Save $400 on InfoSec Training at SANS New York City Summer 2018. Ends Tomorrow!

RSA Conference 2014

San Francisco, CA | Sun, Feb 23 - Mon, Feb 24, 2014
This event is over,
but there are more training opportunities.

SEC571: Mobile Device Security

Sun, February 23 - Mon, February 24, 2014

One constant in the rapidly evolving mobile device market is user demand for access to corporate data. Whether corporate or employee-owned (the bring your own device or BYOD model), mobile device use creates new challenges for organizations that must safeguard sensitive data.

This course is designed to help students gain the skills necessary to implement a secure mobile device deployment. Students will examine the threats and vulnerabilities affecting mobile device deployments, understand legal issues and constraints facing organizations, and develop policies and controls to guide mobile device use. Focusing on Apple iOS, Android, BlackBerry and Windows Phone devices, students will learn about the architectural strengths and weaknesses of each platform, identifying countermeasures and risk mitigation tactics to protect against common threats. Students learn to use a combination of policy, mobile device management (MDM) and network controls to defend against common threats including mobile device malware, stolen devices, wireless attacks and rooted or jailbroken devices. Throughout the course, a combination of lecture, hands-on lab exercises and real-world experience is used to guide students through a tested model for secure mobile device use.

A Sampling of Topics

  • Evaluating mobile device management (MDM) solutions
  • Wireless LAN design and deployment
  • Mitigating the threat of stolen devices
  • Legal issues affecting mobile device deployments
  • Architectural weaknesses in Apple iOS, Android, BlackBerry and Windows Phone
  • Building a lab for testing mobile device controls
  • Developing policies for mobile device use

Course Syllabus

Additional Information

Throughout the course, students will participate in hands-on lab exercises. Students must bring their own laptops to class that meet the requirements described below.


Students must bring a Windows 7, Windows Vista, or Windows XP laptop to class, preferably running natively on the system hardware. Windows 8 systems are also welcome, provided students are comfortable with navigating the platform without the Start menu interface. It is possible to complete the lab exercises using a virtualized Windows installation; however, this will result in reduced performance when running device emulators within the virtualized Windows host. If you are a Windows XP user, make sure you also have the .NET 3.5 framework installed, which can be downloaded from .

Administrative Windows Access

For several tools utilized in the course, students will be required to perform actions with administrative privileges. Students must have administrative access on their Windows host, including the ability to unload or disable security software such as anti-virus or firewall agents as necessary for the completion of lab exercises.


Students will use a virtualized MobiSec Linux VMware guest for several lab exercises. VMware Workstation or VMware Player is recommended. Note that there is no cost associated with the use of VMware Player, which can be downloaded from the VMware website.

While some students successfully use VMware Fusion for the exercises, the relative instability of VMware Fusion may introduce delays in exercise preparation, preventing the timely completion of lab exercises. VirtualBox and other virtualization tools are not supported at this time.

Hardware Requirements

Several of the software components used in the course are hardware intensive, requiring more system resources than what might be required otherwise for day-to-day use of a system. Please ensure your laptop meets the following minimum hardware requirements:

  • Minimum 2 GB RAM, 4 GB recommended
  • Ethernet (RJ45) network interface; students will not be able to complete lab exercises with systems that only have a wireless card, such as the Mac Book Air
  • Core 2 Duo or comparable processor minimum
  • 30 GB free hard disk space
  • DVD drive (not a CD drive)
  • Minimum screen resolution 1024x768, larger screen resolution will reduce scrolling in for several applications and a more pleasant end-user experience

During the course, you will install numerous tools, and make several system changes. Some students may wish to bring a clean system that is not their everyday production system, or a dedicated Windows virtual machine that meets the minimum requirements for a system, to avoid any changes that may interfere with other system software.

If you have additional questions about the laptop specifications, please contact

  • Auditors who need to build deeper technical skills
  • Leadership personnel guiding the adoption and planning for mobile device use
  • Security personnel whose job involves assessing, deploying or securing mobile phones and tablets
  • Network and system administrators supporting mobile phones and tablets