IT Skills     Software Design and Development     Programming Practices     Secure Programming

---

Discover how to protect your applications from attacks and bad data! During this course, you'll learn how to identify and defend your C#+ applications from potential risks and control user input to reduce the possibility of bad data entry. Topics include how to address potential UI application risks, such as buffer overflows, code injection attacks, formatted string attacks, and DLL hijacks. Next, specify how to handle bad data in your C# applications, and learn how to constrain user input to keep out malicious entries that can break your code. From there, you will learn how to validate user input through regular expressions, and write effective exception handlers. Finally, as a review exercise, you will create a C#/ASP.NET application that runs a contact page that applies defensive code and requires validated user input.

---

---

Objectives

Risks in C/C++ Applications start the course identify potential risks to C# UI applications describe what buffer overflows are and how to limit their impact recall how to prevent buffer overflows in C# applications Defense against Attacks describe what code injection attacks are and how to mitigate them in C# applications identify how to prevent formatted string vulnerabilities recognize how to prevent DLL hijacking in C# applications use exceptions in C# applications User Input specify how to handle bad data in your C# applications work with regular expressions to help with input validation recognize how to constrain user input to prevent the input of bad data Practice: Defense and User Input use defensive coding techniques to handle user input