Consulting Training Blog Careers About Us Contact Us

Complete .NET 2.0 Security Training

Upcoming Classes

Sorry, nothing scheduled right now. Click the Get Notified button below to be alerted when a class is scheduled.

Get Notified

On Site/Private

Can't find a class that fits right for you? Contact us to inquire about scheduling your own private class

Contact Us

Description

Intertech's Complete .NET 2.0 Security course provides a foundation of the various security APIs contained within the .NET 2.0 base class libraries. The course begins by examining how strong naming, obfuscation and digital certificates can prevent others from tampering with and modifying the content within a .NET assembly. The course then addresses the role of one-way encryption using hash algorithms as well as symmetrical and asymmetrical cryptographic services. This class will also examine the use of Role Based Security and Code Access Security to assign identities and permissions to users and executing assemblies. The course wraps up by examining numerous topics regarding securing ASP .NET web applications and XML web services.

 

Bring This Course To You

For groups of 5 or more, let Intertech bring this course to your location. Customized versions tailored towards your objectives are also available.

Learn More

Prerequisites

Programming experience in .NET

Course Outline

The Assembly as a Security Boundary

  • Review the composition of .NET assemblies
  • Understand the role of Applications Domains
  • Define 'roundtrip engineering'
  • Learn to protect assemblies from tampering using strong names
  • Understand the role of obfuscation
  • Understand the role of publisher certificates
  • Understand the role of FxCop.exe

Cryptography in .NET

  • Define the role of cryptographic services
  • Understand the role of hash algorithms and hash codes
  • Generate hashed data using the .NET framework
  • Validate hash codes programmatically
  • Understand the role of encryption and decryption
  • Learn to encrypt data symmetrically
  • Learn to encrypt data asymmetrically

Role Based Security

  • Understand the use of role based security
  • Create and administer roles
  • Distinguish between principals, identity and roles
  • Programmatically determine role membership
  • Restrict actions based on roles

Code Access Security

  • Understand the motivation behind Code Access Security (CAS)
  • Understand the building blocks of CAS
  • Use CAS to secure ClickOnce Applications
  • Programmatically interact with CAS

Isolated Storage

  • Undertand the role of Isolated Storage
  • Understand the levels of isolated Storage
  • Investigate the System.IO.IsolatedStorage namespace
  • Administer isolated storage using storeadm.exe
  • Programmatically manipulate isolated storage

Securing an ASP .NET Web Site

  • Examine the Architecture of ASP .NET Security
  • Contrast Windows based and Forms based authentication
  • Configure ASP .NET authentication and authorization using a web.config file
  • Work with the ASP .NET security controls

Securing XML Web Services

  • Briefly review the construction of .NET XML Web Services
  • Understand the role of Web Services Extensions (WSE) 3.0
  • Walkthrough the process of obtaining / installing WSE 3.0
  • Understand the scope of Microsoft.Web.Services3.dll
  • Examine how to authenticate users using WS-Security

Free Resources from Intertech

Complete Guide to Becoming a Full Stack Developer

Free Book Chapter: Spring Web

Free Training Guide: Introduction to Spring Integration

X