Defensive Coding for C#

Defensive Coding for C#

• start the course
• list potential risks to C# UI applications
• describe what buffer overflows are and their impact
• identify how to prevent buffer overflows
• identify what form injection attacks typically take in C# applications
• describe how to mitigate injection attacks in C# applications
• identify how to prevent shatter attacks in .NET applications
• recognize how to prevent DLL highjacking in .NET applications
• use exceptions in C# applications
• specify how to deal with bad data in your C# applications
• how to use input validation in a C# application
• how to use regular expressions to help in input validation
• recognize how to constrain user input to prevent bad data input
• describe what SQL injection attacks are
• recognize how to use Stored Procedures to aid in the defense of SQL injection attacks
• describe some of the pitfalls of using dynamic SQL
• illustrate how authentication works in WCF
• recognize how to verify service identities
• identify how to prevent NTLM attacks
• recognize how to work with the WindowsIdentity class
• describe potential XML risks in ASP.NET applications
• identify how to prevent against XML Entity expansion attacks
• list the potential problems that path traversal may cause
• recognize how to prevent path traversal attacks
• use defensive coding techniques to create secure C# application

Defensive Coding Fundamentals for C#

Defensive Coding Fundamentals for C#

• start the course
• describe the potential risks faced by software applications
• identify the key reasons why risks are a recurring issue
• recognize the key features of defensive coding
• list some key approaches to preventing problems during the planning stage
• recognize what clean code is
• identify the key features of iterative design
• use pseudocode to develop programming solutions
• use assertions in your programming code
• apply pre and post conditions to C#
• identify how to perform low level design inspections
• describe the benefits of testing your code
• recognize how to write testable code in C#
• recognize how to perform unit tests using Visual Studio for C#
• create examples of defensible methods in C#
• identify the techniques for applying defensive techniques for method parameters and return values in C# methods
• recognize how to implement variable declarations for defendable code
• identify how to use null values in creating defendable code
• identify how to use if and switch statements in creating defendable code
• identify error handling techniques to promote defensive coding
• demonstrate how to use exceptions to handle errors
• create a C# application that incorporates error codes and messages into its error handling
• recognize how to use error processing and global objects
• identify how to handle errors locally in C# code
• recognize how to anticipate potential errors in C# code
• write clean, testable code