| |
|
| |
Developing Secure Web Applications Training Class
Course ID: 5683
|
|
| |
|
|
| |
|
|
| |
Developing Secure Web Applications Training Seminar
Overview:
This course provides students with the knowledge and skills that are needed to build Web applications by using secure coding techniques.
Who Should Attend:
This course is intended for students who are responsible for the design and development of Web applications. These students typically have three to five years of experience in developing or designing distributed Web applications. Actual job role titles vary throughout the technology industry, and they may include, but are not limited to: - Web Developer The Web developer is responsible for developing the logic, coding, testing, and debugging of Web applications and Web application software. - Solutions Architect The Solutions Architect is responsible for the design of the technical architecture of Web applications and Web-based software applications
At Course Completion:
- Define the basic principals of, and motivations for, Web security. - Perform a threat analysis of Web-accessible assets. - Use knowledge of authentication, Security Identifiers (SIDs), Access Control Lists (ACLs), impersonation, and the concept of running with least privilege to ensure access to only those system resources that are necessary to accomplish normal request processing. - Protect file system data by using the features in Microsoft?? Windows?? 2000. - Use the Microsoft SQL Server??? Security model and Microsoft ADO.NET to protect a Web application against SQL Server injection attacks. - Use one of the CryptoService classes of the System.Security.Cryptography namespace to transform a block of data into cyphertext. - Protect the portion of a Web application that requires private communications by using Secure Sockets Layer (SSL), . - Use general security coding best practices to ensure a secure Web application. - Use the Microsoft .NET Framework to build secure Web applications. - Employ a structured approach to testing for Web application security. - Use a systematic approach and knowledge of security best practices to secure an existing Web application.
|
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
Agenda |
|
| |
Lesson 1: Introduction to Web Security
Why Build Secure Web Applications?
Using the STRIDE Model to Determine Threats
Implementing Security: An Overview
|
|
Lesson 2: Planning for Web Application Security
A Design Process for Building Secure Web Applications
|
Lesson 3: Validating User Input
User Input
Types of User Input Attacks
Performing Validation
Revealing as Little Information as Possible to the User
|
Lesson 4: Internet Information Services Authentication
Introduction to Web Client Authentication
Configuring Access Permission for a Web Server
Selecting a Secure Client Authentication Method
Running Services As an Authenticated User
|
Lesson 5: Securing Web Pages
ASP Forms-Based Authentication
.NET Code Access and Role-Based Security
Overview of ASP.NET Authentication Methods
Working with Windows-Based Authentication in ASP.NET security
Working with ASP.NET Forms-Based Authentication
|
|
Lesson 6: Securing File System Data
Overview of Securing Files
Windows Access Control
Creating ACLs Programmatically
Protecting ASP.NET Web Application Files
|
Lesson 7: Securing Microsoft SQL Server
SQL Server Connections and Security
SQL Server Role-Based Security
Securing SQL Server Communication
Preventing SQL Injection Attacks
|
Lesson 8: Protecting Communication Privacy and Data Integrity
Introduction to Cryptography
Working with Digital Certificates
ManagementUsing Secure Sockets Layer/Transport Layer Security Protocols
Using Internet Protocol Security
|
Lesson 9: Encrypting, Hashing, and Signing Data
Encryption and Digital Signing Libraries
Using CAPICOM
Using System.Security.Cryptography Namespace to Hash Data
Using System.Security.Cryptography Namespace to Encrypt and Sign Data
|
|
|
|
| Top |
|
|
|
| |
|
|
|
| |
|
|
| |
Pre-requisites |
|
| |
Experience developing applications for the Web
Programming experience with Visual Basic .NET or Visual C#
Familiarity with n-tier application architecture
Familiarity with Microsoft SQL Server 2000 and Microsoft Internet Information Services products and technologies is recommended
1017 Mastering Web Application Development Using Microsoft Visual InterDev 6
2310B Developing Microsoft ASP.NET Web Applications Using Visual Studio .NET
|
|
|
|
| |
|
|
|
|
| |
|
|
| |
|
|
|
| |
| |
|
|
| |
Developing Secure Web Applications Training Course Dates and Locations
|
|
| |
|
|
| |
Course ID: 5683
| Course Duration: 3 Days
|
|
| |
|
|
| |
Locations: |
|
| |
|
|
| |
|
|
| |
|
|
| |
| Start Date |
Price |
|
Location/Event Details |
Register Online |
Request
More Info |
|
Print/Fax
Register |
|
|
| |
|
|
| |
|
|
|
|
| |
|
|
|
| |
|
|
| |
|
|
| |
Select a market segment to view more courses
|
|
| |
|
|
| |
Or, select a category to view more Information Technology courses
|
|
| |
|
|
| |
 Browse By Category
Browse By Location
Browse New Courses
|
|
| |
|
|
|
| |
| |
|
|
|
|