• Online, Self-Paced
Course Description

The Microsoft .NET Framework is widely used to produce a variety of application types. Developers employing this framework should be aware of how to secure .NET applications and protect them from potential risks. In this course, you will explore how to develop secure .NET applications and protect against common risks.

Learning Objectives

Microsoft .NET Application Security

  • start the course
  • identify the key features of security in the .NET Framework
  • describe how authentication works in .NET
  • recognize the key features of Secure coding in the .NET Framework
  • list and describe the key .NET security namespaces
  • define what the Microsoft Secure Development Lifecycle or SDL is

Role-based Security in .NET

  • configure permissions for role-based security
  • demonstrate how to use the WindowsPrincipal object in .NET
  • recognize the purpose of replacing Principal objects
  • compare GenericPrincipal and GenericIdentity objects
  • describe how impersonation works in .NET
  • use imperative security checks in .NET

Code Access Security in .NET

  • recognize the main features of Code Access Security or CAS
  • demonstrate how to use transparency as an enforcement mechanism
  • configure your .NET application to use partially trusted code
  • identify the relationship between link demands and Code Access Security or CAS
  • configure Code Access Security in a .NET application

Cryptography in .NET

  • recognize the main features of the .NET cryptography model
  • configure data encryption using keys
  • recognize the process for encrypting and decrypting data
  • specify how to use hash codes in a .NET application

Securing .NET

  • identify common threats to .NET applications
  • list and describe common security tools to be used with .NET
  • create secure ASP.NET web forms
  • demonstrate how to secure access to a data source

Practice: Securing a .NET Application

  • use secure coding techniques to create a .NET application

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.