OptimaTrain

CompTIA® Mobile App Security+ iOS Edition (Exam IOS-001)

0 STUDENTS ENROLLED

    Course Specifications

    Course Number:

    094102

    Course Length:

    3 days

    Course Description

    Overview:

    iOS app development is a valuable skill set for a programmer today. An important part of that skill set is the ability to create apps that protect you, your users, and your users’ organizations from attack. In this course, you will learn why it is critical to build security into your iOS apps, how to improve your programming processes to promote security, and how to provide countermeasures for the numerous threats to which an iOS app and its users are exposed.

    Course Objectives:

    In this course, you will develop secure native apps for iOS mobile devices.

    You will:

    • Explain why an organization should devote time and resources to app security, including specific rationale for iOS app development.
    • Identify where and how the iOS system architecture is vulnerable to security threats.
    • Apply strategies to promote the security of mobile apps, including specific strategies for iOS.
    • Enable an iOS app to communicate securely with hardware and software on the device.
    • Enable an iOS app to secure data through encryption.
    • Enable an iOS app to store data securely.
    • Enable an iOS app to communicate securely over networks and with web services.
    • Use the UIWebView component securely.
    • Protect credentials in storage and in transit.
    • Harden an iOS app against attack to levels appropriate for the risk model.

    Target Student:

    Students taking this course are software developers who are experienced with mobile app development in iOS and want to improve the security of apps they develop. Student have experience developing iOS apps, and are familiar with the iOS SDK, development tools, and processes.

    This course is also for students seeking the CompTIA Mobile App Security+ certification and want to prepare for the IOS-001 exam.

    Prerequisites:

    To ensure your success in this course, you should have experience developing native apps in iOS using Xcode and the Objective-C programming language.

    A general understanding of information technology security is also helpful, but not required. Logical Operations offers various courses on information technology security, including CompTIA® Security+.

    Course-specific Technical Requirements

    Hardware

    For this course, you will need one computer for each student and one for the instructor. Each computer will need the following minimum hardware configurations:

    • Intel-based Mac running Mac OS X Mountain Lion 10.8.4 or later
    • CD-ROM drive
    • Keyboard and mouse (or other pointing device)
    • 1,024 × 768 resolution monitor; higher resolution recommended, if possible
    • Network cards and cabling for local network access
    • Internet access (contact your local network administrator)
    • Projection system to display the instructor’s computer screen

    Software

    To prepare a student or instructor system for the class, install the following software according to the instructions provided. You will need the following software for each student and instructor computer:

    • Xcode 5 with the iOS7 SDK, from developer.apple.com
    • iGoat 2.0, provided with the course data files

    Course Content

    Lesson 1: The Rationale for IOS App Security

    Topic A: Identify the Need for Security

    Topic B: Identify Security Requirements and Expectations

    Topic C: Include Security in Your Development Processes

    Topic D: Identify Your Approach to Risk Management

    Lesson 2: The iOS Security Architecture

    Topic A: Strengths and Weaknesses of the iOS Security Architecture

    Topic B: iOS App Construction

    Topic C: iOS Vulnerabilities

    Lesson 3: Employing Secure Mobile App Development Strategies

    Topic A: Follow App Security Best Practices

    Topic B: Protect Against Threats

    Topic C: Software Development Life Cycle (SDLC)

    Topic D: Design for Security

    Topic E: Conduct Security Testing and Analysis

    Topic F: Write Secure Objective-C Code

    Lesson 4: Accessing Local Processes and Devices Securely

    Topic A: Select Countermeasures for Local Threats

    Topic B: Implement Secure Access of Local Processes and Hardware

    Lesson 5: Securing Data Through Encryption

    Topic A: Select Countermeasures for Threats to Cleartext Data

    Topic B: Implement Encryption

    Lesson 6: Accessing Local Storage Securely

    Topic A: Identify Countermeasures for Local Storage Threats

    Topic B: Implement Secure Access of Local Storage

    Lesson 7: Communicating with Networks and Web Services Securely

    Topic A: Identify Networking Threats

    Topic B: Identify Countermeasures for Networking Threats

    Topic C: Implement Secure Network Communication

    Lesson 8: Using the UIWebView Component Securely

    Topic A: Identify Countermeasures for UIWebView Component Threats

    Topic B: Implement UIWebView Security

    Lesson 9: Protecting Credentials in Storage and Transit

    Topic A: Identify Countermeasures for Threats to Credentials

    Topic B: Implement Secure User Authentication

    Topic C: Implement Keychain

    Lesson 10: Hardening Apps Against Attack

    Topic A: Identify Countermeasures for Reverse Engineering Threats

    Topic B: Harden an App

    Appendix A: CompTIA IOS-001 Exam Objectives Mapping

    Course Reviews

    N.A

    ratings
    • 1 stars0
    • 2 stars0
    • 3 stars0
    • 4 stars0
    • 5 stars0

    No Reviews found for this course.

    Instructor Led
    • ILT
    • 24 Hours

    Cart

    Course Categories