Kurz: Developing and Deploying Secure Microsoft .NET Framework Applications

*
Introduction to .NET Framework Security and Deployment

Introduction to .NET assemblies
.


*
Overview of security measures
.


*
Overview of deployment concepts
.


*
Define the term .NET Framework assembly.
.


*
List the possible contents of a .NET Framework assembly

.


*
Describe common security and deployment problems that can be addressed by using .NET Framework assemblies
.


*
Describe the security architecture of the .NET Framework.
.


*
Define terms and concepts used to describe deployment of applications that are built with the .NET Framework
.


*
Understand basic security and deployment problems that the .NET Framework can help prevent
.


*
Viewing Metadata and Using Reflection


View metadata
.


*
Use reflection
.


*
Define assembly metadata
.


*
Define type metadata
.


*
Describe how the compiler uses assembly and type metadata to resolve references
.


*
Use the MSIL Disassembler to view assembly and type metadata

.


*
Use reflection to programmatically access assembly and type metadata
.


*
Secure Coding and Type-Safety Verification

Security basics
.


*
Create and use a threat model
.


*
Type-safety verification

.


*
Describe the concept of security as it applies to traditional security measures and to applications written by using the .NET Framework
.


*
Use the STRIDE threat model to develop a threat mitigation strategy for an application
.


*
Describe how type-safety verification forms the basis of .NET Framework application security
.


*
Cryptography and Digital Signing

Cryptography and signing basics

.


*
Encrypting and decrypting data with a symmetric algorithm
.


*
Encrypting, decrypting, and signing data with an asymmetric algorithm
.


*
Signing code
.


*
Encrypting and decrypting text with a password

Generate a key for a symmetric algorithm from a password and a random number
.


*
Encrypt data by using a symmetric algorithm

.


*
Decrypt data by using a symmetric algorithm
.


*
Describe symmetric and asymmetric encryption, hashing, and digital signing
.


*
Encrypt and decrypt data by using a password and symmetric encryption
.


*
Encrypt, decrypt and sign data by using asymmetric encryption
.


*
Hash data
.


*

Sign and delay-sign an assembly with a strong name
.


*
Code Access Security

Overview of code access security
.


*
Modify security policy
.


*
Security operations basics
.


*

Perform imperative security operations
.


*
Perform declarative security operations
.


*
Add permission requests
.


*
Use code access security

Perform demand and assert operations by using imperative code access security
.


*
Add minimum and optional permission requests to an assembly

.


*
Describe how the .NET Framework security system uses code access security to control the amount of permission to access computing resources that is granted to code
.


*
Modify security policy that is applied to assemblies
.


*
Use code to assert and to demand permissions imperatively
.


*
Use attributes to assert and to demand permissions declaratively
.


*
Use permission requests to specify and to limit those permissions that are granted to code
.


*
Role-Based Security

Role-based security basics
.


*
Role-based security with principal and identity objects
.


*
Role-based security with permission objects
.


*
Perform a role-based security check by using a principal object
.


*

Perform a role-based security check by using a permission object
.


*
Perform a role-based security check by using a permission attribute
.


*
Describe how role-based security is implemented by the .NET Framework
.


*
Perform role-based security checks with principals and identities
.


*
Perform role-based security checks with permission objects
.


*

Isolated Storage

Isolated storage basics
.


*
Using isolated storage
.


*
Describe the types of isolated storage
.


*
Describe the scenarios for using isolated storage
.


*
List the security permissions that are required for using isolated storage

.


*
Open a store
.


*
Create, read and write files and folders in a store
.


*
Creating an Assembly

Create single-file and multi-file assemblies
.


*
Create privately deployed and shared assemblies

.


*
Create a single-file assembly or a multi-file assembly, depending on the requirements of the software development project
.


*
Create a private assembly or a shared assembly, depending on the requirements of the software development project
.


*
Deploying .NET Framework Applications

Overview of deployment
.


*
Create a setup project

.


*
Choose whether to use the XCOPY command, Microsoft Windows Installer or a Cab project to deploy an assembly
.


*
Create a setup project that specifies where to install the files, what conditions must be met before installing certain files and what custom actions to perform after installation is complete
.


*
Assembly Binding and Configuration

Deployment of an updated shared component across an enterprise
.


*
Allow a specific application to continue to use an earlier version of a shared assembly

.


*
Enforce binding policy across the enterprise without exception
.


*
Version and assembly binding basics
.


*
Configuration file syntax
.


*
Create policy configuration files
.


*
Describe the process that the runtime uses to ensure that it finds and binds to the correct version of an assembly
.


*
Identify the XML element in a configuration file that modifies binding instructions

.


*
Create configuration files to modify the assembly version and the locations that the runtime searches to find assemblies
.