0845 757 3888 · info@xpertise.co.uk

On-line training course catalogue

Clinic 2807: Microsoft Security Guidance Training for Developers II

Type of course: Classroom

Course details
Fee£350
Days1
Course code MS2807


We currently do not have public dates scheduled for this course.
If you have a requirement for this course, please contact us for the latest course information.

Print this page | Download as Word document |

Overview

Please note : this course is due to retire from the Microsoft Library with effect 1st October 2008.

This one-day instructor-led clinic discusses a wide variety of security concerns that software developers face when building applications. Each session of this clinic presents a different set of security concerns, and provides best practices and techniques to help reduce vulnerabilities associated with security concerns. The sessions in this clinic specifically examine security concerns in the application development life cycle, intranet solution development, improving security for external-facing applications, and building software solutions for Microsoft Windows Mobile environments.

This clinic is intended for developers with experience using current .NET development languages and Microsoft Visual Studio .NET as their development environment. Most developers in this audience will have at least one to two years of experience.

Prerequisites

Before attending this clinic, students must have:

  • Experience designing, developing, or testing in a Microsoft Windows environment.
  • Development experience with Microsoft Visual Basic, Visual C++, or Visual C#.

Delegates will learn how to

Apply best practices to build security into the design, development, testing, and deployment and maintenance phases of the software development life cycle. This includes:

  • Describing a common development life cycle.
  • Describing ways to build security into the design phase and describing best practices for applying security in the design phase.
  • Describing ways to build security into the development phase and describing coding guidelines for applying security into the development phase.
  • Describing ways to build security into the testing phase.
  • Describing ways to build security into the deployment and maintenance phase.

Apply security best practices and enhancements throughout intranet solutions development. This includes:

  • Describing security threats that apply to intranet applications.
  • Applying the Microsoft .NET Framework application programming interfaces (APIs) for data encryption.
  • Describing the process for designing an application access-management strategy.
  • Describing the authentication options for intranet applications.
  • Describing the authorization options for intranet applications.

Apply security best practices and enhancements to Internet and extranet solutions. This includes:

  • Describing common security threats to Internet applications.
  • Describing the two common mechanisms for securing communication: virtual private networking (VPN) and Secure Sockets Layer (SSL).
  • Choosing an appropriate authentication mechanism for your application.
  • Describing the process of forms-based authentication.
  • Describing the security specifications for Web services.

Apply mobile device security best practices when building software solutions for Windows Mobile environments. This includes:

  • Describing security threats to mobile applications.
  • Describing device security best practices.
  • Describing the mobile security architecture for connected applications.
  • Describing strategies for security communication in mobile devices.
  • Encrypting data on a mobile device.

Course Outline

Session 1: Implementing Security in the Development Lifecycle

  • Building Security into the Development Life Cycle
  • Building Security into the Design Phase
  • Building Security into the Development Phase
  • Building Security into the Testing Phase
  • Building Security into the Deployment and Maintenance Phase

Session 2: Developing More Secure Intranet Solutions

  • Introduction to Security for Intranet Applications
  • Data Security Fundamentals
  • Managing Identities
  • Authenticating Identities in Intranet Applications
  • Authorizing Identities in Intranet Applications

Session 3: Developing More Secure Internet Solutions

  • Introduction to Security for Internet Applications
  • Securing Communication
  • Managing Identity
  • Authenticating with Forms
  • Securing Web Services

Xpertise – Clinic 2807: Microsoft Security Guidance Training for Developers II training courses

Xpertise provides Clinic 2807: Microsoft Security Guidance Training for Developers II training courses from 7 UK locations: in Altrincham Manchester, Hinckley East Midlands, Leeds Yorkshire, London King William Street, Maidenhead Berkshire, Malmesbury Wiltshire and Washington Tyne & Wear – and at 44 partner locations nationwide.


Xpertise Training reserves the right to improve the specification and format of its courses for the benefit of its customers without notice to the customer.