Level 2: .NET Security
2 Days

.NET revolutionizes application security by providing the framework for developing secure Windows and Web applications. This course teaches you the basic concepts underlying Code Access Security, role-based security, and how to implement security in your applications to protect your code and your users against attack.

Topics Covered:

Secure your ASP.NET applications effectively.
Implement ASP.NET security using SQL Server.
Implement COM+ security with Serviced Components.
Secure Remoting with IIS and ASP.NET.
Create secure Web Services.
Deploy security policy and secure applications.
Understand Cryptography in .NET.
Handle common threats like buffer overflows, SQL injection and cross-site scripting.

ASP.NET Security

ASP.NET Security Overview
Windows Authentication
Forms Authentication
Custom Authentication

Enterprise Services

Enterprise Services Overview
Creating Serviced Components
Administering COM+ Security
Testing the Inventory Application

Security for .NET Remoting

.NET Remoting Overview
Hosting Remoting in ASP.NET
Secure Remoting with IIS and ASP.NET

Web Services

Web Services Overview
Disabling Unwanted Protocols
Secure Web Services with IIS and ASP.NET

Deployment

Deploying Security Policy
No-Touch Deployment
.NET Deployment Options
Deploying ASP.NET Applications

Cryptography in .NET

Basic Cryptographic Concepts
Working with Data
Using Asymmetric Cryptography
Hash Codes
Digital Signatures
Creating Random Keys

Handling Common Threats

Thinking About Security
Buffer Overflows
SQL Injection
Cross-Site Scripting
Keeping Current
The Human Element