In this course you’ll explore a wide range of security threats and a variety of features in MVC that help you protect against them. We’ll start with a discussion of critical security concepts, then look at some of the differences between Web Forms and MVC applications from a security perspective. Then you’ll learn various techniques you can use to protect the integrity of application data, including how you can encrypt configuration file sections, use SSL for various security purposes, and hash passwords for storage. I’ll finish up the course by looking at various serious threats that MVC applications face, and explore some of the options available for protecting against them.
Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.
This course assumes that you are familiar and experienced with Microsoft’s .NET Framework and ASP.NET development tools. You should be familiar with Web development and understand how HTTP and HTML work to produce Web pages for the user. You should have experience writing applications with ASP.NET 4.0 or later Web forms, and be familiar with how ASP.NET processes page requests, and have strong experience with .NET Framework 4.0 or later programming. You should have experience with Visual Studio 2012 for building Web application projects. Experience with building database applications using these tools will be helpful, although not strictly necessary.
Meet the expert
Don Kiely is a featured instructor on many of our SQL Server and Visual Studio courses. He is a nationally recognized author, instructor, and consultant specializing in Microsoft technologies. Don has many years of teaching experience, is the author or co-author of several programming books, and has spoken at many industry conferences and user groups. In addition, Don is a consultant for a variety of companies that develop distributed applications for public and private organizations.
Time to complete
MVC Security Concepts (22:16)
Encrypting Configuration Files (17:57)
Secure Communication (29:10)
Hashing Passwords (16:23)
Cross Site Scripting (16:47)
SQL Injection (17:59)
Cross Site Request Forgeries (32:50)