Re: Advise on next exam ????
- From: "Joseph Bittman MVP MCSD" <RyanBittman@xxxxxxx>
- Date: Thu, 2 Mar 2006 11:40:09 -0800
March 2, 2006
There is the entire book of Improving Web Application security for free
online:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/ThreatCounter.asp
As a lot of it doesn't completely relate to the exam, I suggest you study
the areas on items such as CAS, Authenticode signing, Strong Naming, etc.
Try to familiarize yourself with which type of signing you should use in
different situations. That will be especially helpful.
I don't really know of any quick online refreshers, or offline for that
matter. One item you should know, are the main (or as much as you can
remember) flags/parameters of Sn.exe. Try to also know how to use
CSPcontainers - definitely helpful to write a quick program to experiment
with this topic.
Review methods for such items like file canoncialization (however you spell
that <g>) using Server.MapPath and items such as Server.HTMLEncode/Decode.
Definitely familiarize yourself with best practices of using parameterized
stored procedures instead of dynamic sql queries. I think that would pretty
much sum most of what you need to know... besides the encryption classes
which aren't real quick things you can learn. Mainly, know what type of
encryption you should have and what the differences are between Hashes,
MACs, HMACs, public/private | symmetric/asymmetric encryption.
:-) I probably listed a lot, but pretty much all of this can be found in a
few chapters of that online book. Hope it helps!!
--
Joseph Bittman
Microsoft Certified Solution Developer
Microsoft Most Valuable Professional -- DPM
Blog/Web Site: http://71.39.42.23/
"Lydon Bergin" <lydonbergin@xxxxxxxxx> wrote in message
news:uMZLcrgPGHA.420@xxxxxxxxxxxxxxxxxxxxxxx
Hey Joseph,
Could you point me towards a good place online that I could find some
good study material for the security exam? I am thinking about taking it
next Friday, I just need a quick little overview of the concepts and maybe
some sample questions. I am willing to shell out the money, Time is the
only factor for me.
"Joseph Bittman MVP MCSD" <RyanBittman@xxxxxxx> wrote in message
news:OCHCLXZPGHA.3924@xxxxxxxxxxxxxxxxxxxxxxx
Feb. 29, 2006
Hi... I actually found the security one to be the easiest of them all -
had very definite & specific answers (extremely clear questions) and
there wasn't any confusion and terms were defined very nicely.
70-310 I think was the hardest of the MCAD tests. From what I've heard,
the exam appears to concentrate on 1 or 2 subjects, and then be brief on
the other two... so some people have had heavy windows services - some
had heavy serviced components - but I haven't heard too much on the
actual web services... seems like the web service subject isn't covered
too much. - Just some observations from other people's feedback. Hope it
helps! :-)
--
Joseph Bittman
Microsoft Certified Solution Developer
Microsoft Most Valuable Professional -- DPM
Blog/Web Site: http://71.39.42.23/
"serge calderara" <sergecalderara@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:3FC5668D-0C6A-44D7-B38D-BF69DC63C3DF@xxxxxxxxxxxxxxxx
Thnaks for your reply joseph,
How hard do you feel that security exam compare to other ?
By the way I am going to attend my last exam for MCAD next week
(70-310), it
is clear that it covers what was learn in vb.net and SP.net exam except
served component, remote object and more details on web services.
How hard is that exam, did you get a lot of question on serviced
component
(not easy part, especially for testing it in real case) ?
thanks for your info
serge
"Joseph Bittman MVP MCSD" wrote:
Feb. 28, 2006
Definitely take the security!! All of what is covered on the security
exam
is going to become REQUIRED in the new generation of certifications --
therefore, you should know it now and gain the benefits of great
security
training. :) I've most definitely gotten great benefits from that exam,
and
SQL won't be required in the new certifications. It is either you learn
it
now or later - although sooner is much better than later. BTW, most
people
who are MCAD/MCSD already know most of the knowledge of SQL the average
Dev
needs... don't need a specific exam to state it, frankly.
Hope this helps! - P.S. The MSPRess training kit for the security exam
is
the best they have made so far -- also comes with like 300 practice
questions!!
--
Joseph Bittman
Microsoft Certified Solution Developer
Microsoft Most Valuable Professional -- DPM
Blog/Web Site: http://71.39.42.23/
"serge calderara" <sergecalderara@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:E3D1DD2B-FC70-4A95-870D-B7BE2C481068@xxxxxxxxxxxxxxxx
Dear all,
What is according to you the best path according to market , that I
should
take for my next exam for MCSD :
- Aplication security or SQL Server
It is clear that today you need to know a bit on SQL server for
programing
powerfull application but as I understand the new certificaton rules,
database exam will be more oriented for DBA's expert.
What is your opinion ?
thnaks for your reply
serge
.
- References:
- Re: Advise on next exam ????
- From: Joseph Bittman MVP MCSD
- Re: Advise on next exam ????
- From: Joseph Bittman MVP MCSD
- Re: Advise on next exam ????
- From: Lydon Bergin
- Re: Advise on next exam ????
- Prev by Date: Request: Need a utility or script to simulate audit success / audit failure / priviledge use on my Windows Domain - Ideally simulate using random users from AD
- Next by Date: Re: MCSD or MCPD
- Previous by thread: Re: Advise on next exam ????
- Next by thread: Re: Advise on next exam ????
- Index(es):
Relevant Pages
|
