Not only all you need for preperation are inside the book but it is a very well organized book comparing to similar ones.

Not only all you need for preperation are inside the book but it is a very well organized book comparing to similar ones.

Of about a dozen MS Press training kits I have used, this is the first one to be comprehensive--and better yet, authoritative. For the first time, I used ONLY the training kit when preparing for the exam. For all other exams, I had to additionally reference MSDN, TechNet, etc. Two reasons why this book is great:

1. It is obvious early on in the book that the author, Tony Northrup, knows his stuff. You cannot say that about a majority of exam prep books, where it looks like they just copy and paste exam objectives from Microsoft's site and get diarrhea of the mouth for a few paragraphs per objective.

He was also kind enough to sprinkle throughout the book dozens of surprisingly useful tips for the exam and real world security issues. Another few books like this, and Tony Northrup just might surpass Dino Esposito and Michael Howard as my favorite authors.

2. The accompanying CD is MUCH more useful than the other training kits I have used--it has about 300 questions broken down by objective. It is not just a trial version of a MeasureUp test, and in my opinion, the questions were harder than the actual 70-340 exam.

The only two things I was not too crazy about were quite trivial: the page numbers were annoyingly chapter-based (i.e. 3-25, 5-24, etc); and the trial version of VS 2003 can only be installed once, so that will hurt resale value if used.

The bottom line is that this book does more than enough to prepare you for exams 70-330 and/or 70-340. I will definitely buy more Tony Northrup titles in the future.

Sorry for any harsh comments. But the book is so confusing explaining even simple concepts. I got frustrated when he tries to beat around the bush to explain STRONG NAMES.

I wish there was a Amit Kalani for 70-340.

For that matter, I am not having good experience with any of the Microsoft Press books on .NET

Sorry for any harsh comments. But the book is so confusing explaining even simple concepts. I got frustrated when he tries to beat around the bush to explain STRONG NAMES.

I wish there was a Amit Kalani for 70-340.

For that matter, I am not having good experience with any of the Microsoft Press books on .NET

This will be the book that you must have if you are a newcomer in .NET Security. The explanations are clear, supported by the author's own experience in the field. Also, the code is easy to follow and straightforward.
Overall, a very good book to read on .NET Security.

I just passed the exam 70-340, and this was the book I used in the last 2 weeks.

If you know how to program against .NET but don't know much about .NET security, this is really an excellent textbook and/or a reference book for you. It is written by one who knows the stuff and who knows how to explain tough stuff in plain English. It can certainly get you painlessly started on .NET security right away. I dealt with .NET security in the last 2 years the very hard way. I wish I had read such a book 2 years ago. (Well, on other hand, a book is just a book. It can't substitute real-world experience. Take myself for example, my knowledge on most topics other than CAS and WSE has probably already gone well beyond what the book covers, but I still don't think I do know .NET security very well. I'm no expert on security. So don't expect it will make you a security expert if you are not one yet, though a book like this one can make your road to being a security expert shorter and less painful)

As for passing the exam, I don't know for sure if the book alone is enough. I mean, you'll need intimate knowledge about Windows and how to program .NET before you can truly digest many topics covered in the book - remoting is a good example. The book is very easy to read and understand as long as you have the stated prerequisites (unlike in many other books, the prerequisites stated in this book are very accurate). If you understand the book, you should have little trouble passing the exam - anyway, the exam is designed for anyone who is knowledgeable on .NET security to pass. The book comes with 300 mock test questions - pretty hard to me, and I feel they are much harder than the exam questions I answered moments ago. I only had time to go over about 100 such questions. If you understand the book and also do very well with those questions, passing the exam should be guaranteed!

Despite a well-written book, it has some typos. Its definition of "collusion" contradicts what I learned of the word when studying monopoly as a graduate in economics. Due to the quality of the book, however, the typos can be safely ignored.

I rate the book 5-star without the least hesitation.

I just passed the exam 70-340, and this was the book I used in the last 2 weeks.

If you know how to program against .NET but don't know much about .NET security, this is really an excellent textbook and/or a reference book for you. It is written by one who knows the stuff and who knows how to explain tough stuff in plain English. It can certainly get you painlessly started on .NET security right away. I dealt with .NET security in the last 2 years the very hard way. I wish I had read such a book 2 years ago. (Well, on other hand, a book is just a book. It can't substitute real-world experience. Take myself for example, my knowledge on most topics other than CAS and WSE has probably already gone well beyond what the book covers, but I still don't think I do know .NET security very well. I'm no expert on security. So don't expect it will make you a security expert if you are not one yet, though a book like this one can make your road to being a security expert shorter and less painful)

As for passing the exam, I don't know for sure if the book alone is enough. I mean, you'll need intimate knowledge about Windows and how to program .NET before you can truly digest many topics covered in the book - remoting is a good example. The book is very easy to read and understand as long as you have the stated prerequisites (unlike in many other books, the prerequisites stated in this book are very accurate). If you understand the book, you should have little trouble passing the exam - anyway, the exam is designed for anyone who is knowledgeable on .NET security to pass. The book comes with 300 mock test questions - pretty hard to me, and I feel they are much harder than the exam questions I answered moments ago. I only had time to go over about 100 such questions. If you understand the book and also do very well with those questions, passing the exam should be guaranteed!

Despite a well-written book, it has some typos. Its definition of "collusion" contradicts what I learned of the word when studying monopoly as a graduate in economics. Due to the quality of the book, however, the typos can be safely ignored.

I rate the book 5-star without the least hesitation.

This book is wonderfull. Particularly this Self-Paced Training Kit on "Implementing Security for Applications with Microsoft Visual Basic .NET and Microsoft Visual C# .NET" is simply fantastic. I haven't seen many people going for this exam, as everyone goes for sql server exam. I dont know what people think about other Self-Paced Training Kit titles. But my serious advice to all of you who want to give certification exam in "Implementing Security for Applications with Microsoft Visual Basic .NET and Microsoft Visual C# .NET" is go for this book. This book is really good.

Having gone through 5 of their self-paced study books, I find this to be one of the better ones. The text is infomative and easy to read but the place where you'll learn much more information and become prepared for the exam is in the practice exam of 300 questions. Do go over all 300 questions, at least once, and you'll pass the test. In the practice exam study mode they include lots of information not covered specifically in the book. Most of the coded examples in the book were easy to run, though some worked only after tinkering with the operating system environment to turn on necessary security features.

I'd rate this five, but let's face it, it's only a 4 star book.

Having gone through 5 of their self-paced study books, I find this to be one of the better ones. The text is infomative and easy to read but the place where you'll learn much more information and become prepared for the exam is in the practice exam of 300 questions. Do go over all 300 questions, at least once, and you'll pass the test. In the practice exam study mode they include lots of information not covered specifically in the book. Most of the coded examples in the book were easy to run, though some worked only after tinkering with the operating system environment to turn on necessary security features.

I'd rate this five, but let's face it, it's only a 4 star book.

After a few rather shoddy Microsoft Press certification titles, this is a definite improvement! The book provides a good overview over various Security-related areas, eg Role Based Security, Code Access Security, Symmetric and Asymmetric encryption, digital signing, etc.
The testing software is excellent, it even provides links to MSDN articles for further reading (this, too, so much better than what Microsoft used to have). If you manage to pass the test exam with its 60 questions in 90 minutes, you'll be fit enough to pass the test (30 questions in 150 minutes - with questions pretty similar to the ones that came with the book).
Good luck!

The book touches on all areas that one has to learn in order to pass the test. But it is a guide, not a comprehensive learning resource. So after I read each chapter, I sat down at the computer and practiced. While doing so, I found myself referencing the online Visual Studio .NET documentation. Once done with the book, I took the sample exam. I did all of the 300 questions and I made sure I understood each one. Again, I practiced and I read documents online. There is a lot to know about security. The book and the test kept me focused on the information I needed to know about the test. I often purchase and use a Transcender test in addtion to reading a book, but this time around that was not needed. Now that the test is done, I'll be keeping this book on the shelf and ... coding a little safer :-)

This is an excellent book for learning application security concepts. This book teaches the basics on security best practices as well as implementation details. Although it focuses on .Net implementation details, this is a great book for any security profressional, because the concepts can be extended to any development platform.

However, I wouldn't recommend this as your only reference for preparing for the exam. The 70-340 exam is extremely difficult; you will need multiple references to prepare for the exam.

If you are programming any web/windows application in .NET, this book is a must read. From beginning to end it's an excellent read and a great resource for the newest exam in MCSD/MCAD track: 70-330 and 70-340.

Author's writing style makes you forget that you are reading pretty intensive topics.

I am coming back to this book again and again to find ways to make my code more secure. This is a must buy for anyone writing or planning to write a secure .NET application.