2350 Developing and Deploying Secure Microsoft .NET Framework Applications

This three-day instructor-led course teaches developers to develop and deploy secure Microsoft .NET client applications by using Microsoft Visual Studio .NET and the Microsoft .NET Framework. The course provides an overview of security; discusses design issues, including threat modeling techniques and coding techniques that enhance security; and explains why type-safety verification is the cornerstone of Microsoft .NET Framework security. This course provides side-by-side coding examples and activities written in both Microsoft Visual Basic .NET and Microsoft Visual C#.

Understand basic security and deployment problems that the .NET Framework can help prevent.

Use the MSIL Disassembler to view assembly and type metadata.

Use reflection to programmatically access assembly and type metadata.

Use the STRIDE threat model to develop a threat mitigation strategy for an application.

Encrypt and decrypt data by using symmetric and asymmetric encryption.

Use permission requests to specify and to limit those permissions that are granted to code.

Create a single-file assembly or a multifile assembly, depending on the requirements of the software development project.

Create a private assembly or a shared assembly, depending on the requirements of the software development project.

Create and access files that are written to isolated storage.

Create a setup project that specifies where to install the files, what conditions must be met before installing certain files, and after the installation, what custom actions to perform.

Describe the process that the runtime uses to ensure that it finds and binds to the correct version of an assembly.

Create configuration files to modify the assembly version and the locations that the runtime searches to find assemblies.

• Developers who will gain the most from this course have a working understanding of the .NET Framework and some project experience writing .NET Framework client applications by using either Visual Basic .NET or Visual C#. Before attending this course, students must have:

  	Experience developing applications by using the .NET Framework, including using:
  	The common language runtime
  	Managed execution
  	Basic file I/O classes, such as the FileStream class

  Students can satisfy the prerequisites for this course by attending Course 2349: Programming with the Microsoft .NET Framework (Microsoft Visual C# .NET), or Course 2415: Programming with the Microsoft .NET Framework (Microsoft Visual Basic .NET).

  	Programming experience with Visual Basic .NET or Visual C#, including:
  	Opening, building, running, and debugging projects in Visual Studio .NET
  	Declaring variables and using loops and conditional statements
  	Creating classes and methods
  	Using attributes

  Students can satisfy the prerequisites for Visual Basic .NET by completing Course 2559: Introduction to Visual Basic .NET Programming with Microsoft .NET,or Course 2373: Programming with Microsoft Visual Basic .NET.

  Students can satisfy the prerequisites for Visual C# by completing Course 2124: Programming with C#, or Course 2609: Introduction to C# Programming with Microsoft .NET.

  The following books and courses provide a depth of knowledge of the .NET Framework that is useful for this course:

  	Programming Microsoft .NET by Jeff Prosise (Wintellect)
  	Applied Microsoft .NET Framework Programming in Microsoft Visual Basic .NET by Jeffrey Richter & Francesco Balena (Wintellect)
  	Course 2349: Programming with the Microsoft .NET Framework (Microsoft Visual C# .NET)
  	Course 2415: Programming with the Microsoft .NET Framework (Microsoft Visual Basic .NET)