70-340
Implementing Security for Applications with Microsoft Visual C# .NET
This certification exam measures your ability to implement code using methods to minimize security risks and take advantage of the security funtionality built into the .NET Framework.
10 things to practice for 40-340 exam
- Write code that uses declarative and imperative permission requests and then experiment to see exactly what the code does when the requested permissions are withheld.
- Use the .NET Framework Configuration Tool to create code groups and permission sets and manage the permission set for individual assemblies.
- Set up an ASP.NET application that retrieves data from SQL Server. Configure it to work with user accounts through impersonation, or with the ASP.NET account and no impersonation.
- Use the sn.exe tool to create a key pair file, to extract the public key and to implement delay signing of an assembly.
- Write code that encrypts and decrypts data using symmetric encryption. Rewrite the code to use asymmetric encryption.
- Use the makecert.exe tool to create a test X.509 certificate, and use that certificate to sign data in a test application.
- Use the permview.exe tool to analyze the code access permissions of an assembly.
- Use entries in the AssemblyInfo.vb or assemblyinfo.cs file to apply a strong name to an assembly. Open the assembly in a hex editor and change some data, then check to make sure that .NET won’t run the altered assembly.
- Modify a web.config file to prevent specified users from viewing a particular file.
- Configure an ASP.NET site to use SSL security.
