SEC571: Mobile Device Security

One constant in the rapidly evolving mobile device market is user demand for access to corporate data. Whether corporate or employee-owned (the bring your own device or BYOD model), mobile device use creates new challenges for organizations that must safeguard sensitive data.

This course is designed to help students gain the skills necessary to implement a secure mobile device deployment. Students will examine the threats and vulnerabilities affecting mobile device deployments, understand legal issues and constraints facing organizations, and develop policies and controls to guide mobile device use. Focusing on Apple iOS, Android and BlackBerry devices, students will learn about the architectural strengths and weaknesses of each platform, identifying countermeasures and risk mitigation tactics to protect against common threats. Students learn to use a combination of policy, mobile device management (MDM) and network controls, and automated application security analysis tools to defend against common threats including mobile device malware, stolen devices, wireless attacks and rooted or jailbroken devices. Throughout the course, a combination of lecture, hands-on lab exercises and real-world experience is used to guide students through a tested model for secure mobile device use.

A Sampling of Topics

  • Evaluating mobile device management (MDM) solutions
  • Mitigating the threat of stolen devices
  • Security analysis of iOS 7, Android 4.4, and BlackBerry 10
  • Building a lab for testing mobile device controls
  • Developing policies for mobile device use
  • Evaluating mobile malware threats
  • Rooting and Jailbreaking mobile devices
  • Mobile app security analysis

Course Syllabus
 
 
  Laptop Required

Throughout the course, students will participate in hands-on lab exercises. Students must bring their own laptops to class that meet the requirements described below.

Windows

Students must bring a Windows 7, Windows Vista, or Windows XP laptop to class, preferably running natively on the system hardware. It is possible to complete the lab exercises using a virtualized Windows installation, however, this will result in reduced performance when running device emulators within the virtualized Windows host. If you are a Windows XP user, make sure you also have the .NET 3.5 framework installed, which can be downloaded from http://www.microsoft.com/en-us/download/details.aspx?id=21 .

Administrative Windows Access

For several tools utilized in the course, students will be required to perform actions with administrative privileges. Students must have administrative access on their Windows host, including the ability to unload or disable security software such as anti-virus or firewall agents as necessary for the completion of lab exercises.

VMware

Students will use a virtualized MobiSec Linux VMware guest for several lab exercises. VMware Workstation or VMware Player is recommended. Note that there is no cost associated with the use of VMware Player, which can be downloaded from the VMware website.

While some students successfully use VMware Fusion for the exercises, the relative instability of VMware Fusion may introduce delays in exercise preparation, preventing the timely completion of lab exercises. VirtualBox and other virtualization tools are not supported at this time.

Hardware Requirements

Several of the software components used in the course are hardware intensive, requiring more system resources than what might be required otherwise for day-to-day use of a system. Please ensure your laptop meets the following minimum hardware requirements:

  • Minimum 2 GB RAM, 4 GB recommended
  • Ethernet (RJ45) network interface; students will not be able to complete lab exercises with systems that only have a wireless card, such as the Mac Book Air
  • 1.5 GHz processor minimum
  • 30 GB free hard disk space
  • DVD drive (not a CD drive)
  • Minimum screen resolution 1024x768, larger screen resolution will reduce scrolling in for several applications and a more pleasant end-user experience

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.

 
  Who Should Attend
  • Auditors who need to build deeper technical skills
  • Leadership personnel guiding the adoption and planning for mobile device use
  • Security personnel whose job involves assessing, deploying or securing mobile phones and tablets
  • Network and system administrators supporting mobile phones and tablets

 

*CPE/CMU credits not offered for the SelfStudy delivery method

Type
Topic
Course
/ Location
/ Instructor
Date
Register

Onsite
All OnSite Course of Your Choice Your Choice  

*Course contents may vary depending upon location, see specific event description for details.