The Microsoft .NET Framework is widely used to produce a variety of application types. Developers employing this framework should be aware of how to secure .NET applications and protect them from potential risks. In this course, you will explore how to develop secure .NET applications and protect against common risks.
Learning Objectives
Microsoft .NET Application Security
- start the course
- identify the key features of security in the .NET Framework
- describe how authentication works in .NET
- recognize the key features of Secure coding in the .NET Framework
- list and describe the key .NET security namespaces
- define what the Microsoft Secure Development Lifecycle or SDL is
Role-based Security in .NET
- configure permissions for role-based security
- demonstrate how to use the WindowsPrincipal object in .NET
- recognize the purpose of replacing Principal objects
- compare GenericPrincipal and GenericIdentity objects
- describe how impersonation works in .NET
- use imperative security checks in .NET
Code Access Security in .NET
- recognize the main features of Code Access Security or CAS
- demonstrate how to use transparency as an enforcement mechanism
- configure your .NET application to use partially trusted code
- identify the relationship between link demands and Code Access Security or CAS
- configure Code Access Security in a .NET application
Cryptography in .NET
- recognize the main features of the .NET cryptography model
- configure data encryption using keys
- recognize the process for encrypting and decrypting data
- specify how to use hash codes in a .NET application
Securing .NET
- identify common threats to .NET applications
- list and describe common security tools to be used with .NET
- create secure ASP.NET web forms
- demonstrate how to secure access to a data source
Practice: Securing a .NET Application
- use secure coding techniques to create a .NET application