Custom Search
Home > American IT > Microsoft Security Guidance Training for Developers
Provided by: American IT

Microsoft Security Guidance Training for Developers

Unfiled

Training Provided by American IT

This one-day instructor-led clinic provides students with knowledge and skills essential for the creation of applications with enhanced security. Students will learn about the need for implementing security at every stage of the development process and best practices for applying security principles. Students will also learn how to use established threat modeling methodologies and tools with other best practices to minimize vulnerabilities and limit damage from attacks. Finally students will learn how to implement security features to enhance security for Web applications and Web services that are built by using Microsoft ASP.NET.


Contact American IT for more information
Duration:1 days
Training Presented in:English
Click here for more information or to take this course
Microsoft Security Guidance Training for Developers

Program Outline


Session 1: Essentials of Application Security

This session provides the knowledge and skills essential for the creation of applications with enhanced security. The session covers important security concepts and the need for implementing security at every stage of the development process. Additionally this session discusses how to use various security technologies to increase data and communications security and describes the security enhancements included with Windows XP Service Pack 2.

Topics

  • The Importance of Application Security

  • Secure Application Development Practices

  • Security Technologies

  • Secure Development Guidelines

    Session 2: Writing Secure Code Best Practices

    This session identifies best practices for applying security principles throughout the development process. The session also describes established threat modeling methodologies and tools and how they can be applied with other best practices to minimize vulnerabilities and limit damage from attacks.

    Topics

  • Secure Development Process

  • Threat Modeling

  • Risk Mitigation

  • Security Best Practices

    Session 3: Writing Secure Code Threat Defense

    This session builds upon existing knowledge of secure coding best practices and threat modeling to identify a variety of threat scenarios. The session covers effective strategies for defending common security threats such as buffer overruns cross-site scripting SQL injection and denial of service attacks.

    Topics

  • The Need For Secure Code

  • Defending Against Memory Issues

  • Defending Against Arithmetic Errors

  • Defending Against Cross-Site Scripting

  • Defending Against SQL Injection

  • Defending Against Canonicalization Issues

  • Defending Against Cryptography Weaknesses

  • Defending Against Unicode Issues

  • Defending Against Denial of Service

    Session 4: Implementing Application Security Using the .NET Framework

    This session describes how to implement additional security features for applications that are built on the .NET Framework. The session describes how to use both code access security and role-based security to limit vulnerabilities and how to use the cryptographic provider support in the .NET Framework to encrypt and sign data. In addition the session explains how to secure Web applications and Web services that are built by using ASP.NET.

    Topics

  • .NET Framework Security Features

  • Code Access Security

  • Role-Based Security

  • Cryptography

  • Securing ASP.NET Web Applications

  • Securing ASP.NET Web Services

    About Microsoft Clinics

    Microsoft Official Clinic learning products provide students with technical information on Microsoft products or technologies while discussing real-world considerations for their implementation. Clinics highlight features and functionality through product demonstrations.


    Related Exams

    No Microsoft Certified Professional exams are associated with this course currently.


    Student Pre-Requisites

    Before attending this clinic students must have:

  • Development experience with Microsoft Visual Basic Microsoft Visual C++ or C#

  • Experience building Microsoft Windows or Web applications using the .NET Framework


    Student Materials

    The student kit includes comprehensive notes supporting the topics discussed.


    Program Goals

    After completing this clinic students will be able to:

  • Understand the historical implications of Trustworthy Computing.

  • Identify potentially hostile applications.

  • Identify common types of attacks.

  • Understand the consequences of poor security.

  • Recognize examples of security intrusions.

  • Identify challenges involved in implementing security.

  • Understand the need for process improvement throughout the development process.

  • Describe the security framework.

  • Understand the secure product development timeline.

  • Describe the principles of designing with security in mind.

  • Understand the importance of data security.

  • Identify threat scenarios.

  • Target potential sources of threats.

  • Describe common types of attacks.

  • Describe Microsoft .NET Framework security features.

  • Explain how code access security works.

  • Explain how role-based security works.

  • Explain how to use cryptography to sign and verify data.

  • Enhance security for ASP.NET Web applications.

  • Enhance security for ASP.NET Web services.

  • Apply appropriate tips for writing secure code with the .NET Framework.


    • About The Training Provider: American IT
    American IT - American IT represents a select group of IT Training partners located throughout the United States.  These partners are all, at a minimum,  Microsoft Certified Partners for Learning Solutions, however many of our partners have achieved Microsoft Gold Certified Partner status, distinguishing themselves as one of the premier IT solutions providers in the industry. Our commitment, to our...
    Click here for more information or to take this course
    Home > American IT > Microsoft Security Guidance Training for Developers
    Advertise With Us
    Do you teach microsoft ?
    tcw11-gfc-v396M-10/25/09-10:17:27-()[B]-[B]-[B] -21:43:58