing strategy.
• Evaluate the integration testing strategy.
• Evaluate the stress testing strategy.
• Evaluate the performance testing strategy.
• Evaluate the test environment specification.

Design a unit test.

• Describe the testing scenarios.
• Decide coverage requirements.
• Evaluate when to use boundary condition testing.
• Decide the type of assertion tests to conduct.

Perform integration testing.

• Determine if the component works as intended in the target environment.
• Identify component interactions and dependencies.
• Verify results.

Resolve a bug.

• Investigate a reported bug.
• Reproduce a bug.
• Evaluate the impact of the bug and the associated cost and timeline for fixing the bug.
• Fix a bug.

Evaluate the performance of an application based on the performance analysis strategy.

• Identify performance spikes.
• Analyze performance trends.
• Track logon times.

Analyze the data received when monitoring an application.

• Monitor and analyze resource usage.
• Monitor and analyze security aspects.
• Track bugs that result from customer activity.

Evaluate the deployment plan.

• Identify component-level deployment dependencies.
• Identify scripting requirements for deployment. Considerations include database scripting.
• Evaluate available deployment methods.

Validate the production configuration environment.

• Verify networking settings
• Verify the deployment environment.
• Verify the deployment environment.

This is nice.  If you can do all this, you should be able to call yourself a developer.  There's no amount of studying that can help you.  These bullet items are seeing if you can solve a problem using Microsoft technlogies and juggle different needs of your customers.  It will be interesting to see how they can test for this using a series of multiple choice questions.

In order to cover all of this material sufficiently, I'd have to write a book.  Also, I'm about to take the test in 2 hours, so I need to start reviewing the preivous material.  After I take the test, I suspect I'll no longer be able to publicly comment on this test.

• Install a Windows Forms application on a client computer by using ClickOnce deployment.
• Install a Windows Forms application from a server by using ClickOnce deployment.
• Configure the required permissions of an application by using ClickOnce deployment.

Thiru Thangarathinam has an article at 15seconds that goes over the basics.  There is an FAQ on windowsforms.net about clickonce that also has some good info.  Michele Lerous Bustamante has a category on her blog about Clickonce.

Clickonce can also produce setup files that can be installed from a network share or CD.

Understand that in order to install a WinForm application from a server that uses Clickonce, you simply navigate to a URL that the application is hosted.  Because the user is downloading executable content, IE will warn them.

The  permissions can be set in the  project properties dialog.  Check the "Enable Clickonce Security Settings".  You state whether the application needs to run with Full Trust or Partial Trust.  With Partial Trust, you specify which zone your application will run from and the permissions are shown.  You can choose to request (include) or not a specific permission.  Also, there is a calculate permissions button.

Next up-> Envisioning and Designing an Application

• Run a background process by using the BackgroundWorker component.
• Announce the completion of a background process by using the BackgroundWorker component.
• Cancel a background process by using the BackgroundWorker component.
• Report the progress of a background process by using the BackgroundWorker component.
• Request the status of a background process by using the BackgroundWorker component.

The BackgroundWorker component is intended to make multi threading easier.  Ben Lovell has a good post that explains how to use it.

The code that will run in the background is placed in the DoWork event.  Remember that it is operating in a different thread than the UI, so if you want to touch any of the UI, you need to use BeginInvoke or Invoke.

To annouce the completion of a background process, you let the DoWork event finish.  That will fire the RunWorkerCompleted event.

To cancel a background process, you call the CancelAsync method.  In the DoWork event, you should constantly be checking the CancellationPending property, it doesn't automatically cancel itself.

To report progress, call the ReportProgress method, while in the DoWork event.

There's no obvious way to "request" the status of a background process.  There is a ProgressChanged event that you can hook into.

Next up-> Clickonce

Create, configure, and customize user assistance controls and components.

• Configure the PropertyGrid component.
• Configure the ProgressBar control to indicate progress graphically.
• Display status information by using the StatusStrip control.
• Configure the ToolTip component.
• Configure the ErrorProvider component.
• Configure the HelpProvider component.
• Play system sounds and audio files by using the SoundPlayer.
• Configure the Timer component to raise an event at regular intervals.
• Enable scrolling by using the HScrollBar and VScrollBar controls.

The PropertyGrid component hasn't changed since 1.1.  Set the SelectedObject or SelectedObjects property and it will display all public settable properties.  I've found it to be a very useful, but underused component.

The ProgressBar control hasn't changed either.  Set the bounds by setting the Minimum and Maximum properties.  Indicate progress by setting the value property or calling the Increment method.

StatusStrip is a completely new control.  It derives from ToolStrip, so it can use all the ToolStrip controls.  It anchors itself to the bottom of your form.

The ToolTip component hasn't changed.  Drag it onto a form.  You only need one per form.  You can either enter tooltip text to all your controls at design time, or use the SetToolTip method to set the text.

The ErrorProvider component also hasn't changed.  When an error condition occurs, call the SetError method.  Remember to call the Clear method when the error no longer exists.

No change in the HelpProvider component, also.  Drag that component onto a form.  You'll see that three properties get added to the design of all controls on the form.  HelpString is the string that will be displayed when the user selects the control using the Help Button.  HelpNavigator specifies what elements of the help system will be displayed when the user asks for help.  HelpKeyword is the help topic that will be shown when the user asks for help.

The SoundPlayer control which existed during the betas, was dropped according to Kevin McNeish.

The Timer component hasn't changed from 1.1.  It fires an event at regular intervals.  Remember that the events are executed on the UI thread.

The HScrollBar and VScrollBar haven't changed either.  They work very similar(programming wise) to the ProgressBar, but the user can move the slider.  (There also isn't an Increment method).

Next up->Async Programming

Read, write, and validate XML by using the XmlReader class and the XmlWriter class.

• Read XML data by using the XmlReader class.
• Read all XML element and attribute content.
• Read specific element and attribute content.
• Read XML data by using the XmlTextReader class.
• Read node trees by using the XmlNodeReader class.
• Validate XML data by using the XmlValidatingReader class.
• Write XML data by using the XmlWriter class.

MSDN has an page on the new stuff as afar as XML is concerned.

The XmlReader provides readonly/forwardonly access to Xml Data.  To create an implementation of the XmlReader (XmlTextReader, XmlNodeReader, XmlValidatingReader), call the Create method.  The big change is that you can associate a Schema with a XmlReader, rather than having to fake it with XmlValidatingReader.

To read all the XML content, you can use the ReadInnerXml or ReadOuterXml methods.  To get a specific element, you call MoveToElement, and then read the content by using .Name or .Value properties.  To get a specific attribute, you would call either MoveToFirstAttribute or MoveToNextAttribute.

The XmlTextReader is a reader that enforces the rules of well-formed XML.  An XmlException is thrown when it encounters bad XML. 

The XmlNodeReader is a reader that works off an XmlDocument.  Functionally works the same as XmlReader.

The XmlValidatingReader is a reader that makes sure the XML conforms to known schemas contained in the Schemas collection.  This is now obsolete because the XmlReader now has this built in.

The XmlWriter contains all the methods necessary to write XML.  WriteStartElement, WriteEndElement, WriteStartAttribute, WriteEndAttribute, WriteCData, WriteComment....

Next up-> The rest of WinForm Controls

Manage connections and transactions.

• Configure a connection to a database by using the Connection Wizard.
• Configure a connection to a database by using Server Explorer.
• Configure a connection to a database by using the Connection class.
• Connect to a database by using specific database Connection objects.
• Enumerate through instances of Microsoft SQL Server.
• Open an ADO.NET connection to a database.
• Close an ADO.NET connection to a database by using the Close method of the Connection object.
• Protect access to data source connection details.
• Create a connection designed for reuse in a connection pool.
• Control a connection pool by configuring ConnectionString values based on database type.
• Use the Connection events to detect database information.
• Handle exceptions when connecting to a database.
• Perform transactions by using the Transaction object.

I've never been one to make use of a lot of wizards.  I was not able to find a "Connection Wizard".  I was able to find the "Data Source Configuration Wizard".  Not sure if that's what they mean.  In the Data Source connection wizard, if you specify that you want a Database data source, you are then prompted to select a connection.  On that screen you can push the New Connection button, which brings up a Choose Data Source dialog.  I'm not sure I'd call it a wizard.  Again, if anyone finds the "Connection Wizard", let me know where it is.

Configuring a connection in the Server Explorer is as easy as right clicking on the Data Connections node, and selecting add new connection.

There are a few objects that have a Connection property, but there is no Connection class.  There are classes that implement IDbConnection, but strictly speaking, (unless we talking about sharepoint) there is no Connection class.  However, if you have a class that implements IDbConnection (SqlConnection, OleDbConnection...), you configure it using the ConnectionString property.

To connect to a database, you instatiate a SqlConnection instance, set the Connectionstring, and call the Open method.  There is now a SqlConnectionStringBuilder class to help you build a connection string.

To enumerate through SQL Instances, use the SqlDataSourceEnumerator as explained by Sushil on his blog.

To Close an open connection to a database, use the Close method on the Connection object.  You can also call Dispose.  This isn't on topic, but while I was looking around, I noticed they added a ClearPool method to the SqlConnection object.  Nice!

To protect Datasource information, you're supposed to put the ConnectionStrings in the ConnectionStrings section of the app.config.  Then you're supposed to encrypt it.  What's fustrating is that there are dozens of examples of how to do this for ASP.NET.  Near as I can figure, it looks like you would, during installation with an installer class, get a reference to the SectionInformation and call the ProtectSection method.

To create a connection that will stay in a pool, make sure your connections are connecting to the database with the same login.  Reportedly having minor differences in the connection string will cause it not to pool. 

There is information about controlling Connection Pooling on MSDN.

There are two events worth listening to on a SqlConnection.  InfoMessage (fired when warnings or informational messages are returned by SQL Server), and StateChanged (fired when the state of the connection has changed).

To handle exceptions when connecting to a database, catch SqlException (if SQL rejected the connection), or InvalidOperationException (The connection was already opened, or you haven't given the connection object enough info.)

To Begin a transaction on an open connection, call the BeginTransaction method on the SqlConnection object.  That returns a transaction object that you control the Commit or Rollback with.  There is a new locking level, snapshot isolation which bears understanding.

There is also a new Systems.Transaction namespace.  This is used for distributed transactions.  John Papa has a writeup on MSDN covering the feature.

Next up-> XML Reader/Writer

Implement data-bound controls.

• Use the DataGridView control to display and update the tabular data contained in a data source.
• Use a simple data-bound control to display a single data element on a Windows Form.
• Implement complex data binding to integrate data from multiple sources.
• Navigate forward and backward through records in a DataSet in Windows Forms.
• Define a data source by using a DataConnector component.
• Create data forms by using the Data Form Wizard.

There's a big section at WindowsForms.net on the DataGridView.  The DataGridView is the successor to the DataGrid.  They added more cell types: Image, Combobox, Link, Button.  (They only had Textbox and Checkbox in 1.1).  You can place more than one control in a cell.  There are now events associated with the cell itself, instead of handling all the events on the datagrid control.  The CellFormatting event allows you to control the look of specific cells.

The data binding subsystem has undergone a major overhaul.  As in 1.1, there is a different binding system for WinForms than WebForms.  Again there is a section at WindowsForms.Net dedicated to data binding, although not very comprehensive.  Dinesh Chandnani has a series of good blog entries on databinding.  The main component is called the BindingSource.  You can make your own components bindable by using the BindingList generic.

I'm not sure what they mean by complex data binding.  Handling some of the events in the BindingSource?

The BindingNavigator control is a Toolstrip control that hooks to a BindingSource that has the first,prev,next,last buttons already implemented.  You would use that to navigate through records in a dataset on a windows form.

The DataConnector component no longer exists.  It was renamed to BindingSource in earlier Whidbey releases.

Alright, I give up.  My wife tells me that I stink at looking for things.  My keys could be right in front of me and I won't see them.  With that disclaimer in mind, I've been looking 15 minutes for the "Data Form Wizard".  It clearly existed in 1.1.  Where is it?  If anyone knows where it is, let me know.

Next up->Connections and Transactions

• Create and configure a MenuStrip component on a Windows Form.
• Change the displayed menu structure programmatically.
• Create and configure the ContextMenuStrip component on a Windows Form.

There is a good article on DevX about the xStrip controls.  MSDN has a good technology overview as well.  The Toolbar, menu and status bar render in a look (by default) that is similiar to Office xp.  Understand that the Menu, Toolbar and StatusBar all derive from a common base, ToolStrip.    ToolStrip is a container for ToolStripItem controls.  The ToolStrip uses Renderers to control its display.  Look at the RenderMode property for more information.

Next up-> Data binding

Add and configure a Windows Forms control.

• Use the integrated development environment (IDE) to add a control to a Windows Form or other container control of a project at design time.
• Add controls to a Windows Form at run time.
• Configure controls on a Windows Form at design time to optimize the UI.
• Modify control properties.
• Configure controls on a Windows Form at run time to ensure that the UI complies with best practices.
• Create and configure command controls on a Windows Form.
• Create and configure text edit controls on a Windows Form.
• Create and configure text display controls on a Windows Form.
• Use the LinkLabel control to add Web-style links to Windows Forms applications.
• Provide a list of options on a Windows Form by using a ListBox control, a ComboBox control, or a CheckedListBox control.
• Configure the layout and functionality of a Windows Form to display a list of items.
• Implement value-setting controls on a Windows Form.
• Configure a WebBrowser control.
• Add and configure date-setting controls on a Windows Form.
• Display images by using Windows Forms controls.
• Configure the NotifyIcon component.
• Create access keys for Windows Forms controls.

The first 4 bullets shouldn't be worrisome.  As far as as UI Best Practices, I imagine stuff like consistency, making sure your UI works with both mouse and keyboard, and making sure it functions with accessibility features are the key.  The only best practices guidance I found specific to 2.0 is this blurb on MSDN2 about the datagridview.

Here is a list of things that have changed in 2.0.  Here is a list of new features.

The command controls available in WinForms is really just the Button class.  Few things have changed since 1.1.  There's a FlatAppearance method-allowing finer control when the FlatStyle is set to Flat.  TextImageRelation specifies where the text goes in relation to an image.  There is also an AutoEllipsis property that adds the ... if your text is too long for the button.

Text Edit controls in WinForms are the ComboBox, DateTimePicker, DomainUpDown, ListBox, the new MaskedTextBox, NumericUpDown,PropertyGrid, RichTextBox, and the basic TextBox.  There is support for AutoComplete in the ComboBox and TextBox via the AutoCompleteCustomSource, AutoCompleteMode, and AutoCompleteSource properties.  I haven't used the DateTimePicker much before, but it doesn't appear to have changed.  Same for the DomainUpDown control.  The Listbox now has formatting via the FormattingEnabled and FormatString properties.  The MaskedTextBox is new, you should play around with it to understand it's features.  Jesse Liberty has a writeup on the masking features.  The NumericUpDown control hasn't changed either.  Same with the PropertyGrid.  The RichTextBox control has a RTF property that you can get/set the text including RTF codes.

The display controls in WinForms are Label, ListView, PictureBox & Treeview.  Label control has the AutoEllipsis property.  That's the only change I could see.  There are some good changes to the ListView control.  It has support for Groups and TileView.  Jeremy Epling has a writeup on Groups on his blog.   The other big change is that the ListView is bindable (Yeah!).  The PictureBox now supports Asychronous loading.  The ListView and TreeView now support Owner drawing.

The linkLabel hasn't changed.  Use it as you would a Button, except that you handle the LinkClicked event.

The CheckedListBox has the same new properties as the Listbox as far as Formatting.  It also has a new property ThreeDCheckBoxes (bool). 

To display a list of items, you could use either a CheckedListbox, ComboBox, DomainUpDown, Listbox, ListView, or TreeView.  CheckedListbox, Listbox, and ListView support multiple columns.

The WebBrowser is a new control that a hosting container for the browser.  You specify the location by setting the Url property.

You can display images a variety of different ways.  You can set the background image of a form and various controls, use a PictureBox control, you can handle the Paint event and use the graphics object to paint an image.

The NotifyIcon component now has BalloonTips.  These should be used to notify the user that something has happened.

Access keys are still defined by prefixing with an "&"

Next up-> Menus

• Group and arrange controls by using the Panel control, GroupBox control, TabControl control, FlowLayoutPanel control, and TableLayoutPanel control.
• Use the SplitContainer control to create dynamic container areas.

There is an article about the different layout controls by "benoyraj" at codeproject.  It's a good start to understanding these controls.  Best thing to do is to throw them on a form and play around with them a little.

Panel control hasn't changed since 1.1 (Except for the properties derived from Control like AutoSize...)  Same with GroupBox and TabControl. 

FlowLayoutControl places the controls in its container in a "flowing" order.  Kind of like web stuff.  You don't have control of the Top/Left of a control in the FlowLayoutControl.  You can set the flow to LeftToRight, TopDown, RightToLeft, or BottomUp.  David Muhundo has a blog posting describing some of his feats and concerns.

TableLayoutPanel defines a Table that you place controls in.  Again, you are giving up control over the Top/Left of the child controls in a cell.  Only one control can be placed in each cell.

Split functionality has changed significantly from v1.1.  There is now a SplitContainer that basically is two panels split either horizontally or vertically that you drop controls into.  if you are handling resizing manually, there are two events, SplitterMoved and SplitterMoving that you can capture.  There is a small FAQ (Word Document) on WindowsForms.NET.

Next up-> Windows Forms Controls

Enhance the user interface of a .NET Framework application by using the System.Drawing namespace.

• Enhance the user interface of a .NET Framework application by using brushes, pens, colors, and fonts.
• Enhance the user interface of a .NET Framework application by using graphics, images, bitmaps, and icons.
• Enhance the user interface of a .NET Framework application by using shapes and sizes.

Mahesh Chand has an intro to GDI+ article at vbdotnetheaven.  He also has an article describing GDI+ brushes.  Finally, there is also has an article on Pens and Fonts. 

Budi Kurianwan has nice article in C# covering the basics.

Bob Powell has an excellent intro article, and he also maintains the GDI+ FAQ.

Remember that Pens are used to draw lines and shapes, Brushes are used to fill surfaces, Fonts are used to render text, and Colors are... colors.

I suspect it would be good to know the different types of Brushes available: SolidBrush, TextureBrush, HatchBrush, LinearGradientBrush, and PathGradientBrush.

Image class is abtract, Bitmap and Metafile are the actual implementation classes.

The graphics class can draw the following types of shapes/lines: Arc, Bezier splines, Closed Cardinal Spline (ClosedCurve), Curve, Ellipse, Line, Path, Pie slice, Polygon (regular and irregular),  Rectangle.  It can fill a Closed Cardinal Spline, Ellipse, Path, Pie slice, Polygon, or Rectangle.

That's it for Section I!  Now I will begin preparing for the specifics of 70-552 (WinForms)
Next Up ->Creating a UI for a Windows Forms Application by Using Standard Controls

• MailMessage class
• MailAddress class and MailAddressCollection class
• SmtpClient class, SmtpPermission class, and SmtpPermissionAttribute class
• Attachment class, AttachmentBase class, and AttachmentCollection class
• SmtpException class, SmtpFailedReceipientException class, and SmtpFailedReceipientsException class
• SendCompletedEventHandler delegate
• LinkedResource class and LinkedResourceCollection class
• AlternateView class and AlternateViewCollection class

This is a completely new namespace.  The old System.Web.Mail namespace has been deprecated.  This new implementation is not dependent on CDO.  Dr. Peter Bromberg has an introductory article on the new features.  There is also the infamous www.systemnetmail.com site.

MailMessage class - Represents an email message.  New properties for this (compared to the properties in the web.mail version) are DeliveryOptions, ReplyTo, and SubjectEncoding.  There is also support for AlternateViews - allowing you to send both text and HTML representations of the email.

MailAddress class - Represents an email address.  Address, DisplayName, Host, and User are readonly properties of this object.  Properties are set in the constructor.

MailAddressCollection class - Collection of MailAddress objects. 

SmtpClient class - This class sends email via SMTP.  It is not dependent on CDO, it can work over SSL, and the send can be performed async.

SmtpPermission class - This class regulates whether or not an application can send mail via SMTP.  Access can be locked down to no access, only via the default port (25), or unrestricted.  What's interesting is that this class doesn't appear in the Create Permission Set wizard.

SmtpPermissionAttribute class - Attribute implementation of the SmtpPermission class.

SmtpException class - Exception that is thrown when SMTP Client can't complete a send or sendasync operation.

SmtpFailedReceipientException class - Exception that is thrown when a receipient is not valid.

SmtpFailedReceipientsException class - Exception that is thrown when an email can't be sent to ALL of the receipients.  "This class supports the .NET Framework infrastructure and is not intended to be used directly from your code. "... The following statement from the remarks in the documentation contradicts the explanation: "The InnerExceptions property contains the exceptions received while attempting to send e-mail. The e-mail might have been successfully delivered to some of the recipients."

SendCompletedEventHandler delegate - Delegate that is called when an async send is complete.  Handles the SendCompleted event.

LinkedResource class - Represents an embedded resource in a message, such as a HTML image.

LinkedResourceCollection class - Collection of LinkedResources.

AlternateView class - This class is used to represent an alternate view of a mail message.  This would likely be an HTML version of the email. 

AlternateViewCollection class - Collection of AlternateView objects.  This is used in the AlternateViews property on the MailMessage object.

Next up -> GDI

Access and modify identity information by using the System.Security.Principal classes. (Refer System.Security.Principal namespace)

• GenericIdentity class and GenericPrincipal class
• WindowsIdentity class and WindowsPrincipal class
• NTAccount class and SecurityIdentifier class
• IIdentity interface and IPrincipal interface
• WindowsImpersonationContext class
• IdentityReference class and IdentityReferenceCollection class

This is all about the identity.  It would help to have a good understanding of the identity infrastructure in .NET.  There is a good writeup on the basics by Bipin Joshi.

GenericIdentity class - Represents a "Generic" user. 

GenericPrincipal class - Represents a "Generic" principal.

WindowsIdentity class - Represents a windows user.  Keith Brown has a good writeup on WindowsIdentity and WindowsPrincipal on his .NET Developers Guide to Security.

WindowsPrincipal class - Provides the ability to check the Windows group membership of a Windows user.

NTAccount class - New to 2.0 Represents an NT User or Group. This class has the ability to get the security identifier (useful for access control operations) via the translate method.

SecurityIdentifier class - New to 2.0. Represents a Windows Security Identifier (SID).  Useful for ACL operations.

IIdentity interface - Defines the basic functionality of an identity object.  Name, AuthenticationType, and IsAuthenticated are the members that must be implemented.

IPrincipal interface - Defines the basic functionality of a principal object.  Identity and IsInRole must be implemented.

WindowsImpersonationContext class - Represents a windows user prior to impersonation.  Allows you to revert back to the original user by calling the Undo method.  Marc Merritt has a nice simple demonstration at The Code Project.

IdentityReference class - New to 2.0.  Base class for NTAccount and SecurityIdentifier classes.

IdentityReferenceCollection class - New to 2.0.  Collection of IdentityReference classes.  Has a translate method to change objects from one type of identity to another.  An example would be from NTAccount to SecurityIdentifier.

Next up -> System.Net.Mail

• SecurityPermission class
• PrincipalPermission class
• FileIOPermission class
• StrongNameIdentityPermission class
• UIPermission class
• UrlIdentityPermission class
• PublisherIdentityPermission class
• GacIdentityPermission class
• FileDialogPermission class
• DataProtectionPermission class
• EnvironmentPermission class
• IUnrestrictedPermission interface
• RegistryPermission class
• IsolatedStorageFilePermission class
• KeyContainerPermission class
• ReflectionPermission class
• StorePermission class
• SiteIdentityPermission class

I've really got to get going on these.  I'm scheduled to take 70-552 next Sat, and I'm haven't gotten to the WinForms stuff yet.

These next two parts are on Code Access Security.  Mike Downen (via Julie Lerman) has an intro article on CAS in 2.0.

Update via Zdenko - Michael Stiefel has some good articles on his site.

SecurityPermission class - This is the class that has a lot of base attributes: Execution, SkipVerification, UnmanagedCode, Assertion, BindingRedirects to name a few.  There don't appear to be any new values from 1.1.

PrincipalPermission class - This class allows you to control access by the current identity.  Note the important info in the documentation:

Prior to a demand for principal permission it is necessary to set the current application domain's principal policy to the enumeration value WindowsPrincipal. By default, the principal policy is set to UnauthenticatedPrincipal. If you do not set the principal policy to WindowsPrincipal, a demand for principal permission will fail. The following code should be executed before the principal permission is demanded:

AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal). 

Kaushal Sanghavi has a good article demonstrating the use of PrincipalPermission.

FileIOPermission class - Controls access to file IO.  There are 4 basic rights controlled : Read, Write, Append and Path Discovery.

StrongNameIdentityPermission class - Allows you to limit callers to a specific strongly named assembly.  More information can be found at Morgan Skinner.

UIPermission class - Allows you to specify the permissions for UI (Winforms).  Whether or not a window can be shown, whether or not more than one window can be shown, whether or not the application can access the clipboard, only a system specific clipboard, or no access whatsoever.

UrlIdentityPermission class - In the same spirit as StrongNameIdentityPermission, allows you to limit callers by a URL.

PublisherIdentityPermission class - Limits calls by a specific publisher (using Digital certificates)

GacIdentityPermission class - This is new in 2.0 - Allows you to limit access by whether or not an assembly is located in the GAC.

FileDialogPermission class - Controls whether or not the assembly can open a File dialog box.

DataProtectionPermission class - New to 2.0.  Controls whether or not the assembly can use the new data protection (DPAPI) features.  You can retrict the user to protect data, unprotect data, protect memory or unprotect memory.

EnviromentPermission class - Controls access to user and system environment variables.

IUnrestrictedPermission class - Allows a permission to expose an unrestricted state.  Peter Torr has a nugget of trivia about this interface buried in his post.

RegistryPermission class - Controls access to the registry.

IsolatedStorageFilePermission class - Controls access to isolated storage.  Can control the size (Quota) and the type of store (Application, Domain, or Assembly)

KeyContainerPermission class - New to 2.0.  Controls access to Key Containers.  You can control access by each CSP, or grant unrestricted rights.

ReflectionPermission class - Controls access to assembly metadata via reflection.  You can control whether or not access to members is allowed, access to types, and whether or not assemblies can be dynamically generated.

StorePermission class - New to 2.0 Controls access to X.509 Certificate stores.  Can control add/remove of certificates, opening of a store, enumeration of certificates, and the creation/deletion of stores.

SiteIdentityPermission class - Limit calls to a specific site (domain).

Next up -> Security.Policy

• DES class and DESCryptoServiceProvider class
• HashAlgorithm class
• DSA class and DSACryptoServiceProvider class
• SHA1 class and SHA1CryptoServiceProvider class
• TripleDES and TripleDESCryptoServiceProvider class
• MD5 class and MD5CryptoServiceProvider class
• RSA class and RSACryptoServiceProvider class
• RandomNumberGenerator class
• CryptoStream class
• CryptoConfig class
• RC2 class and RC2CryptoServiceProvider class
• AssymetricAlgorithm class
• ProtectedData class and ProtectedMemory class
• RijndaelManaged class and RijndaelManagedTransform class
• CspParameters class
• CryptoAPITransform class
• Hash-based Message Authentication Code (HMAC)

Knowing some basics about Cryptography is a big help with this objective.  Dino Esposito has an article on DevX going over the basics. It's based on 1.1, but the ideas haven't changed.

For the most part this namespace hasn't changed.  ProtectedData/Memory and HMAC are the new classes they want you to know about.

DES class - Abtract class that all (one) DES implementations derive from.  DES is a symmetric encryption algorithm.  It's an old algorithm that can be cracked in a matter of days.

DESCryptoServiceProvider class - Service provider class for DES encryption.  Derives from DES and is the class you'd use when encrypting/decrypting with DES.

HashAlgorithm class - base class that all hash algorithms derive from.  MSDN has an example implementation showing that you invoke the ComputeHash method to get the hash.

DSA class - base class that all (one) DSA implentations derive from.  Richard Grimes has a blurb about digital signatures on his security workshop page.

DSACryptoServiceProvider class - provides an implementation of the DSA (Digital Signature Algorithm) .

SHA1 class - Abtract class for the SHA1 Hash algorithm.  160 bit hash size.

SHA1CryptoServiceProvider class - Implementation of the SHA1 hash algorithm.  There's some concern that this algorithm is weak, so it's probably best to use a different hashing algorithm.

TripleDES class - Abtract class for the TripleDES encryption algorithm.  TripleDES is a symmetric algorithm support key sizes of 128 or 192 bits.

TripleDESCryptoServiceProvider class - Implementation of the TripleDES encryption algorithm, which appears to encrypt the text by running DES 3 times.

MD5 class - Abtract class that all MD5 hash algorithms derive from.  MD5 produces a 128 bit hash.

MD5CryptoServiceProvider class - Implementation of the MD5 Hash Algorithm.  It appears there might be weaknesses with this algorithm as well.

RSA class - Abtract class that all RSA encryption algorithms derive from.  RSA is an asymmetric algorithm supporting bit sizes between  384 - 16384 bits in increments of 8 bits.

RSACryptoServiceProvider class - Implementation of the RSA Encryption algorithm.  There don't appear to be flaws in the RSA algorithm provided your key is >2k.

RandomNumberGenerator class - Abtract class that all Random Number generators are supposed to derive from.  There is only one implementation of a random number generator - RNGCryptoServiceProvider.  Christopher Wille has an example that creates random passwords using the RNGCryptoServiceProvider.

CryptoStream class - defines a stream that is used with cryptographic functions.  The idea is to prevent storing the data in an intermediate area during cryptographic functions.  It also handles buffering which I guess gets complicated with block ciphers.

CryptoConfig class - Documentation says that it is used to get cryptography configuration information.  I don't see it doing that.  It appears that the main method, CreateFromName, is used to get an instance of a specific CryptoServiceProvider.  There is mention of the CryptoConfig being used in this best practices in Mono document.

RC2 class - Abtract class that all RC2 implementations derive from.  RC2 is an Symmetric Encryption algorithm.

RC2CryptoServiceProvider class - Implementation of the RC2 Encryption algorithm.  Key size is from 40-128 bits in 8 bit increments. 

AssymmetricAlgorithm class - base class for all encryption methods that are classified as Assymmetric (meaning public key algorithms)  Dr. Peter Bromberg has a simple example of using the RSA classes.

ProtectedData class  - This is a new class for the 2.0 framework.  It is a frontend to the DPAPI protect and unprotect methods, making it very easy to secure data using DPAPI.  Remember that stuff protected by DPAPI can only be unprotected on the same machine.

ProtectedMemory class - Also a new class for the 2.0 framework.  It works the same as ProtectedData.  The difference is that ProtectedMemory is only valid until the machine reboots.  Shawn has an informative post on his blog.

RijndaelManaged class - A managed implementation of the Rijndael encryption algorithm, also known as AES.  Rijndael is a symmetric algorithm supporting key sizes of 128,192, and 256 bits. 

RijndaelManagedTransform class - the actual class that does the encryption/descryption for the RijndaelManaged class.

CspParameters class - contains parameters that are passed to the CSP (Cryptographic Service Provider).  This is used to pass specific parameters back to the Crypto subsystem.  An example is specifying which key container to use.  Gowri Paramasivm has an example using RSA.

CryptoAPITransform class - Represents a cryptographic algorithm that encrypts or decrypts data.

HMAC (Hash-based Message Authentication Code) - Abstract class that all implementations of HMAC derive from.  HMAC is a way of verifying the authenticity and integrity of a message.  These are new classes.

Next up -> Permissions

Implement a custom authentication scheme by using the System.Security.Authentication classes. (Refer System.Security.Authentication namespace)

• Authentication algorithms and SSL protocols

Another new namespace.  Not much meat there.  I think they're trying to get you to look at the AuthenticatedStream class in System.Net.Security.  Keith Brown has a good example implementation in his "The .NET Developer's Guide to Windows Security"

The algorithms that are implemented appear to be:

NegotiateStream - "Uses the Negotiate security protocol to authenticate the client."  Is there such a thing as the "Negotiate security protocol"?  I'm not finding anything on it.  Sample uses of this class appear to communicating with a server authenticating via Kerberos.

SslStream - "Provides a stream used for client-server communication that uses the Secure Socket Layer (SSL) security protocol to authenticate the server and optionally the client. "  Dominick Baier has a nice simple example.

Next up ->  Cryptography

Implement access control by using the System.Security.AccessControl classes.

• DirectorySecurity class, FileSecurity class, FileSystemSecurity class, and RegistrySecurity class
• AccessRule class
• AuthorizationRule class and AuthorizationRuleCollection class
• CommonAce class, CommonAcl class, CompoundAce class, GeneralAce class, and GeneralAcl class
• AuditRule class
• MutexSecurity class, ObjectSecurity class, and SemaphoreSecurity class

This is a completely new namespace.  The .NET framework now has direct support for reading and maintaining ACLs (Access Control Lists, or NT Permissions).  This was difficult to do previously because you had to use unmanaged calls to the Win32 subsystem.

You should probably have some rudimentary understanding of how the access control works.  Wenfeng Yao has a nice post explaining the different terms.

Rich Strahl has a good simple example of how these classes work.  Like he says, it's not to hard once you see how it's done.  There's also an informative MSDN article (based on the beta) about the Access Control objects.

DirectorySecurity class - This embodies the access and audit information for a specific directory.  Create an instance by passing in the path in the constructor. 

FileSecurity class - Same thing, but for a specific file.

RegistrySecurity class - Same thing for a registry key. 

FileSystemSecurity class - base class for both DirectorySecurity and FileSecurity.

AccessRule class - To borrow a database metaphor, this is the many to many table for security.  It combines an Identity and an AccessControlType to represent a specific permission.

AuthorizationRule class - base class of AccessRule and AuditRule.

AuthorizationRuleCollection class - collection of AuthorizationRule instances.  Typical collection, no new methods.

CommonAce class - Represents an Access Control Entry(ACE).  These objects allow you to deal directly with ACE/ACLs, whereas the Security/Rule classes provide some abtraction and validation.  "The CommonAce class represents the eight most common ACE types".  But I can't find what the eight most common ACE types are.  I looked at the class in reflector, I think they're talking about AccessAllowed, AccessDenied, SystemAudit, SystemAlarm, AccessAllowedCallback, AccessDeniedCallback, SystemAuditCallback, SystemAlarmCallback... But I'm not sure.  There are a lot of opportunities for improvement in the documentation for these classes.

CommonAcl class - Represents an Access Control List(ACL).  Meaning either SACL or DACL.

CompoundAce class - Represents a Compound ACE.  As the only member of the CompoundAceType enum is Impersonation, I'm guessing that a compound ace has something to do with Impersonation.  Looking further using reflector, it appears a CompoundAce object is created in the GenericAce.CreateFromBinaryForm when the AceType = AccessAllowedCompound.  According to MSDN : "Defined but never used. Included here for completeness. "...

GeneralAce class - Represents a generic ACE.  Base class for all ACE classes.

GeneralAcl class - Represents a generic ACL.  Base class for all 4 ACL classes.

AuditRule class - This similiar to an AccessRule, but represents Audit information. 

MutexSecurity class - Similiar to FileSecurity, but for Named Mutexes.  For those of you unfamiliar with Named Mutexes (I was), look at King Ralph's blog entry.

ObjectSecurity class - Base class for all the xxxSecurity objects.

SemaphoreSecurity class - Similiar to MutexSecurity, but for Named Semaphores. 

Next post - Authentication

On this week's MSDN flash, they released promo codes (meaning you can register for free) for 4 other beta exams:

Between now and March 10, I'm scheduled to take 5 exams...  There go my weekends.

• IsolatedStorageFile class
• IsolatedStorageFileStream class
• DeflateStream class
• GZipStream class

IsolatedStorageFile class - The main feature that's been added is that there is a new scope - Application.  The .NET Security blog has more info on this feature.  There are a few static methods that have been added making it easier to get an IsolatedStoreFile instance:  GetMachineStoreForApplication, GetMachineStoreForAssembly, GetMachineStoreForDomain, GetUserStoreForApplication, GetUserStoreForAssembly, GetUserStoreForDomain.

IsolatedStorageFileStream class - Not much changed here.  There is a SafeFileHandle property, which returns a Win32 handle of the actual file.  By virtue of this class being based on FileStream, GetAccessControl / SetAccessControl methods are available.

DeflateStream class - This is a brand new class.  It implements the Deflate algorithm.  It can't handle files more than 4 gigs (uncompressed). 

GZipStream class - This is also a brand new class.  It implements the GZip algorithm.  Same as deflate but has CRC.  It is also limited to dealing 4 gig files. 

There is a blog entry about the capabilities of the compression classes here . 

Next up AccessControl classes

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework
UPGRADE: MCAD Skills to MCPD Windows Developer by Using the Microsoft .NET Framework
UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 1

Access files and folders by using the File System classes. (Refer System.IO namespace)

• File class and FileInfo class
• Directory class and DirectoryInfo class
• DriveInfo class and DriveType enumeration
• FileSystemInfo class and FileSystemWatcher class
• Path class
• ErrorEventArgs class and ErrorEventHandler delegate
• RenamedEventArgs class and RenamedEventHandler delegate

File class - Static class used for moving/renaming files.  They've added quite a few methods for convience and better exposed the feature set of NTFS.  Look at AppendAllText, Decrypt, Encrypt, GetAccessControl, ReadAllBytes, ReadAllLines, ReadAllText, Replace, SetAccessControl, WriteAllBytes, WriteAllLines, WriteAllText

FileInfo class - Each instance of this class represents a file.  Members are similiar to the File class.  Doesn't have some of the convenience methods like ReadAllText, WriteAllText...

Directory class - Static class used to manipulate file directories.  Doesn't appear to have changed except GetAccessControl and SetAccessControl methods have been added.

DirectoryInfo class - Each instance of this class represents a directory.  Members are similiar to the File class.  Also has GetAccessControl and SetAccessControl methods.

DriveInfo class - New class that allows you to query to see what drives (logical) are attached to a system.  Each instance represents a drive.  You can get the capacity, volume label, free space, and the type of drive.

DriveType enum - enum that specifies the type of drive represented by the DriveInfo class. CDROM, Fixed, Network, RAM, Removeable (USB or floppy), unknown.  There is also a NoRootDirectory member.  I don't know what that is for.  The enum is not decorated with the FlagsAttribute, so a DriveType can't be Fixed AND NoRootDirectory.

FileSystemInfo class - base class for both FileInfo and DirectoryInfo

FileSystemWatcher class - I hate this component.  I used it in an project and kept missing files because the buffer would overflow and the error event wasn't consistently raised.  Read the class description and understand the limitations of the component.  It doesn't look like it has been changed(meaning new methods and properties).

Path class - Allows you do deal with filename strings in a controlled fashion.  If you want to change the extension, call the ChangeExtension method, rather than doing the string parsing yourself.  Has some interesting members that I didn't know about, such as GetTempFilename.  There is a new method called GetRandomFilename.  It returns a random temp filename, but doesn't create it.  GetInvalidFileNameChars and GetInvalidPathChars are also new.

ErrorEventArgs - object that is supplied to the error event in the FileSystemWatcher when something goes wrong.  GetException returns the exception object for the error.  Like I said, I had problems with the FileSystemWatcher.  Know it for the test, but don't use it in a real project.

RenamedEventArgs - object that is supplied to the rename event in the FileSystemWatcher.  Has OldFullPath and OldName properties.  Derived from FileSystemEventArgs

Next up - System.IO.Compression

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework
UPGRADE: MCAD Skills to MCPD Windows Developer by Using the Microsoft .NET Framework
UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 1

Control the serialization of an object into XML format by using the System.Xml.Serialization namespace.

• Serialize and deserialize objects into XML format by using the XmlSerializer class.
• Control serialization by using serialization attributes.
• Implement XML Serialization interfaces to provide custom formatting for XML serialization.
• Delegates and event handlers provided by the System.Xml.Serialization namespace

So the basics of using the XmlSerializer hasn't changed.  Create an XmlSerializer telling it to expect a particular type.  Note that the type could be a Generic - typeof(SortedList<int>) .  Know that you can supply override to the XML Attributes.  See my post here.  Know how to control namespaces using XmlSerializerNamespaces class.

Remember the performance problems with XML Serializer?  Creating a new dynamic assembly each time the app was restarted for XML Serialization?  There is a new tool, SGen.exe that creates the temporary serialization assemblies for you. 

Here are the XML Attributes used to control serialization:

XmlRoot – Controls the XML root.  ElementName, namespace..

XmlElementAttribute – Serialize the field/property as an element in the XML document.

XmlAttributeAttribute – Aside from being the victim of strict naming conventions, it tells the XML serializer to serialize field/prop as an attribute in the XML document

XmlIgnoreAttribute – Tells the XML Serializer to omit the field/property.

XmlEnumAttribute – Controls the name of an enumeration member (Not the enum name, a member of the enum)

XmlTextAttribute - Tells the XML Serializer that the member contains raw XML text.

XmlTypeAttribute - Controls the XML Schema (XSD) that is generated by the XmlSerializer.  Used to specify other namespaces and types when serializing.

XmlIncludeAttribute - Allows the XmlSerializer to recognize a type when it serializes or deserializes an object.  Used when deserializing custom types.

XmlChoiceIdentifierAttribute - Tells the XML Serializer that the type should be XSI:Choice.  Used in conjuction with an enum field/prop in the class to tell the serializer where to get its info from.

XmlAnyAttributeAttribute – Any attributes that are not matched up during deserialization is placed in the field decorated with this attribute.  Field must be an array of XmlAttribute.

         XmlAnyElementAttribute – Any elements that are not matched up during deserialization is placed in the field decorated with this attribute.  Field must be an array of XmlElement.

XmlNamespaceDeclarationsAttribute – Decorates a field that returns XmlSerializerNamespaces.  That field will be use to get namespace prefixes during serialization.

XmlSchemaProviderAttribute – "When applied to a type, stores the name of a static method of the type that returns an XML schema and a XmlQualifiedName that controls the serialization of the type. "  Used by WSDL.exe to return the schema for the class.  Target class must implement IXmlSerializable.  New to 2.0.

XmlSerializerAssemblyAttribute – Specifies the name of an assembly that the Xml Serializer can use.  If specified, the Xml Serializer doesn’t need to create a temporary assembly.  New to 2.0

XmlSerializerVersionAttribute – Signifies that the code was generated by the serialization infrastructure and can be reused for increased performance, when this attribute is applied to an assembly.  I’m not sure I should use this attribute.  I think this is used by code produced by sgen.

To completely control the XML Serialization of an object, you need to implement IXmlSerializable.  This is not a new interface.  In 1.1, the instructions where as follows:  "not intended to be used directly from your code.  Basically, you implement the ReadXML and WriteXML methods and you're done.

Here are the delegates and events:

UnknownAttribute event - thrown when the serializer encounters an unknown attribute.  By default the Xml serializer ignores unknown attributes. 

UnknownElement event - thrown when the serializer encounters an unknown element.  By default the Xml serializer ignores unknown elements. 

UnknownNode event -thrown when the serializer encounters an unknown node.  By default the Xml serializer ignores unknown node. 

UnreferencedObject event - section 5 of the SOAP document at w3c.  Basically you can reference other object within the same Xml document.  This event is thrown when it can't find the referenced object.

XmlSerializationCollectionFixupCallback delegate

XmlSerializationFixupCallback delegate

XmlSerializationReadCallback delegate

XmlSerializationWriteCallback delegate - All four of these delegates: "This delegate supports the .NET Framework infrastructure and is not intended to be used directly from your code."

Next post -> System.IO namespace

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework
UPGRADE: MCAD Skills to MCPD Windows Developer by Using the Microsoft .NET Framework
UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 1

Serialize or deserialize an object or an object graph by using runtime serialization techniques. (Refer System.Runtime.Serialization namespace)

• Serialization interfaces
• Serilization attributes
• SerializationEntry structure and SerializationInfo class
• ObjectManager class
• Formatter class, FormatterConverter class, and FormatterServices class
• StreamingContext structure

Here's an old article by Jeffery Richter that explains most of the stuff about serialization pertaining to this test.  It's 1.1, but you'll find that there isn't a lot that has changed.

Serialization Interfaces (System.Runtime.Serialization)

            IDeserializationCallback – Provides a method that is called when deserialization is complete – useful for setting internal state after a deserialization.

            IFormatter – Exposes methods for serializing/deserializing an object.  Used for controlling the format output of the serialization.  BinaryFormatter, SoapFormatter are two examples of objects that implement this interface.  Note that IFormatter and IFormattable are two different interfaces that do two different things.

            IFormatterConverter – Converts objects to different types.  Appears functionally identical to IConvertible.  Not sure what the difference is aside from IFormatterConverter is called during serialization.

            IObjectReference – Used for objects that are “reference” objects – Singletons for example.  You wouldn’t want to deserialize a new instance of a singleton.  GetRealObject is called in the Fixup stage and should return a reference to the object.

ISerializable – Tells the framework that the developer has provided their own serialization implementation.

ISerializationSurrogate – Allows one object to serialize another.

            http://www.codeproject.com/dotnet/Surrogate_Serialization.asp

ISurrogateSelector – Assists the serializer in deciding which Surrogate to use for a particular type.  Used in ISerializationSurrogate SetObjectData method.  It’s not clear why I would ever need to implement this interface.  SurrogateSelector seems to do a pretty good job.

Serialization Attributes

            These four are new to 2.0:

            OnDeserializingAttribute – decorates a method that is called before object is actually deserialized. 

            OnDeserializedAttribute – called after class is deserialized.  Seems functionally identical to IDeserializationCallback to me.

            OnSerializingAttribute – called before an object is serialized.

            OnSerializedAttribute – called after an object is serialized.

            **Methods decorated with these 4 attributes are expected to have one parameter that is a StreamingContext object. 

            OptionalFieldAttribute – marks a field as optional, as far as serialization is concerned.  This prevents the serializer from freaking if it is not in the stream.  New in 2.0

            System.Serializable – marks a object as able to be serialized

            System.NonSerialized – tells the serializer to ignore the field when serializing

SerializationInfo class

            Stores information needed to serialize/deserialize an object.  Mostly a collection of serializationEntry structures.  Method is AddValue, not Add. 

SerializationEntry structure

            Contains the Name, Type, and a reference to an object that should be serialized.  Used when enumerating through SerializationInfo object.

ObjectManager class

            Keeps track of objects as they are deserialized to prevent reserialization (creating the same object twice in memory).

Formatter class

            Provides base functions for serialization formatters.  Abstract class.  BinaryFormatter and SoapFormatter inherit from Formatter.

FormatterConverter class

            Base implementation of IFormatterConverter.  Not clear where I would use it.

FormatterServices class

            Helper object for serialization.  GetObjectData, GetSerializableMembers and PopulateObjectMembers are interesting methods that I didn't know existed.

StreamingContext

            Describes the source and destination of a given serialized stream, and provides an additional caller-defined context.  Can figure out if the object is being serialized CrossProcess, CrossMachine…

Next up - XML Serialization

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework
UPGRADE: MCAD Skills to MCPD Windows Developer by Using the Microsoft .NET Framework
UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 1

Debug and trace a .NET Framework application by using the System.Diagnostics namespace.

• Debug class and Debugger class
• Trace class, CorrelationManager class, TraceListener class, TraceSource class, TraceSwitch class, XmlWriterTraceListener class, DelimitedListTraceListener class, and EventlogTraceListener class
• Debugger attributes

Krzysztof Cwaline has a good writeup of these features on MSDN.

Debug class - Pretty much the same as it was before.  Debug.Assert, Debug.WriteLine.... However they did add a Debug.Print which appears functionally identical to Debug.WriteLine.  Maybe it makes VB 6.0 upgrades easier.

Debugger class - Nothing new here, either.  Embodies the debugger – is a process attached, break into a debugger, launch a debugger.

Trace class - There are some new methods here.  My impression is that they added some of the stuff from the Enterprise Instrumentation Framework.  TraceError, TraceWarning, CorrelationManager, UseGlobalLock are some of the new members. 

CorrelationManager - Denny Mitch has a excellent writeup on this class (It's written for the beta release, but the information still applies).  The idea is to provide some way to differentiate tracing information when more then one request could be executing at the same time or to get some context when you are calling a method recursively.

TraceListener - Abtract class that serves as the base for all TraceListeners.  It appears you can now control the "verbosity" of the trace output with the TraceOutputOptions property.  You can also filter what gets send to a listener using the filter property.  Denny Mitch has another great post about that feature.

TraceSource - Abtract class that serves as the base for all TraceSources.  They've added three new TraceSources in 2.0: ConsoleTraceListener, DelimitedListTraceListener and XmlWriterTraceListener.  Again, Denny Mitch has some good stuff on them.

TraceSwitch - An object that limits what events get reported to a trace listener.  Another method of filtering.  This allows you to control what level of messages the TraceSource is interested in.  Tradionally specified in your app's config file.

There is a good MSDN mag article by John Robbins that discusses the details of the new tracing features.

Debugger Attributes - This task was vague to me.  I took it to mean:  understand all the attributes in the System.Diagnostics namespace.  There is a good article on MSDN about these attributes.

Next post - Runtime Serialization

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework
UPGRADE: MCAD Skills to MCPD Windows Developer by Using the Microsoft .NET Framework
UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 1

Embed configuration management functionality into a .NET Framework application. (Refer System.Configuration namespace)

UPGRADE: MCAD Skills to MCPD Web Developer by Using the Microsoft .NET Framework
UPGRADE: MCAD Skills to MCPD Windows Developer by Using the Microsoft .NET Framework
UPGRADE: MCSD Microsoft .NET Skills to MCPD Enterprise Application Developer by Using the Microsoft .NET Framework: Part 1

In all of the prep guides to these exams, Section I is identical.

Here are the goals I looked at:

Manage data in a .NET Framework application by using .NET Framework 2.0 system types. (Refer System namespace)

• Value types
• Reference types
• Attributes
• Generic types
• Exception classes
• Boxing and UnBoxing
• TypeForwardedToAttributes class

Nothing too special here.  Everybody should know about generics by now.  The TypeForwardedToAttribute is new.  Here some info I found on that:
   http://www.heege.net/blog/PermaLink,guid,8d076332-4fb0-44b5-a829-4c4d653de2d6.aspx
   http://notgartner.com/posts/2955.aspx

Manage a group of associated data in a .NET Framework application by using collections. (Refer System.Collections namespace)

• ArrayList class
• Collection interfaces
• Iterators
• Hashtable class
• CollectionBase class and ReadOnlyCollectionBase class
• DictionaryBase class and DictionaryEntry class
• Comparer class
• Queue class
• SortedList class
• BitArray class
• Stack class

Again, nothing too new here.  The only thing to be aware of is the yield return statement in C#.  It seems that a similiar construct is not available in VB.  Some good discussion can be see here:
http://robgarrett.com/Blogs/software/archive/2005/09/13/1588.aspx

Improve type safety and application performance in a .NET Framework application by using generic collections. (Refer System.Collections.Generic namespace)

I haven't been blogging lately, because life has been pretty busy with the holidays, new baby and trying a few spare-time projects in VS2005. 

If you are a MCAD or MCSD in .NET, you can take the upgrade exams to upgrade your certifications to the new MCPD.  They are currently in beta, and it looks like they've opened the beta to anyone.  See the training section at http://msdn.microsoft.com/flash/currentissue.htm

I'm scheduled to take all the upgrade exams between mid-Feb and mid March.  I've found that studying for exams forces me to examine areas that I otherwise don't take a serious look at.  Like tracing, code access security, reflection and some of the more arcane areas of web services.  And, if I schedule exams ambitiously (really close together), I'm more likely to spend the time that I should preparing. 

My practice has been to go through the preparation exam guide with a fine tooth comb, play with the areas that you haven't touched and prepare "cheat sheets" (Study guide).  As I finish a study guide, I'll publish them here.  Hopefully you will find them useful.