Summary
The focus of this drill is to enable the user to work with various areas of authorization and authentication in the application. Partially-trusted code is also dealt with, as well how to monitor the health of your ASP.NET application and how to implement security events.
Audience
This Drill is for developers who want to be able to use techniques to secure vulnerable sections and monitor the health of their ASP.NET 2.0 applications.
What you'll learn
After taking this Drill, you will be able to encrypt vulnerable sections of an application where data such as database connection strings are stored using members of the DPAPI. You will also be able to restrict access to sensitive file and folders using a combination of Windows authentication and URL authorization. You will have the skills to enable a partially-trusted application to access secure operations. You will also be able to extend the security of your application by adding pre- and post-processing to incoming HTTP requests, and track security-related web events using health
monitoring and instrumentation features.
What you need to know
We assume that you’re already familiar with the concepts of programming and you’ve some experience with Visual Studio 2005. For this particular Drill, you’ll also need to be comfortable with Visual C# or Visual Basic syntax and HTML. Although not essential, experience in object-oriented development, server page technology, and basic knowledge of SQL Server would also be useful.