Školení Developing and Deploying Secure Microsoft .NET Framework Applications

Délka: 3 dny
Cena: 9000 Kč

Developing and Deploying Secure Microsoft .NET Framework Applications osnova:

1. Introduction to .NET Framework Security and Deployment
   • Introduction to .NET assemblies
   • Overview of security measures
   • Overview of deployment concepts
   • Define the term .NET Framework assembly.
   • List the possible contents of a .NET Framework assembly
   • Describe common security and deployment problems that can be addressed by using .NET Framework assemblies
   • Describe the security architecture of the .NET Framework.
   • Define terms and concepts used to describe deployment of applications that are built with the .NET Framework
   • Understand basic security and deployment problems that the .NET Framework can help prevent
2. Viewing Metadata and Using Reflection
   • View metadata
   • Use reflection
   • Define assembly metadata
   • Define type metadata
   • Describe how the compiler uses assembly and type metadata to resolve references
   • Use the MSIL Disassembler to view assembly and type metadata
   • Use reflection to programmatically access assembly and type metadata
3. Secure Coding and Type-Safety Verification
   • Security basics
   • Create and use a threat model
   • Type-safety verification
   • Describe the concept of security as it applies to traditional security measures and to applications written by using the .NET Framework
   • Use the STRIDE threat model to develop a threat mitigation strategy for an application
   • Describe how type-safety verification forms the basis of .NET Framework application security
4. Cryptography and Digital Signing
   • Cryptography and signing basics
   • Encrypting and decrypting data with a symmetric algorithm
   • Encrypting, decrypting, and signing data with an asymmetric algorithm
   • Signing code
   • Encrypting and decrypting text with a password
     • Generate a key for a symmetric algorithm from a password and a random number
     • Encrypt data by using a symmetric algorithm
     • Decrypt data by using a symmetric algorithm
   • Describe symmetric and asymmetric encryption, hashing, and digital signing
   • Encrypt and decrypt data by using a password and symmetric encryption
   • Encrypt, decrypt and sign data by using asymmetric encryption
   • Hash data
   • Sign and delay-sign an assembly with a strong name
5. Code Access Security
   • Overview of code access security
   • Modify security policy
   • Security operations basics
   • Perform imperative security operations
   • Perform declarative security operations
   • Add permission requests
   • Use code access security
     • Perform demand and assert operations by using imperative code access security
     • Add minimum and optional permission requests to an assembly
   • Describe how the .NET Framework security system uses code access security to control the amount of permission to access computing resources that is granted to code
   • Modify security policy that is applied to assemblies
   • Use code to assert and to demand permissions imperatively
   • Use attributes to assert and to demand permissions declaratively
   • Use permission requests to specify and to limit those permissions that are granted to code
6. Role-Based Security
   • Role-based security basics
   • Role-based security with principal and identity objects
   • Role-based security with permission objects
   • Perform a role-based security check by using a principal object
   • Perform a role-based security check by using a permission object
   • Perform a role-based security check by using a permission attribute
   • Describe how role-based security is implemented by the .NET Framework
   • Perform role-based security checks with principals and identities
   • Perform role-based security checks with permission objects
7. Isolated Storage
   • Isolated storage basics
   • Using isolated storage
   • Describe the types of isolated storage
   • Describe the scenarios for using isolated storage
   • List the security permissions that are required for using isolated storage
   • Open a store
   • Create, read and write files and folders in a store
8. Creating an Assembly
   • Create single-file and multi-file assemblies
   • Create privately deployed and shared assemblies
   • Create a single-file assembly or a multi-file assembly, depending on the requirements of the software development project
   • Create a private assembly or a shared assembly, depending on the requirements of the software development project
9. Deploying .NET Framework Applications
   • Overview of deployment
   • Create a setup project
   • Choose whether to use the XCOPY command, Microsoft Windows Installer or a Cab project to deploy an assembly
   • Create a setup project that specifies where to install the files, what conditions must be met before installing certain files and what custom actions to perform after installation is complete
10. Assembly Binding and Configuration
    • Deployment of an updated shared component across an enterprise
    • Allow a specific application to continue to use an earlier version of a shared assembly
    • Enforce binding policy across the enterprise without exception
    • Version and assembly binding basics
    • Configuration file syntax
    • Create policy configuration files
    • Describe the process that the runtime uses to ensure that it finds and binds to the correct version of an assembly
    • Identify the XML element in a configuration file that modifies binding instructions
    • Create configuration files to modify the assembly version and the locations that the runtime searches to find assemblies

Termíny všech kurzů přizpůsobím Vašim individuálním požadavkům.
Pokud Vám nebude vyhovovat osnova nebo délka daného kurzu, kontaktujte mě kontakt a domluvíme se na osnově, která bude zohledňovat Vaše požadavky.