Module 1: Introduction to .NET Framework Security and Deployment

This module introduces concepts and terminology, including a working definition of assembly, that are related to security and deployment in the Microsoft .NET Framework.

Lessons

• Introduction to .NET Assemblies
• Overview of Security Measures
• Overview of Deployment Concepts

After completing this module, students will be able to:

Module 2: Viewing Metadata and Using Reflection

This module discusses metadata as it applies to assemblies and types. Reading metadata in Microsoft intermediate language (MSIL) code enables you to understand and troubleshoot assembly and type references. This module also discusses techniques for programmatically accessing metadata by using reflection.

Lessons

• Viewing Metadata
• Using Reflection

After completing this module, students will be able to:

Module 3: Secure Coding and Type-Safety Verification

This module provides an overview of security, discusses some design and coding techniques that enhance security, and then explains why type-safety verification is the cornerstone of Microsoft .NET Framework security.

Lessons

• Security Basics
• Creating and Using a Threat Model
• Type-Safety Verification

After completing this module, students will be able to:

Module 4: Cryptography and Digital Signing

This module discusses cryptography and digital signing. These technologies involve the protection of data and code. You can encrypt data to prevent unauthorized users from viewing it, and you can sign both data and code to prevent tampering and to identify the sender. The Microsoft .NET Framework provides extensive support for cryptography and data signing.

Lessons

• Cryptography and Signing Basics
• Encrypting and Decrypting Data with a Symmetric Algorithm
• Encrypting, Decrypting, and Signing Data with an Asymmetric Algorithm
• Signing Code

Lab: Encrypting and Decrypting Text with a Password

• Generate a key for a symmetric algorithm from a password and a random number.
• Encrypt data by using a symmetric algorithm.
• Decrypt data by using a symmetric algorithm.

After completing this module, students will be able to:

Module 5: Code Access Security

This module discusses code access security. This feature of the .NET Framework allows the developer and the systems administrator to exercise precise control over the resources that code is given permission to access. You can use tools and classes that are provided with the Microsoft .NET Framework to view and modify how code access security is implemented in your application.

Lessons

• Overview of Code Access Security
• Modifying Security Policy
• Security Operations Basics
• Performing Imperative Security Operations
• Performing Declarative Security Operations
• Adding Permission Requests

Lab: Using Code Access Security

• Perform demand and assert operations by using imperative code access security.
• Add minimum and optional permission requests to an assembly.

After completing this module, students will be able to:

Module 6: Role-Based Security

This module discusses programming techniques for implementing role-based security by using the Microsoft .NET Framework.

Lessons

• Role-Based Security Basics
• Role-Based Security with Principal and Identity Objects
• Role-Based Security with Permission Objects

Lab: Role-Based Security

• Perform a role-based security check by using a principal object
• Perform a role-based security check by using a permission object
• Perform a role-based security check by using a permission attribute

After completing this module, students will be able to:

Module 7: Isolated Storage

This module discusses isolated storage, what it is, the advantages of using it, and how to use it.

Lessons

• Isolated Storage Basics
• Using Isolated Storage

After completing this module, students will be able to:

Module 8: Creating an Assembly

This module describes why and how to deploy an assembly either as a single file or as multiple files. It then describes why and how to deploy an assembly privately or as a shared assembly.

Lessons

• Creating Single-File and Multifile Assemblies
• Creating Privately Deployed and Shared Assemblies

After completing this module, students will be able to:

Module 9: Deploying .NET Framework Applications

This module discusses specific reasons for using each deployment option. It also describes how to create deployment projects and how to customize deployment.

Lessons

• Overview of Deployment
• Creating a Setup Project

After completing this module, students will be able to:

Module 10: Assembly Binding and Configuration

This module covers how to configure assembly binding by using the Microsoft .NET Framework. The ability to manage assembly binding allows you to perform the following deployment tasks:

Lessons

• Versioning and Assembly Binding Basics
• Configuration File Syntax
• Creating Policy Configuration Files

After completing this module, students will be able to: