The Assembly as a Security Boundary
- Review the composition of .NET assemblies
- Understand the role of Applications Domains
- Define 'roundtrip engineering'
- Learn to protect assemblies from tampering using strong names
- Understand the role of obfuscation
- Understand the role of publisher certificates
- Understand the role of FxCop.exe
Cryptography in .NET
- Define the role of cryptographic services
- Understand the role of hash algorithms and hash codes
- Generate hashed data using the .NET framework
- Validate hash codes programmatically
- Understand the role of encryption and decryption
- Learn to encrypt data symmetrically
- Learn to encrypt data asymmetrically
Role Based Security
- Understand the use of role based security
- Create and administer roles
- Distinguish between principals, identity and roles
- Programmatically determine role membership
- Restrict actions based on roles
Code Access Security
- Understand the motivation behind Code Access Security (CAS)
- Understand the building blocks of CAS
- Use CAS to secure ClickOnce Applications
- Programmatically interact with CAS
Isolated Storage
- Undertand the role of Isolated Storage
- Understand the levels of isolated Storage
- Investigate the System.IO.IsolatedStorage namespace
- Administer isolated storage using storeadm.exe
- Programmatically manipulate isolated storage
Securing an ASP .NET Web Site
- Examine the Architecture of ASP .NET Security
- Contrast Windows based and Forms based authentication
- Configure ASP .NET authentication and authorization using a web.config file
- Work with the ASP .NET security controls
Securing XML Web Services
- Briefly review the construction of .NET XML Web Services
- Understand the role of Web Services Extensions (WSE) 3.0
- Walkthrough the process of obtaining / installing WSE 3.0
- Understand the scope of Microsoft.Web.Services3.dll
- Examine how to authenticate users using WS-Security
|
