Applies to : ASP. This set of tutorials gives you an overview of ASP. It also introduces WebMatrix, a tool for creating pages and sites. The tutorials take you from novice programmer through seeing your site live on the Internet. Topics include how to install Microsoft WebMatrix a set of tools for creating sites ; how to work with forms; how to display, add, update, and delete data; how to create a consistent site layout; and how to publish to the Web.
Project Silk provides guidance for building maintainable cross-browser web applications that are characterized by rich graphics, interactivity, and a responsive user interface, resulting in an immersive and engaging user experience. Project Silk also illustrates how you can take advantage of the fast JavaScript engines of the modern, standards-based web browsers to achieve a user experience and execution speeds that rivals desktop applications.
Microsoft Application Virtualization App-V 5. This guide provides background information about MBAM and describes how to install and use the product. Microsoft Diagnostics and Recovery Toolset DaRT 7 lets you diagnose and repair a computer that cannot be started or that has problems starting as expected. By using DaRT 7, you can recover end-user computers that have become unusable, diagnose probable causes of issues, and quickly repair unbootable or locked-out computers.
When it is necessary, you can also quickly restore important lost files and detect and remove malware, even when the computer is not online. By using DaRT 8. Microsoft User Experience Virtualization UE-V captures and centralizes application settings and Windows operating system settings for the user. These stored settings are then applied to the different computers that are accessed by the user, including desktops, notebooks, and virtual desktop infrastructure VDI sessions.
Looking for guidance specific to Windows 7 deployment? Check out what the industry's leading experts have to say in this free Microsoft Press eBook with selected chapters from the Windows 7 Resource Kit and TechNet Magazine.
PDF SSource content. Hilo comes with source code and documentation. Get a head start evaluating Windows 8. This guide introduces new features and capabilities, providing a practical, high-level overview for IT professionals ready to begin deployment planning now.
The guide comes with source code for Prism for the Windows Runtime, source code for the AdventureWorks Shopper product catalog and shopping cart reference implementation, and documentation. The PDF provides guidance on how to implement MVVM with navigation and app lifecycle management, validation, manage application data, implement controls, accessible and localizable pages, touch, search, tiles, and tile notifications.
It also provides guidance on testing your app and tuning its performance. PDF Source content Sample code. Our primary focus will be on applying these web technologies within the Windows 8 platform, where there are unique considerations, and not on exploring the details of those web technologies themselves.
In the meantime, enjoy this preview! PDF Companion files Source content. This guide provides an end-to-end walkthrough of how to create an advanced Windows Phone 7.
The guide can help you understand how to implement individual features for Windows Phone 7. After reading this book, you will be familiar with how to design and implement advanced applications for Windows Phone that take advantage of remote services to obtain and up-load data while providing a great user experience on the device. Get started building applications for Windows Phone 7—expertly guided by award-winning author Charles Petzold. NET Framework managed code sandbox, the phone emulator, sensors, and location.
As always, Charles brings a unique combination of pragmatism and authority to his instruction—along with an eminently readable style and a wealth of hands-on examples. Imagine a world where you don't have to worry about authentication.
Imagine instead that all requests to your application already include the information you need to make access control decisions and to personalize the application for the user.
In this world, your applications can trust another system component to securely provide user information, such as the user's name or email address, a manager's email address, or even a purchasing authorization limit.
Even if someone in charge of your company's security policy changes how users authenticate, you still get the information, and it's always in the same format. In this book, we focus on the new features and refinements in Windows Server R2. This book is targeted primarily at Windows server administrators who are responsible for hands-on deployment and day-to-day management of Windows-based servers for large organizations. Based on final Windows Server R2 release-to-manufacturing RTM software, this guide introduces new features and capabilities, with scenario-based advice on how the platform can meet the needs of your business.
Get the high-level overview you need to begin preparing your deployment now. Also included is an installation and operations guide for Windows Server Migration Tools, a set of five Windows PowerShell cmdlets that can be used to migrate some roles and features to Windows Server R2 or Windows Server This E-Book might not include the most up-to-date content about Windows Server migration, and is not guaranteed to be complete.
In this book, students will find a wealth of Microsoft resources they can use to identify the technology skills they need, and gather knowledge and experience to help them take charge of their careers. Office Office Exchange Server. Not an IT pro? United States English. Post an article. Microsoft Visio Quick Start Guide. Microsoft Word Quick Start Guide. Monitoring and protecting sensitive data in Office Office Licensing Brief. OneNote Keyboard Shortcuts.
OneNote Online Keyboard Shortcuts. Outlook Keyboard Shortcuts. Outlook Web App Keyboard Shortcuts. PowerPoint Online Keyboard Shortcuts. Project Keyboard Shortcuts. Publisher Keyboard Shortcuts. Security Incident Management in Microsoft Office Switching from Google Apps to Office for business. Tenant Isolation in Microsoft Office Visio Keyboard Shortcuts. Windows 10 Tips and Tricks. Word Keyboard Shortcuts.
Word Online Keyboard Shortcuts. Power BI. Ask, find, and act—harnessing the power of Cortana and Power BI. Getting started with the Power BI for Android app. How to plan capacity for embedded analytics with Power BI Premium. Introducing Microsoft Power BI.
Power BI mobile apps—enabling data analytics on the go. Propelling digital transformation in manufacturing operations with Power BI. PowerShell Integrated Scripting Environment 3. Windows PowerShell 3. Windows PowerShell 4. Windows PowerShell Web Access. December ZDNet b Evers, Joris. Computerworld Vijayan, Jimkumar.
Flake Flake, Halvar. Moore Moore, H. CNN Evers, Joris. Security Innovation Security Innovation, Inc. Microsoft Tech. Ed, Red Database Red Database Security. ZDNet c Espiner, Tom. Microsoft Microsoft Help and Support. Last Review: May November Gartner Pescatore, John. The same lack of an easy solution applies to software security.
But the industry suffers a huge security problem; everyone has security bugs, often very bad security bugs. The more formal defini- tion of the slogan, as expressed in the paper, is as follows:. Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone. Now before we start a religious debate, we want to explain something. Both authors have a deep respect for the open source software community; we both believe that opening source code is of value to some customers and users and that the ability to change code also has ben- efits for a few customers.
But the software produced by the open source community is not secure from attack, and it most certainly is not secure simply because the code can be reviewed by many people. Incentive to Review Code The author of this chapter Michael has worked with thousands of developers, teaching them how to review code and designs for security bugs.
He has also reviewed more code than he cares to remember. Given the choice of reviewing code for bugs—including security bugs—or working on the newest feature in an upcoming software product, developers will choose writing new code. Developers are creative, and creating new features is the epitome of inventiveness. Another reason for not wanting to review code is that the task is slow, tiresome, and boring. It is, of course, possible to review code more quickly than this, but the quality of the review might suffer.
We have seen evidence of the distinct lack of will to review code in the open source commu- nity. For example:. The promise of open source is that it enables many eyes to look at the code, but in reality, that doesn't happen.
Also, do not lose sight of a very simple maxim: the quality of code review—in other words, the ability to find real bugs versus finding false positives or missing bugs—is proportional to the code size under review.
More code to review means you must have even more knowledgeable and motivated people reviewing the code. All rights reserved. QueryString End If. This kind of bug can lead to numerous security issues. Critical Mass Next, the issue of critical mass: there must be enough knowledgeable people reviewing enough of the code often enough.
A bug that is not entered during the development process is a bug that does not need removing and that does not adversely affect customers. A goal of the Security Development Lifecycle SDL is to reduce the chance that someone will enter security bugs from the outset. It is an immature product and is less secure because of it. Apache 2. It may be new relative to Apache 1. The belief that, over time, open source code quality will improve is a pretty typical view in the open source community.
Following are some quotes from well-known open source security experts. Open source is not inherently more secure. There is a great deal of opinion—but no hard facts—to back up the claim.
A lack of motivation to review old code instead of developing new code and a lack of system- atic security training for developers and testers has helped create this reality, as well as a lack of discipline in the profession to exploit lessons learned and discovered vulnerabilities. Finally, numerous security bugs have existed in open source software for years, such as the following:.
Admittedly, closed source software security bugs can linger unseen for years. Until the development processes improve in the open source community, no major decrease in the staggering number of security bugs will occur. There is no evidence whatsoever that any of these methods create more secure software than another internal development method, judging by the number of security bugs fixed by commercial software companies such as IBM, Oracle, Sun, and Symantec each year that require customers to apply patches or change configurations.
Our collective experiences from SDL are that adopting processes and tools specifically focused on demonstrably reducing security and privacy vulnerabilities have provided consistent examples of case study evidence testifying to improved security quality.
There is information about TSP and security Over , but it lacks specifics and offers no hard data showing software is more secure because of TSP. Agile Development Methods Agile development methods Wikipedia such as Extreme Programming attempt to reduce the overall risk of a software development project by building software in very rapid iterations, often called timeboxes or sprints. These short turnarounds potentially allow for better customer feedback and interaction, time management, and schedule prediction.
Its goal is to allow users to define their security requirements, have developers spec- ify the security attributes of their products, and, finally, allow third-party evaluators to deter- mine whether the products meet the stated claims. Common Criteria does not define standards for quality of design or code quality.
Higher numbers mean more evaluation effort, time, and money. The highest assur- ance level, EAL7, specifies both. A higher EAL does not necessarily mean that a product is more secure—it just means that the product under evaluation called the Target of Evaluation, or TOE has been more extensively analyzed and evaluated.
Many people mistakenly associate CC with quality and therefore assume the software is resil- ient to attack. This is not true. Indeed, many products with CC certifications have had numer- ous successful attacks, including the following:. What CC does provide is evidence that security-related features perform as expected.
For example, if a product provides an access control mechanism to objects under its control, a CC evaluation would provide assurance that the monitor satisfies the documented claims describ- ing the protections to the protected objects.
The monitor might include some implementation security bugs, however, that could lead to a compromised system. No goal within CC ensures that the monitor is free of all implementation security bugs. Important Design specifications miss important security details that appear only in code. Summary Present software development methods lack in-depth security awareness, discipline, best practice, and rigor, and this is evidenced by the sheer quantity of security patches issued each year by all software vendors.
To remedy this, the industry must change its present engineering methods to build more secure software. References Brooks Brooks, Frederick P. Raymond Raymond, Eric S. Watchfire Watchfire Whitepapers. Howard Howard, Michael. October Burton Messmer, Ellen. Beale Gross, Grant. Over Over, James W. MSF Microsoft Corporation. Common Criteria Common Criteria Project. TechNet, This chapter describes the path that Microsoft followed in developing the Security Develop- ment Lifecycle SDL and offers a brief overview of the recent history and evolution of com- puter security practices.
Windows 95 was designed to connect to corporate networks that provided shared file and printer infra- structures and to connect to the Internet as a client system, but the primary focus of security efforts was the browser—and even there, the understanding of security needs was much differ- ent from what it is today. So Microsoft Windows NT 3. The core team that designed Windows NT largely came from Digital Equipment, where the team members had gained years of experi- ence and had successfully developed large time-sharing systems used in major enterprises.
They knew that any server or multiuser operating system would have to address security. See the following sidebar for more information. The higher levels of evaluation—Classes B2, B3, and A1—required high levels of modularity and structure at the design level, extensive documentation, and the implementation of an access control model that met the needs of defense and national security users.
By the late s, other governments, including those of Canada and several European countries, had begun the development of their own security evaluation criteria applica- ble to operating system software and to other classes of products.
Microsoft products have undergone numerous evaluations under a variety of evaluation regimes. Microsoft submitted Windows NT Versions 3. Other Microsoft products are undergoing evaluation as this book is being written. Although the basic design of Windows NT was structured similarly to a multiuser time-shar- ing system, by the time the system was widely deployed, it was used as a desktop client in applications that required a more robust operating system than Windows 95, and it was used as a file, print, or Internet server HTTP, FTP, DNS, DHCP, etc.
Windows NT was designed with a high degree of modularity and consideration for security, and the resulting system was relatively secure compared to other multiuser systems of its day.
However, as server applications gained in popularity, Windows NT quickly came face to face with the evolving threat environment of the Internet. New Threats, New Responses The mids saw the explosive growth of the Internet and, with it, the evolution of a new cottage industry specializing in discovering security vulnerabilities. In this early stage of research into the vulnerability of Internet software, the vulnerability finders, for the most part, confined themselves to demonstrations aimed at building credibility for their security product companies or consulting practices, although there were instances of hostile attacks as early as the dawn of the commercial Internet CERT Because it became evident that discovery and disclosure of software vulnerabilities would be a continuing feature of the Internet-connected world, Microsoft took multiple steps to deal with the new realities.
Prior to , Microsoft had taken an ad hoc approach to dealing with discoveries of software vulnerabilities. Individual product teams handled communications with vulnerability finders. In mid, Microsoft created its Security Response Team to centralize the process of dealing with software vulnerabilities. In parallel with the launch of the Security Response Team, Microsoft formed an internal Secu- rity Task Force to examine the underlying causes of vulnerabilities and to plot a course that could help to reduce vulnerabilities over time.
Some of its key components included these recommendations:. Windows and the Secure Windows Initiative The Security Task Force report coincided with the final stage of fixing bugs before the release of Windows However, it was clear that the value of the new security features could be put in jeopardy by a growing number of vulnerability reports.
The management of the Microsoft Windows divi- sion took three key steps to implement the recommendations of the report:. In the late s, PREfix could detect a few classes of stack-based buffer overruns by tracing the flow of input from an untrusted source to a stack buffer.
Although the PREfix technology that was applied to Windows made a positive contribution and led to the removal of some classes of secu- rity vulnerabilities, it took several years of additional development—and additional discovery of new classes of vulnerabilities in a partnership between Microsoft Research and the SWI team—to evolve the tool into a highly effective one for writing more secure code.
The penetration test team was assembled of experienced Microsoft developers and testers who had shown an interest in security and talent for finding security vulnerabilities.
The team reviewed the code of Windows components that they believed were security-critical or highly exposed to attack, found potential vulnerabilities, and filed bug reports to ensure that the bugs were fixed. The team was initially a small one—fewer than 10 engineers—and they devel- oped their approaches to finding vulnerabilities as they went, based on their own experience with the security of older systems and on the lessons learned from vulnerability reports to the Security Response Team.
The team established a good track record in the sense that many vul- nerabilities that were externally reported against Windows NT had already been found by the penetration team, fixed in the evolving Windows code base, and scheduled for correc- tion in an upcoming Windows NT service pack. The initial SWI team was chartered to work with product teams by reviewing component designs and code and making recommendations or filing bugs that would lead to improved security.
The limitation of this incarnation of the SWI team is obvious in retrospect—the team was too small to review all the Windows components. The determination by Windows division management to treat security as a ship-stopper issue constituted a visible management commitment to security. Windows was shipping to customers, and vulnerability reports continued to arrive at a growing pace as security researchers turned their attention to the new product version.
The SWI team of —, in particular, revisited its operational concept and recognized that it was simply not going to be possible for a small team to conduct sufficient design and code reviews to materially improve the security of the next Windows release. After consider- ing alternatives, the team made a fundamental change: SWI engineers would still be available to consult on specific security design and coding issues, but their focus would be on helping the engineers in product groups build more secure code.
Instead of fishing for security vulner- abilities on behalf of the product groups, the SWI team would teach them how to fish. The team would file bugs against vulnerabilities that had to be eliminated and areas where the component design should be made more resistant to attack. The Windows penetration team continued its code reviews, finding additional vulnerabilities and other issues and filing bugs to ensure that they were fixed.
PREfix is maintained and operated by a central team that scans an entire product code base periodically. PREfast is executed by individual developers before they check in their code. The Windows development organization continued its commitment to addressing security vulnerabilities when found, as evidenced by the fact that the Windows XP release was delayed to address a security bug in the handling of encryption keys discovered late in the develop- ment process.
Although the vulnerabilities exploited by Code Red and Nimda had been addressed by security updates released before the worms were launched, the worms affected significant numbers of customer systems. Trustworthy Computing was planned during late and launched with a January e-mail message from Bill Gates to all Microsoft employees Microsoft While Microsoft executives were working on the plans for the broad TwC effort, members of the SWI team were working with product groups to devise immediate steps that would improve the security of product versions nearing release.
This effort—the first case of an effort that would come to be known as a security push— lasted for about six weeks and ended when the rate of discovery of security vulnerabilities dropped so much that further searching was unproductive. The outcome of this work was that a number of security bugs were fixed and extra defensive methods were added to the CLR and Microsoft ASP. NET to compensate for any missed security bugs Paul and Evans The introduction of extra defensive methods led the SWI team to formalize the notion of mea- suring attack surface Attack Surface Analysis [ASA] and to advocate Attack Surface Reduc- tion ASR as a way of compensating for the fact that you can never get the code one hundred percent correct unless the code is trivially small in size.
Given the experience of the. NET Framework security push, the SWI team recommended that the management of the Windows division proceed with a similar security push focused on what was known at the time as Windows. At the time, Windows Server was in beta test and relatively close to its planned release date. This security push posed significant challenges: the Windows code base was roughly ten times larger than that of the. NET Framework, and it included legacy code unlike the.
NET Framework, which was a version 1 product and associated constraints to maintain compatibility with former Windows versions. The Windows division also employed an engineering staff more than five times as large as that of the Developer division, so even logistics for the security push posed a major challenge.
Despite the challenges, and spurred on by the TwC commitment, the Windows division pro- ceeded with its security push. The push began with training for more than 8, Windows division engineers in late January Two members of the SWI team author Michael Howard and his colleague David LeBlanc had recently completed the first edition of Writing Secure Code in an effort to make lessons learned by the SWI team widely available to engineers inside and outside of Microsoft, and copies of Writing Secure Code were issued to all engineers who attended the security push training Howard and LeBlanc Once the training was completed, the engineering staff turned to a series of activities planned by the SWI team and the Windows program management organization:.
Because PREfix and PREfast are extensible, the security push included iterative additions of code to these tools to enable them to detect new classes of potential vulnerabilities. The Windows security push was initially planned to take place through February As the scope of the work involved became clear, the duration of the push was extended through the end of March At the end of the push, many security bugs had been filed and many design changes were specified, including those affecting attack surface.
In the following months, Windows division engineers went on to fix the bugs and code and test the design changes. By late , Windows Server was largely ready to ship. The product was in the Release Candidate stage, which involves final testing by customers and the Microsoft IT organization.
Around that time, the Microsoft executive responsible for Windows Server development asked members of the SWI team how they felt about the outcome of the security push and the other work that had been done on the new release. To answer this seemingly simple question, the SWI team launched a series of actitivies, including a review of bugs that had been filed as security bugs, an evaluation of the server release in the context of externally discovered vulnerabilities affecting prior Windows versions and competing products, and penetration tests by SWI team members and outside contractors.
The activities undertaken to assess the security of Windows Server led the SWI team to the conclusion that the work of the security push had largely been successful, and that Win- dows Server was on track to set a new standard for Microsoft operating system security.
However, in reviewing the security of the Windows Server code base, the team discov- ered a few new classes of vulnerabilities which were fixed before the software was released and found that there were a few areas of the system where additional work would produce additional security benefits. They also determined that the browser component of Windows Internet Explorer needed significant security work before its security would be comparable to the rest of Windows Server More fundamental changes to improve the security of Internet Explorer without requiring configuration lockdown were undertaken for Windows XP Ser- vice Pack 2 and Windows Server Service Pack 1, and even more significant changes aimed at further improving security are reflected in Internet Explorer 7, the browser compo- nent of the forthcoming Windows Vista.
In addition to the browser changes, the Windows development team changed to a new com- piler that incorporated enhanced run-time detection of attempts to exploit buffer overruns. This was the second security-related compiler change for Windows Server —the first was made at the time of the Windows security push.
The discussions in this section have focused on the Windows security push and the activities taken to improve the security of Windows Server The initiation of Trustworthy Comput- ing in early , in fact, mobilized product groups across Microsoft and led to security pushes—and, in some cases, prerelease security reviews—for a number of products or product service packs.
In every case, the result of these efforts was improved security. In some cases, the improvements were especially dramatic. For exam- ple, Microsoft issued 16 security bulletins addressing vulnerabilities in SQL Server from its initial release in late through the release of Service Pack 3 in January In the sub- sequent three years, through March , Microsoft issued only three security bulletins related to SQL Server These efforts were effective, and the products shipped during this period showed reduced vulnerability rates, but the pro- cess that the SWI team followed was still ad hoc.
It was clear that the process was effective, but it was less clear what the process itself was! The focus of these meetings was to review the results achieved since the first security pushes and to revisit the require- ments that would have to be met to put in place a consistent and effective security engineering process.
These meetings culminated in a decision at high levels of the management at Microsoft to replace the ad hoc process of training, security pushes, and FSRs with a mandate declaring that essentially all Microsoft products must meet the requirements of a formally defined Security Development Lifecycle.
The SDL mandate applies to any software that meets these criteria:. This requirement is not met by software that interacts with the Internet only to update its code or databases by connecting to a Microsoft-operated Internet server.
The formal definition of the SDL—which has evolved into the process described in Part II of this book—proceeded in parallel with the series of meetings that established the SDL mandate and informed senior management across Microsoft of the existence of the mandate and its implications for product groups. The transition to SDL Version 2. The staffing of the SWI team grew significantly between January and June of to provide the level of effort needed to.
The SWI team has continued to grow since July as the process has evolved and the requirements of implementing it have become clearer. SDL Version 2. SDL Version 3. A Continuing Challenge This chapter has summarized the history of the SDL at Microsoft from earliest attempts to improve software security to a formally defined process that is supported by a relatively large staff and subject to regular updates.
We expect the discovery of new ways to attack software—and new classes of vulnerabilities—to go on forever. Peo- ple who try to build more secure software will continue their efforts by finding new ways to make software more resistant to attack and by developing tools and techniques that respond to new classes of attack when they are discovered. But better is not the same as perfect. We also know that new discoveries of classes of vulnerabilities will require new techniques and tools.
Karger Karger, P. Zurko, D. Bonin, A. Mason, and C. April Microsoft Microsoft Corporation. Writing Secure Code, 1st ed. Redmond, WA: Microsoft Press, Our major focus is the role of managers in making the SDL succeed: what the manager or executive must do to ensure that his or her team can build more secure software.
Another purpose of this chapter is to prepare the manager or executive to deal with the impact of the SDL on development projects: what kinds of resources will be required, what impact the SDL will have on costs and schedules, and how the manager should assess whether the project is on track to comply with SDL requirements. SDL is not free—it requires time, money, and the strong commitment of senior managers to prioritize security over other factors such as time to market and compatibility with older, less secure software versions.
The viability of the SDL within an organization such as Microsoft is intimately tied to the fact that each phase is necessary and contributes to improved product security.
If any phase were unimportant, the SDL team would have to remove or modify it or face a loss of credibility for.
Note Every task within SDL is there for a reason: it leads to more secure software. If any task were deemed ineffective, it would be removed from SDL. Still, executive commitment to the SDL process is the key factor for success. And the fact that the group and senior vice-presidents responsible for Microsoft Windows Server and other prod- ucts decided to stop development and delay schedules in order to conduct security pushes and complete Final Security Reviews told everyone concerned that Microsoft was willing to do what was necessary—in terms of longer product schedules and extra staff effort—for improved security.
Of course, shipping on time is extremely important at Microsoft and in most other software companies , so this was a very significant change and one that managers might be expected to resist. The commitment of the most senior executives in the company to delaying products as needed to improve security told all concerned that Trustworthy Com- puting was a reality and not just a slogan. And executive support for the SDL has been the key factor in making the process successful and effective.
To lead effectively at Microsoft, managers must understand and get involved in the issues and challenges that confront their organizations. This means that managers must understand the security problems that their products pose and commit to resolving those problems.
Chapter 4: SDL for Management Although the costs of patch development were not great in absolute terms, the frequent need to divert developers to patching made development schedules less predictable— and conveyed to teams and their managers the dimensions of the security challenge.
Not only is it more efficient to build watertight boats than to divert the shipwrights to plugging leaks, but the customers are much happier with the results.
Platform products—operating systems, database systems, e-mail and collaboration servers—obviously fall into this category because they must protect the confidentiality and integrity of user data and because the computing resource provided by the platform must remain available even in the face of hostile attack.
But security is equally vital in other kinds of products, including e-commerce Web applications and many of the line-of-business applications that are used within organizations where sensitive data must be handled and not all users are equally trusted or authorized.
Many applications developed by government contractors handle sensitive information, which demands stringent security measures. Although the security of these applications could be circumvented if the underlying platform were insecure, attackers will target the applications themselves if security measures at the platform level make attacks there costly or infeasible.
The extent of the challenge that any particular software product or package faces depends on how exposed the software is to potential threats and on the value of the information that it is used to process.
Privacy Policy. New eBooks. Search Engine. Designed for experienced developers ready to advance their status, Exam Ref focuses on the critical-thinking and decision-making acumen needed for success at the Microsoft Specialist level. Focus on the expertise measured by these objectives: Implement and manipulate document structures and objects Implement program flow Access and secure data Use CSS3 in applications This Microsoft Exam Ref: Organizes its coverage by exam objectives.
Features strategic, what-if scenarios to challenge you.
0コメント