|
Microsoft .NET Security Training PN-320333
Price: $595
Product Options
- Single user license
- Multiuser site license (add $650)
Detailed Description
Schedule our instructor led classroom trainings at your convenience and never miss another lecture or fall behind. You are in complete control. We invited the Best Microsoft.NET Trainers in the industry to help us develop the ultimate training & certification program which includes everything you will need to fully prepare for and pass your certification exams.
.NET revolutionizes application security by providing the framework for developing secure Windows and Web applications. This course teaches you the basic concepts underlying Code Access Security, role-based security, and how to implement security in your applications to protect your code and your users against attack. In this course, you'll learn about the security features in .NET. You'll gain an understanding of the new security architecture in the .NET Framework, and about Code Access Security in the Common Language Runtime. You'll explore how to administer security policy using visual and command-line tools. You also learn how to write script to implement security.
Included in this Program
- 9 CD-ROMs featuring live instructor-led classroom sessions with full audio, video and demonstration components
- Printable courseware
- Step-by-step hands-on-labs
- Exclusive LearningZone Live Mentor. Help whenever you need it! Exclusive LearningZone - Chat Live with our Certified Instructors anytime around the clock (7x24)
|
- Focused on practical solutions to real-world development problems
- Proven technique- Actual Exam Secrets Review
- Free 1 Year Upgrade Policy
|
Course Outline
Module 1
Secure.Net Overview
.Net Assemblies
Assembly Parts
Metadata
Strong Name and Reflection
Security Overview
Type Safety Verification
Code Signing
Encryption and Digital Signatures
Code Access and Role Base Security
Isolated Storage
Application Deployment
Versioning
Configuration
Review
Metadata and Reflection
Metadata
Demo - ILDASM.exe
Reflection
Demo - Reflection
Review
Lab - Using the (MSIL) Disassembly
Secure Coding
Security Basics
Security Measures
Malicious Users & .Net
Best Practices
Threat Modeling
Creating Threat Models
Applying Threat Models
Module 2
Cryptography
Cryptography and Digital Signing
Symmetric and Asymmetric Scenarios
Cryptography in the .Net Framework
Cryptography with Symmetric Algorithms
Demo - Symmetric Cryptography
Cryptography with Asymmetric Algorithms
Demo - Hashing
Signing Code
Demo - Strong Names
Review
Lab - Using the File Signing Tool
Module 3
Code Access Security
Evidence
Security Policy
Code Groups
Security Policy Level
Modifying Security Policy
Demo - Graphical Configuration
CasPol Tool
Demo CasPol Tool
Security Operation Basics
Permission Demand
Permission Assert
Other Security Checks
Imperative and Declarative Security
Allow Partially Trusted Callers Attribute
Imperative Security
Demo - Imperative Security
Declarative Security
Demo - Declarative Security
Review
Lab - Administrating Security Policy
Module 4
Role Based Security
Creating Windows Principal and Identity
Demo - Principal and Identity
Generic Identity and Principal
Demo - Generic Authentication
Principal Permission Object
Demo - Principal Permission
Review
Lab - Assign Users to Security Role
Module 5
Isolated Storage
Defining Isolated Storage
Using Isolated Storage
Demo - Isolated Storage
Review
Creating and Assembly
Single and Multi File Assemblies
Demo - Command Line Compilation
Private VS Shared Assemblies
Demo - Global Assembly Cache
Review
Deploying .Net Applications
Deployment Methods
Creating a Setup Project
Demo - Deployment
Review
Lab - Deploying an Application
|
Module 6
Assembly Binding Configuration
Assembly Binding Basics
Side by Side Deployment
Configuration Files
Assembly Binding Process
Configuration File Syntax
Creating Policy Configuration Files
Demo - Assembly Reflection
Review
Lab - Binding and Configuration
Introduction to Web Security
Importance of Security
Security Challenges
Hackers and Attackers
Attack Types
Vulnerabilities
Implementing Security
Best Practices
Review
Module 7
Validating User Input
Type of User Input
Why Validate Input
Type of Validation
User Input Attacks
HTTP Cookie and Hear Attacks
Form Data and Script Attacks
Demo -Web Form Attacks
Performing Validation
Concealing Information
Review
Lab - The STRIDE Threat Model
Securing Web Pages
ASP.Net Authentication Methods
Configuration ASP.Net
Windows Based Authentication
Demo -Windows Security
Form Based Authentication
Implementing Form Based Authentication
Demo - Forms Security
Review
Module 8
Server Security
Internet Information Services IIS
Impersonation and User ID
Configuring Permissions
Client Authentication
Application Protection Level
Demo - IIS
Windows Server 2000/2003
Access Control Lists
Windows Server Best Practices
Demo - Creating ACLs
SQL Server
Authentication and Permissions
SQL Server Best Practices
Demo - SQL Server
SQL to IIS Security
SQL Injection Attacks
Demo - Injection Attacks
Injection Attack Protection
Review
Lab - Internet Information Services
Module 9
Protecting Communication
Digital certificates
SSL/TLS
IPSec
Review
Web Applications
Web Security Difference
Creating a Test Plan
Performing a Security Test
Review
Lab - The Dread Threat Model
Best Practices
Web Service Enhancements WSE
Cryptography
Web Application Security
User Input
General Good Practices
Critical Best Practices
Review
|
|
