• Online, Self-Paced
Course Description

In this course, you will learn how to manage validation and prevent cross-site scripting and cross-site request forgery attacks, and how to implement a custom membership provider for ASP.NET MVC web applications.

Learning Objectives

Implementing Secure Sites

  • start the course
  • use HTML form encoding to prevent cross-site scripting attacks in an ASP.NET MVC web application
  • create and apply a salt to a hashed password before storing it in an ASP.NET MVC web application
  • create and use an SSL client certificate to provide SSL authentication in an ASP.NET MVC web application
  • encrypt a section of a application configuration file in ASP.NET MVC web application in Visual Studio 2017
  • implement deferred request validation in an ASP.NET MVC web application
  • use the AllowHtml attribute to disable request validation for a model property in an ASP.NET MVC web application
  • use the ValidateInput attribute to disable validation for an MVC controller action in an ASP.NET MVC web application
  • use parameterized SQL queries to prevent SQL injection attacks in an ASP.NET MVC web application
  • use an anti-forgery token along with the ValidateAntiForgeryTokenAttribute to protect against cross-site request forgery attacks in an ASP.NET MVC web application

Implementing Custom Membership Providers

  • set up a model class for a custom membership provider in an ASP.NET MVC web application in Visual Studio 2017
  • configure a custom membership provider in an ASP.NET MVC web application in Visual Studio 2017
  • test the operation of a custom membership provider in an ASP.NET MVC web application in Visual Studio 2017

Practice: Securing Communication

  • secure communication by applying SSL certificates; salt and hash passwords for storage

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Software Development