GIAC - Firebrand's training for GIAC's Mobile Device Security Analyst | GMOB

On this 4-day accelerated Mobile Device Security Analyst (GMOB) course, you'll learn to properly secure mobile devices accessing vital information in your organisation.

Mobile devices increasingly have access to sensitive data. This, in combination with their limited security, means mobile devices are often an enticing target for attackers.

A Mobile Device Security Analyst will understand and apply security policies in a mobile environment, as well as:

• Test for and mitigate against common vulnerabilities and threats to mobile applications
• Understand the common methods used to attack mobile devices, including jailbreaking, rooting, sidejacking and web app attacks
• Use common techniques to protect mobile devices, including configuration management and encryption

Firebrand's unique Lecture | Lab | Review approach combines both theoretical knowledge with practical, hands-on tasks. This technique ensures you'll learn faster and develop the competence to put your new skills into practice when you return to work.

On this course, you'll be prepared for the GIAC Mobile Device Security Analyst (GMOB) exam. This is covered by your Certification Guarantee.

This course is aimed at security personnel involved in assessing mobile devices to find security weaknesses. The ideal candidate will have up-to-date technical knowledge and a thorough understanding of mobile device penetration testing.

This course provides knowledge equivalent to the SANS SEC575: Mobile Device Security and Ethical Hacking.

Please Note

• Examination vouchers not included for GIAC, CREST and CISSP CBK Review
• On site testing not included for GIAC, CREST or ITIL Managers and Revision Certification Courses

Analysing Application Network Activity

• The candidate will demonstrate the ability to capture and interpret network traffic for the purposes of assessing the security of mobile device applications

Analysing Static Applications

• The candidate will demonstrate the understanding of techniques to evaluate mobile application binaries and permissions in order to detect potentially harmful behaviour

Assessing Mobile Application Security

• The candidate will demonstrate the ability to assess the security of mobile applications with respect to privacy, data protection, and undesirable application behaviour

Attacking Mobile and Wireless Infrastructure

• The candidate will demonstrate the ability to recognise and leverage architectural opportunities on mobile devices and the associated infrastructure to improve security of mobile devices

Attacking Mobile Web Applications

• The candidate will demonstrate understanding of common mobile web application attacks such as XSS, client-side injection, SQL injection, and parameter tampering

Managing Android Devices

• The candidate will demonstrate familiarity with Android configuration and security models and how they affect security posture

Managing iOS Devices

• The candidate will demonstrate familiarity with iOS configuration and security models and how they affect security posture

Managing Mobile Accessories

• The candidate will demonstrate familiarity with other mobile devices such as wearable technologies, their security risks, and mitigation strategies

Manipulating Mobile Application Behaviour

• The candidate will demonstrate the understanding of security evasion techniques to test the security of mobile applications in order to detect potentially harmful behaviour

Manipulating Network Traffic

• The candidate will demonstrate an understanding of typical wireless traffic attacks such as sidejacking, traffic manipulation and SSL/TLS attacks

Mitigating Against Mobile Malware

• The candidate will be able to demonstrate how to protect mobile device data, and mitigate against malware targeted to mobile devices

Mitigating Against Stolen Mobile Devices

• The candidate will be able to demonstrate how to mitigate against the threat of data loss from stolen mobile devices

Penetration Testing against Mobile Devices

• The candidate will demonstrate the ability to implement a regular penetration testing program to evaluate a mobile device deployment, to identify vulnerabilities, and to accurately evaluate the threat of vulnerabilities to an organisation

Unlocking and Rooting Mobile Devices

• The candidate will demonstrate understanding of the concept and processes behind rooting, jailbreaking, and unlocking mobile devices and the security ramifications

This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we'll provide instructions on how to register with GIAC.

• GIAC Mobile Device Security Analyst (GMOB)

Additional Exam Details:

• 1 proctored exam
• 75 questions
• Time limit of 2 hours
• Minimum passing score of 71%
• Certifications must be renewed every 4 years

On this accelerated course, you'll get access to the following:

• Firebrand official training materials

There are no prerequisites for this course.