Implementing Security for Applications

Course Details:

  • Days: 5
  • Course Code: MS2840
  • Booking: Please ring 08450 50 45 05



Overview

This five-day instructor-led class provides students with a thorough grounding in Microsoft .NET security implementation and general development security best practices. This course will prepare a student to take the Implementing Security for Applications exam (available in Microsoft Visual Basic® .NET 70-330 and Microsoft Visual C#® 70-340).

This course is intended for experienced, professional application developers, including those employed by software companies or working on corporate development teams.


Leads to examination

  • 70–320 - Developing XML Web Services and Server Components with Microsoft Visual C# and the Microsoft .NET Framework
  • 70–340 - Implementing Security for Applications with Microsoft Visual C# .NET


Prerequisites

Before attending this course, students:

  • Should have a minimum of 1 year of experience using Microsoft Visual Studio® .NET 2003 (.NET Framework 1.1) and 2–3 years of additional development experience.
  • Should be experienced in either Visual Basic .NET or Visual C#

 

Delegates will learn how to

  • Implement CAS to secure applications
  • Deploy applications in a manner that minimizes security risks
  • Implement platform security best practices
  • Implement role-based security by using the Microsoft .NET Framework.
  • Implement cryptography in .NET
  • Improve the Security of remote applications built on the .NET Framework
  • Manage and configure security policies using Framework tools
  • Implement coding security best practices
  • Implement security using CLR and application domains
  • Improve the Security of ASP.NET applications
  • Test application security
  • Explain the basic concept of application security


Course Outline

  • Module 1: Overview o Application Security

    • The Importance of Application Security
    • Application Security Best Practices

    Module 2: Implementing Platform Security Best Practices

    • Security Best Practices for COM+, IIS, and SQL Server 2000
    • Using ACLs and DACLs
    • Using Windows Least-Privilege Accounts
    • Using Audit Trails
    • Implementing Platform Cryptography
    • Implementing Data Protection

    Module 3: Implementing Coding Security Best Practices

    • Validating Application Input
    • Evaluating Canonicalization Issues
    • Using Security Exceptions

    Module 4: Using .NET Framework Security Features

    • Implementing CLR Security Mechanism
    • Implementing Security Using Application Domains

    Module 5: Implementing Role-based Security

    • Basics of Role-Based Security
    • Role-Based Security with Principal and Identity Objects
    • Role-Based Security with Permission Objects

    Module 6: Implementing Code-Access Security

    • Overview of Code-Access Security
    • Performing Basic Security Operations
    • Performing Imperative Security Operations
    • Performing Declarative Security Operations
    • Adding Permission Requests

    Module 7: Implementing Cryptography in .NET

    • Implementing Symmetric Cryptography
    • Implementing Asymmetric Cryptography

    Module 8: Securing ASP.NET Applications

    • Implementing Authentication in ASP.NET Applications
    • Implementing Authorization in ASP.NET Applications
    • Implementing Impersonation in ASP.NET Applications
    • Securing Web Files and Folders

    Module 9: Securing Remote .NET Applications

    • Introducing .NET Application Security
    • Implementing Authentication and Authorization in .NET Remoting Applications
    • Introducing Web Service Security
    • Implementing WS Security

    Module 10: Configuring .NET Security

    • Managing Security Policies Using Mscorcfg.msc
    • Managing Security Policy Levels Using Mscorcfg.msc

    Module 11: Implementing Security Testing

    • Overview of Security Testing
    • Creating a Security Test Plan
    • Performing Security Testing

    Module 12: Deploying Applications with Security

    • Deploying .NET Applications with Security Settings
    • Deploying .NET Applications with Publisher Identity and Code Integrity

Recommended follow on course

For more information or advice please complete the form below.

Name*  
Phone*  
Mobile  
Email*  
Receive info on...   MCSE
MCDBA
MCAD
MCP
MCSA
MCDST
MCSD
Other
Status   Company
Individual
Where did you hear about us?*  
Comments  
Address  

* These fields are required

 
e-Learning           Classroom       Online Demo         Benefits          Contact us          Sitemap
  

Microsoft Training © 2005.

Please Note: We are not Microsoft. We are a training company that provides training materials and classes to gain your Microsoft certification.