Darrell Norton's Blog [MVP]

Fill in description here...

Beta exam 70-340

I’m all signed up for the 70-340 beta exam (numbered 71-340 in beta), Implementing Security for Applications with Microsoft Visual C# .NET. I take it Friday, April 23. This should be quite the challenge. The only references listed are to Writing Secure Code, 2^nd ed. and the Improving Web Application Security: Threats and Countermeasures patterns and practices guide.

One good resource I have found is Jason Row’s 70-330 Study Guide. Although it is VB-centric, it’s all applicable to C# (with maybe minor code syntax changes).

Published Apr 11 2004, 07:30 PM by darrell

Comments

Grant said:

Yah, this should be an interesting exam to prep for. I'm wondering if they'll mix theory with practical applications and code, or query the basics like if you know what Code Access Security is and can spell PermView.exe?

# April 12, 2004 5:23 AM

Darrell said:

Grant - I hope the former, and I have seen improvements to the tests lately, so there's hope. We will see shortly!

# April 12, 2004 5:37 AM

Grant Killian said:

70-340 Webcast Prep Material

# April 14, 2004 7:07 AM

Mack D. Male said:

I would be interested to see what you think about the exam, I hope it is in-depth enough for a topic like security!

# April 16, 2004 10:56 AM

Darrell said:

Mack - I hope so too! I think it would help Microsoft's image and help developers too if the test was reasonably difficult and practical.

Then I would like to see a "Security" designation for the cert as well. Such as, if you have your MCAD, and then take this test in addition, you have your MCAD + Security.

# April 17, 2004 3:24 AM

Sander said:

How was the exam? I'm taking it monday, so I'm interested in your thoughts about this one. No questions of course, just whether the preparation was adequate.

# April 23, 2004 10:16 PM

Darrell said:

Sander - whoops, I rescheduled! I'm taking it Friday, April 30. Sorry I can't help more! :)

# April 24, 2004 4:10 AM

Sander said:

Ah.. well, then you'll see my comments which may help you. I'm reading .NET Framework Security (LaMacchia, Lange, et al) to prepare.

# April 24, 2004 9:11 AM

Darrell said:

Sander - excellent! I should probably pick up that book too.

# April 24, 2004 9:13 AM

Gaupen said:

I'm taking the test on monday, 3rd of May. I've made my own "Code Clinic" reading list here: http://www.geocities.com/gaupen/NETSecurity.htm. I've read most of the stuff in addition to reading Writing Secure Code 2nd Ed. Here's some comments from one who took the test: http://www.adtmag.com/article.asp?id=9356.

# April 30, 2004 8:26 AM

Darrell said:

Gaupen - nice resources!

# April 30, 2004 8:30 AM

Jason Row said:

Gaupen, if you check back here, drop me a note as I would like to add your site as a resource in my Study Guide.

# May 7, 2004 1:21 PM

Tom said:

I just passed the official 70-340 Exam by a whisker. It requires you to know common attacks such as SQL Command Text Injection, Attacks due to improper Canonicalization, etc. Now I'm an MCSD .NET. The testing center says I'm one of the youngest in my country (India) to pass it (I'm 12). I read all the three references and thry all help but MSDN Magazine Articles are invaluable and you better be good with the complete System.Security namespace.

Tom, (tom@buct@gmal.com - replace first @ with a and make gmal, gmail)

Bangalore,
India.

# January 2, 2005 8:17 PM