EC-COUNCIL Certified Application Security Engineer (.NET)
The ECSP.Net course will be invaluable to software developers and programmers alike to code and develop highly secure applications and web applications. This is done throughout the software life cycle that involves designing, implementing, and deployment of applications. .Net is widely used by organizations as a leading framework to build web applications. ECSP.Net teaches developers how to identify security flaws and implement security countermeasures throughout the software development life cycle to improve the overall quality of products and applications. EC-Council Certified Secure Programmer lays the foundation required by all application developers and development organizations to produce with greater stability and fewer security risks to the consumer. The Certified Secure Programmer standardizes the knowledge base for application development by incorporating the best practices followed by experienced experts in the various domains. This course is built with tons of labs peppered throughout the three days of training, offering participants critical hands on time to fully grasp the new techniques and strategies in secure programming. Course Objectives This course
Voor wie
Programma
Students in this course will acquire knowledge in the following areas:
- .Net framework security features and various secure coding principles
- .Net framework run time security model, role-based security, code access security (CAS), and class libraries security
- Various validation controls, mitigation techniques for validation control vulnerabilities, defensive techniques for SQL injection attacks, and output encoding to prevent input validation attacks
- Defensive techniques against session attacks, cookie security, and View State security
- Mitigating vulnerabilities in class level exception handling, managing unhandled errors, and implementing windows log security against various attacks
- Defensive techniques against path traversal attacks and defensive techniques against canonicalization attack and file ACLs
- Mitigating vulnerabilities in machine config files, mitigating the vulnerabilities in app config files, and security code review approaches
The importance of secure programmers and certified secure programmers, the career path of secure programmers, and the essential skill set of secure programmers
Module 01: Introduction to .NET Application Security
Module 02: .NET Framework Security
Module 03: Input Validation and Output Encoding
Module 04: .NET Authorization and Authentication
Module 05: Secure Session and State Management
Module 06: .NET Cryptography
Module 07: .NET Error Handling, Auditing, and Logging
Module 08: .NET Secure File Handling
Module 09: .NET Configuration Management and Secure Code Review
Voorkennis
You must be well-versed with .NET programming language.
Examen
Passing Score: 70%
Test Duration: 2 Hours
Test Format: Multiple Choice
Test Delivery: EC-Council Exam Center
Exam Prefix: 312-93