Menu Search Sign up

Mobile App and Device Security

The subject area of "Mobile App and Device Security" contains information for:

  •     Managing risks to mobile applications and devices
  •     Implementing an effective mobile device security strategy for your organization
  •     Identifying potential flaws in developed and downloaded iOS and Android™ applications
  •     Leveraging best practices for mobile application development and security
  •     Exposing vulnerabilities in mobile devices and applications

Information in this subject area can be useful for those want to get into the field of implementing, testing and deploying secure mobile applications and devices.

e2College offers a training course to help you gain knowledge in the subject area of "Mobile App and Device Security". The training course "Mobile App and Device Security" includes activities and hands-on exercises to reinforce understanding of the different domains of knowledge in the area of mobile app and device security.

The course is taught by e2College instructors who are subject matter experts in the information security industry in general, and in the area of mobile app and device security in particular.

Course Objectives

The objective of this course is to help students gain knowledge in the subject area of "Mobile App and Device Security", as outlined above.

Course Content

The training course "Mobile App and Device Security" covers the following topics:

Introduction to Mobile Security

  • Components of a mobile operating system (OS)
  • Mobile security challenges
  • Threats faced by mobile devices
  • Mobile hacking tools

Mobile Device Vulnerabilities & Mobile Threat Model

  • Balancing usability with security
  • Mobile attack vectors and surfaces
  • Assessing mobile risks and business benefits
  • Multiple and diverse mobile device environments
  • Risks of mobile applications
  • Methods for determining mobile vulnerabilities
  • Common device configuration errors

Secure Mobile Device Management

  • Device enrollment procedures
  • Permissions on usage and control
  • Connectivity control
  • Acceptable use policy
  • Centralizing device administration
  • BYOD challenges
  • Fortifying device synchronization
  • Modifying policies to work with each mobile OS
  • Handling lost or stolen devices

Securing Mobile Endpoint Access Control

  • Procedures to secure iPhone®, iPad® and Android devices
  • Access solutions
  • Safeguarding credentials

Mobile Data Security

  • Data confidentiality and integrity
  • Whole disk and file encryption
  • Hardware encryption techniques
  • Standardizing permissions
  • Jail Breaking/Rooting
  • Platform challenges

Secure Mobile Communication

  • VPN/TLS technology properly
  • Thin clients for mobile devices
  • Remote connectivity
  • Security issues of Bluetooth and Near Field Communication (NFC)

Secure Mobile Software Development Lifecycle

  • Xcode and Eclipse ADT
  • Secure coding techniques
  • Software and programming language vulnerabilities
  • Top ten mobile risks
  • Addressing identified exploits
  • Defeating client-side injection attacks
  • Debugging a running app in an emulator
  • Reverse-engineering apps to identify vulnerabilities
  • Protecting user interface data
  • Storing data in the Android and iOS keychain
  • Enforcing user authentication
  • Handling sessions
  • Defining trust boundaries

Mobile security Assessment

  • Creating the assessment plan
  • Performing end-user device testing
  • Manual vs. automated testing
  • Assessing device vulnerabilities
  • Extracting sensitive data from iOS and Android file systems
  • Analyzing systems for information leaks
  • Determining remediation steps

Course Format & Schedule

The training course "Mobile App and Device Security" is offered as an online live class and you can log in at the scheduled times and join your instructor and classmates in an interactive virtual classroom. Classes meet two evenings a week for six weeks for a total of 12 sessions. The evening class time is usually between 7:30pm to 10:00pm local time (Specific class time may vary a little to accomodate attendees from different time zones).

Course Prerequisites

The training course "Mobile App and Device Security" is intended for people who want to get into the field of implementing, testing and deploying secure mobile applications and devices. Before taking this course, it is recommended that you have basic knowledge of information security or software development.