Microsoft puts security into developer curriculum

Last month, Microsoft started beefing up its security coverage in the developer side of its certification exams. Both of the two new exams aim squarely at developer knowledge about implementing application security for Microsoft's two primary programming languages (VB and C#) and its primary development environment (.NET):


    Requires Free Membership to View

Exam 70-330: Implementing Security for Applications with Microsoft Visual Basic .NET

* Exam 70-340: Implementing Security for Applications with Microsoft Visual C#

The exams are scheduled to go into beta from late April through early May (the MS Web pages say "April 2004" but Pearson VUE Web pages say "April 21 through May 5"). In keeping with Microsoft's usual numbering scheme for beta exams, the current exam numbers show up as 71-330 and 71-340.

These exams look pretty intense -- at least, in their beta versions. Microsoft recommends that candidates have three or more years of relevant developer experience "developing n-tier applications" and "at least one year of experience using Visual Studio .NET 2003, including ASP.NET and ADO.NET." Likewise, candidates should have experience in developing both Windows- and Web-based applications "from start to finish." These represent some of the strongest background requirements I've seen for any of Microsoft's developer exams! As usual, passing either exam confers MCP status on those who pass, and each of the two exams applies to either the MCAD or the MCSD for Microsoft .NET certifications. The beta exams are slated to occupy four-hour time slots.

Each of the exams is backed up by no less than three instructor-led courses from the Microsoft curriculum:

* Course 2300: Developing Security-Enhanced Web Applications

* Course 2350: Developing and Deploying Secure Microsoft .NET Framework Applications

* Course 2805: Security Seminar for Developers

The exam objectives are also pretty demanding and focus on best security practices in application development, building security-enhanced .NET applications, configuring application security using the .NET framework and OS tools, and stabilizing and releasing applications to minimize security risks.

All in all, this represents a major thrust into applications security on Microsoft's part -- hopefully, one that will help to support and enable more secure applications from the company itself and those who use its programming languages and development environments. With another security element or two on the developer side of Microsoft's exam slate, can MCAD: Security and MCSD: Security specializations be too far behind? One wonders!

Ed Tittel is a long-time certification follower. He's series editor for Exam Cram 2, a popular assembly of cert prep books from Que Publishing, and a contributing editor for Certification Magazine. He also covers certification topics for InformIT.com, and numerous other TechTarget Web sites.

This was first published in March 2004

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.