Layout Table~~~~3224~3224~~

6 Sessions - 18 Hours of Interactive Training~
In the .NET Security for Developers Part 2 training course from LearnKey, expert instructors Andy Baron and Mary Chipman continue the instruction begun in Part 1. You’ll learn about evaluating security risks and handling common threats, building secure web applications with ASP.NET, deploying and working with enterprise services (COM+), and using cryptography in .NET. At the conclusion of this training course, you’ll be able to take advantage of the security features in the .NET framework and understand security issues and threats that developers encounter.

Prerequisites: Completion of .NET Security for Developers Part 1 recommended.

Benefits
• Increase your earning potential and technical security credibility.
• Enhance employment opportunities with in-demand Internet security knowledge.
• LearnKey courses will arm you with the latest technology on security issues. .~~~3224~3225~~

Course Outline Table~~~~3224~3226~~

Session 1~Section A: Config Authentication
· Configuration Settings
· Web.config File
· Windows Authentication
· Authorization
· Web.config Example
· Anonymous Users
· Lock Config Settings

Section B: Configuring IIS Settings
· Directory Security
· Anonymous Access
· Basic Authentication
· Digest Authentication
· Integrated Authentication
· Secure Communications

Section C: Windows Authentication
· ProcessModel
· ASPNET Account
· Web.config
· Group Membership
· No Impersonation
· Deny Access
· WindowsIdentity

Section D: Form-Based Authentication
· Authentication Cookie
· Persist Cookie
· Attributes
· Credentials
· Authenticate Method
· Log Off
· User.Identity

Section E: Credential Storage Options
· Hashed Passwords
· Hashing Algorithms
· Test Hash
· Create Hash
· XML File
· Userlist
· Server.MapPath
· Redirect~~~3224~3227~~

Session 2~Section A: Custom Authentication
· SQL Server Logins
· WebUser Objects
· Salt Hashed Passwords
· WebRoles
· Stored Procedures
· Permissions

Section B: Creating Custom Credentials
· Create User
· Add Roles
· Validate Name
· Store User
· Retrieve Roles

Section C: WebUsers Class
· Connection Strings
· Store User Information
· Return String
· Generate Hash
· Add to Role
· Retrieve Data
· Validate Password

Section D: Start Custom Authentication
· Web.config File
· Validate User
· Authorization Ticket
· Call Response.Redirect
· Authenticate Request
· Populate Array
· Test CustomAuth
· Role Membership Code

Section E: Enterprise Services
· COM+ Features
· Configured Components
· Component Services
· COM+ Security
· COM+ Roles
· COM+ vs. CLR~~~3224~3228~~

Session 3~Section A: Create Serviced Components
· Attributes
· Declaring Roles
· Methods
· Installing in COM+
· Manual Registration

Section B: Administering Security
· Application Security
· Application Identity
· Component Permissions
· Test Permissions
· SQL Profiler Trace
· Using ComPlusAccount
· Programmatic Security
· Imperative Security

Section C: .NET Remoting Features
· Mobile/Remote Objects
· Activation Modes
· Lifetime Management
· Server/Client Sharing
· Shared Assembly
· Shared Interface
· Other Sharing Options

Section D: .NET Remoting Example
· Object
· Server Application
· Create Channel
· Register Object
· Client Application
· Client Channel
· References
· Test Application

Section E: Host Remoting in ASP.NET
· Choosing a Host
· IIS/ASP.NET
· Create Web Application
· Web.config File
· Define Object
· HTTP Client Channel
· Startup Properties~~~3224~3229~~

Session 4~Section A: Remoting Authentication
· Authentication
· Passing Credentials
· Hard Code User

Section B: Remoting Authorization
· Web.config File
· Allow Users
· Test Authorization
· Principal Permission

Section C: Web Services Introduction
· View Code
· Namespace
· WebMethod
· StreamWriter
· Client Form
· Client Form Code
· Permissions

Section D: Web Reference & Proxy
· Add Web Reference
· Protocols
· Reference Parts
· Reference.vb

Section E: Disabling Protocols
· Locking Down
· HttpPost & HttpGet
· Override Settings
· Undo Changes

Section F: Web Services Authentication
· Directory Security
· Client Credentials
· PreAuthenticate
· NetworkCredential~~~3224~3230~~

Session 5~Section A: Web Services Authorization
· Specify User
· Wrong User
· Method Level
· Troubleshoot

Section B: Deploying Security Policy
· Policy Configuration
· Policy Packages
· Deployment Options
· Grant Full Trust
· Create Deployment Pkg

Section C: No Touch Deployment
· Deploy RichClient
· Adjust Security Policy
· Adjust Zone Security
· Reset Default Policies

Section D: .NET Deployment Options
· Private Assemblies
· Shared Assemblies
· Assembly Versioning
· Global Assembly Cache
· Install from GAC
· Uninstall from GAC

Section E: Deploy with Visual Studio
· Create Setup Project
· Define Setup Project
· Create/Add Merge Module
· Create Client Install
· Customize Setup Project
· Other Editors
· Finalize Project
· Install/Uninstall Project

Section F: Deploy ASP.NET Applications
· Copy Project
· Web Setup Project
· Add Merge Module
· Configure Security
· DeployWeb.msi

Section G: Cryptography Types
· Symmetric Cryptography
· Asymmetric Cryptography
· Symmetric/Asymmetric

Section H: Cryptography Types (cont.)
· Symmetric Example
· Crypto Provider
· CryptoStream
· Decrypt
· Encryption/Decryption~~~3224~3231~~

Session 6~Section A: Asymmetric Cryptography
· Create Key Files
· Test Encryption
· Public Key Code
· Add Private Key
· Convert to Byte Arrays
· Encrypt Data
· Read Encrypted Text
· Decrypt Data

Section B: Hash Codes
· Features
· Create Hash
· Array to Save
· Calculate Hash
· Verify Hash

Section C: Digital Signatures
· Not Verified
· Select File
· Calculate Hash
· Create Signature
· Verify Signature

Section D: Generating Random Keys
· Forms Authentication
· machineKey Element
· Verify View State
· Generate Key
· Generate Key Code
· Convert to String

Section E: Buffer Overflow
· Generate Overflow
· Unmanaged Code
Section F: SQL Injection Attacks
· Attack Example
· How It Works
· Attack Types
· Stored Procedure
· SQL Injection Protection

Section G: Cross-Site Scripting Attack
· Example
· View Results
· Fixing the Code
· Closing Holes
· Keeping Current

Section H: The Human Element
· Hackers
· Hacker Scenario
· Preventative Measures
· The Insiders~~~3224~3235~~

Ordering~~~~3224~3232~~

.NET Security For Developers Part 2 Training Course by LearnKey~Per Seat Licencing Available

Call 01223 894 136 for quotes for MULTIPLE USERS and Training Centre/Bootcamp & Education Solutions!~~PER USER%3A CD Course|372628|PER USER%3A ONLINE Course|!78731|LIBRARY LICENCE%3A CD Course|372625|~3224~3233~.net ado security~