Lektoři z firmy: David Solnař
* Introduction to .NET Framework Security and Deployment Introduction to .NET assemblies . * Overview of security measures . * Overview of deployment concepts . * Define the term .NET Framework assembly. . * List the possible contents of a .NET Framework assembly . * Describe common security and deployment problems that can be addressed by using .NET Framework assemblies . * Describe the security architecture of the .NET Framework. . * Define terms and concepts used to describe deployment of applications that are built with the .NET Framework . * Understand basic security and deployment problems that the .NET Framework can help prevent . * Viewing Metadata and Using Reflection View metadata . * Use reflection . * Define assembly metadata . * Define type metadata . * Describe how the compiler uses assembly and type metadata to resolve references . * Use the MSIL Disassembler to view assembly and type metadata . * Use reflection to programmatically access assembly and type metadata . * Secure Coding and Type-Safety Verification Security basics . * Create and use a threat model . * Type-safety verification . * Describe the concept of security as it applies to traditional security measures and to applications written by using the .NET Framework . * Use the STRIDE threat model to develop a threat mitigation strategy for an application . * Describe how type-safety verification forms the basis of .NET Framework application security . * Cryptography and Digital Signing Cryptography and signing basics . * Encrypting and decrypting data with a symmetric algorithm . * Encrypting, decrypting, and signing data with an asymmetric algorithm . * Signing code . * Encrypting and decrypting text with a password Generate a key for a symmetric algorithm from a password and a random number . * Encrypt data by using a symmetric algorithm . * Decrypt data by using a symmetric algorithm . * Describe symmetric and asymmetric encryption, hashing, and digital signing . * Encrypt and decrypt data by using a password and symmetric encryption . * Encrypt, decrypt and sign data by using asymmetric encryption . * Hash data . * Sign and delay-sign an assembly with a strong name . * Code Access Security Overview of code access security . * Modify security policy . * Security operations basics . * Perform imperative security operations . * Perform declarative security operations . * Add permission requests . * Use code access security Perform demand and assert operations by using imperative code access security . * Add minimum and optional permission requests to an assembly . * Describe how the .NET Framework security system uses code access security to control the amount of permission to access computing resources that is granted to code . * Modify security policy that is applied to assemblies . * Use code to assert and to demand permissions imperatively . * Use attributes to assert and to demand permissions declaratively . * Use permission requests to specify and to limit those permissions that are granted to code . * Role-Based Security Role-based security basics . * Role-based security with principal and identity objects . * Role-based security with permission objects . * Perform a role-based security check by using a principal object . * Perform a role-based security check by using a permission object . * Perform a role-based security check by using a permission attribute . * Describe how role-based security is implemented by the .NET Framework . * Perform role-based security checks with principals and identities . * Perform role-based security checks with permission objects . * Isolated Storage Isolated storage basics . * Using isolated storage . * Describe the types of isolated storage . * Describe the scenarios for using isolated storage . * List the security permissions that are required for using isolated storage . * Open a store . * Create, read and write files and folders in a store . * Creating an Assembly Create single-file and multi-file assemblies . * Create privately deployed and shared assemblies . * Create a single-file assembly or a multi-file assembly, depending on the requirements of the software development project . * Create a private assembly or a shared assembly, depending on the requirements of the software development project . * Deploying .NET Framework Applications Overview of deployment . * Create a setup project . * Choose whether to use the XCOPY command, Microsoft Windows Installer or a Cab project to deploy an assembly . * Create a setup project that specifies where to install the files, what conditions must be met before installing certain files and what custom actions to perform after installation is complete . * Assembly Binding and Configuration Deployment of an updated shared component across an enterprise . * Allow a specific application to continue to use an earlier version of a shared assembly . * Enforce binding policy across the enterprise without exception . * Version and assembly binding basics . * Configuration file syntax . * Create policy configuration files . * Describe the process that the runtime uses to ensure that it finds and binds to the correct version of an assembly . * Identify the XML element in a configuration file that modifies binding instructions . * Create configuration files to modify the assembly version and the locations that the runtime searches to find assemblies . |