This 3 day CompTIA Mobile App Security, Android Edition training class will prepare you for the CompTIA Mobile App Security, Android Edition certification examination and students will learn why it is critical to build security into your iOS apps, how to improve your programming processes to promote security, and how to provide countermeasures for the numerous threats to which an iOS app and its users are exposed.
Course Objectives:
• Explain why an organization should devote time and resources to app security, including a specific rationale for Android app development.
• Identify where and how the Android system architecture is vulnerable to security threats.
• Employ strategies to promote the security of mobile apps, including specific strategies for Android.
• Enable an Android app to communicate securely with hardware and software on the device.
• Enable an Android app to secure data through encryption.
• Enable an Android app to store data securely.
• Enable an Android app to communicate securely over networks and with web services.
• Use the WebView component securely.
• Protect credentials in storage and in transit.
• Harden an Android app against attack to levels appropriate for the risk model.
Course Prerequisites:
• Experience developing Android apps in Java using Eclipse and the Android SDK.
• A general understanding of information technology security is also helpful, but not required.
Course Outline:
I. Lesson 1: The Rationale for Android App Security
1. Identify the Need for Security
2. Identify Security Requirements and Expectations
3. Include Security in Your Development Processes
4. Identify Your Approach to Risk Management
II. Lesson 2: The Android Security Architecture
1. Strengths and Weaknesses of the Android Security Architecture
2. The Android Permissions Model
3. Android Vulnerabilities
III. Lesson 3: Employing Secure Mobile App Development Strategies
1. Follow App Security Best Practices
2. Design for Security
3. Write Secure Java Code
IV. Lesson 4: Accessing Local Processes and Devices Securely
1. Select Countermeasures for Local Threats
2. Implement Secure Access of Local Processes and Hardware
V. Lesson 5: Securing Data Through Encryption
1. Select Countermeasures for Threats to Cleartext Data
2. Implement Encryption
VI. Lesson 6: Accessing Local Storage Securely
1. Identify Countermeasures for Local Storage Threats
2. Implement Secure Access of Local Storage
VII. Lesson 7: Communicating with Networks and Web Services Securely
1. Identify Countermeasures for Networking Threats
2. Implement Secure Network Communication
VIII. Lesson 8: Using the WebView Component Securely
1. Identify Countermeasures for WebView Component Threats
2. Implement WebView Security
IX. Lesson 9: Protecting Credentials in Storage and Transit
1. Identify Countermeasures for Threats to Credentials
2. Implement Secure User Authentication
X. Lesson 10: Hardening Apps Against Attack
1. Identify Countermeasures for Reverse Engineering Threats
2. Harden an App
To Hire an AMS CompTIA Android Mobile App Security Subject Matter Expert Consultant and Instructor who also teaches this class, call 800-798-3901 today!