Software Development
Secure Programming
Application Security in .NET
Code Access Security and Cryptography in .NET
Creating Secure C/C++ Code
Introduction to Secure Programming
Secure Programming for C/C++
SecuringC/C++ Applications

Application Security in .NET

Course Number:
sd_secp_a05_it_enus
Lesson Objectives

Application Security in .NET

  • start the course
  • identify the key features of security in the .NET framework
  • describe how authentication works in .NET
  • recognize the key features of secure coding in the .NET Framework
  • list and describe the key .NET security namespaces
  • define what the Microsoft Security Development Lifecycle (SDL) is
  • describe how role-based security and permissions are used in .NET
  • demonstrate how to use the WindowsPrincipal object in .NET
  • recognize the purpose of replacing Principal objects
  • compare GenericPrincipal and GenericIdentity objects
  • describe how impersonation works in .NET
  • use imperative security checks in .NET
  • identify key features of .NET application security and how security is implemented

Overview/Description
In this course, you’ll learn the concepts for securing a .NET application, including authentication, .NET security namespaces, permissions, role-based security, and impersonation.

Target Audience
Individuals interested in learning the fundamental concepts of secure programming, or experienced programmers wishing to refresh or improve their skills. Previous programming experience with C/C++ or .NET may be beneficial

Code Access Security and Cryptography in .NET

Course Number:
sd_secp_a06_it_enus
Lesson Objectives

Code Access Security and Cryptography in .NET

  • start the course
  • recognize the main features of CAS
  • demonstrate how to use transparency as an enforcement mechanism
  • configure your .NET application to use partially trusted code
  • identify the relationship between link demands and CAS
  • configure Code Access Security in a .NET application
  • recognize the main features of the .NET cryptography model
  • configure data encryption using keys
  • recognize the process for encrypting and decrypting data
  • specify how to use hash codes in a .NET application
  • identify common threats to .NET applications
  • list and describe |w common security tools to be used with .NET
  • create secure ASP.NET web forms
  • demonstrate how to secure access to a data source
  • use secure coding techniques to create a .NET application

Overview/Description
Learn how to configure Code Access Security (CAS) and cryptography in your .NET applications, and how to secure data access and your ASP.NET web forms.

Target Audience
Individuals interested in learning the fundamental concepts of secure programming, or experienced programmers wishing to refresh or improve their skills. Previous programming experience with C/C++ or .NET may be beneficial

Creating Secure C/C++ Code

Course Number:
sd_secp_a04_it_enus
Lesson Objectives

Creating Secure C/C++ Code

  • start the course
  • recognize how to properly interface with data in C/C++
  • demonstrate some common data validation techniques employed to create secure C/C++ applications
  • identify why casting in the C++ style is preferred to the C style
  • recognize how to properly use operator overloading in C/C++
  • identify the correct way to access internal class data
  • describe why for-loops are preferred to while-loops
  • recognize how to keep functions focused and concise
  • identify the best way to use references and pointers and why you should avoid raw pointers
  • recognize the importance of good readability for planning and maintaining code
  • use defensive coding techniques to create a secure C/C++ application

Overview/Description
In this course, you'll explore techniques to help you secure your C/C++ code including how to securely work with and validate data and a number of best practices for writing defensive and secure code.

Target Audience
Individuals interested in learning the fundamental concepts of secure programming, or experienced programmers wishing to refresh or improve their skills. Previous programming experience with C/C++ or .NET may be beneficial.

Introduction to Secure Programming

Course Number:
sd_secp_a01_it_enus
Lesson Objectives

Introduction to Secure Programming

  • start the course
  • describe defensive programming and identify its benefits and disadvantages
  • describe secure programming, its relationship to defensive programming, and its benefits and disadvantages
  • identify sources of risk that can negatively impact your software applications
  • describe best practices for creating secure code
  • describe how to include defensive programming techniques into your software development process
  • describe why testing should be performed and identify the major phases of the software testing process
  • describe what unit testing is and the benefits it provides
  • identify the benefits of employing defensive and secure programming and recognize the phases of the software testing process

Overview/Description
In this course, you'll learn the basic concepts of the secure programming methodology, including identifying potential security risks and the importance of testing your code.

Target Audience
Individuals interested in learning the fundamental concepts of secure programming, or experienced programmers wishing to refresh or improve their skills

Secure Programming for C/C++

Course Number:
sd_secp_a02_it_enus
Lesson Objectives

Secure Programming for C/C++

  • start the course
  • recognize what clean code is and the best techniques for writing clean code
  • identify the key features of iterative design
  • use pseudo-code to develop programming solutions
  • use assertions in your programming code
  • apply pre and post conditions to C/C++ code
  • recognize how to write testable C/C++ code
  • create examples of defensible methods
  • identify how to apply defensive techniques for method parameters and return values
  • recognize how to implement variable declarations for defendable code
  • identify how to use if and switch statements in creating defendable code
  • demonstrate how to use exceptions to handle errors
  • create a C/C++ application that incorporates error codes and messages into its error handling
  • recognize how to use error processing and global objects in your programs
  • identify how to handle errors locally in C/C++ code
  • recognize how to anticipate potential errors in C/C++ code
  • use defensive coding techniques to create clean, testable methods

Overview/Description
In this course, you’ll explore techniques for writing secure code, including how to use assertions, create defensible methods, write proper if and switch statements, use exceptions, and anticipate and handle errors in your C/C++ code.

Target Audience
Individuals interested in learning the fundamental concepts of secure programming, or experienced programmers wishing to refresh or improve their skills. Previous programming experience with C/C++ or .NET may be beneficial.

Securing C/C++ Applications

Course Number:
sd_secp_a03_it_enus
Lesson Objectives

Securing C/C++ Applications

  • start the course
  • identify potential risks to C/C++ UI applications
  • describe what buffer overflows are and how to limit their impact
  • recall how to prevent buffer overflows in C/C++ applications
  • describe what code injection attacks are and how to mitigate them in C/C++ applications
  • identify how to prevent formatted string vulnerabilities
  • recognize how to prevent DLL hijacking in C/C++ applications
  • use exceptions in C/C++ applications
  • specify how to handle bad data in your C/C++ applications
  • work with regular expressions to help with input validation
  • recognize how to constrain user input to prevent the input of bad data
  • use defensive coding techniques to handle user input

Overview/Description
Discover how to protect your applications from attacks and bad data! This course shows you how to identify and defend your C/C++ applications from potential risks, and how to control user input to reduce the possibility of bad data entry.

Target Audience
Individuals interested in learning the fundamental concepts of secure programming, or experienced programmers wishing to refresh or improve their skills. Previous programming experience with C/C++ or .NET may be beneficial.

Close Chat Live