SkillSoft Explore Course – Lambers, Inc.

BUY NOW! STARTING AT ONLY $299!

IT Professional Curricula Internet and Network Technologies Solution Area Security Solutions Foundations of Android Security

There are a variety of tools and methods available for testing Android applications so as to expose any potential vulnerabilities prior to deployment in either a public market or enterprise environment. In this course, you will learn about various vulnerabilities as they pertain specifically to Android applications, and you will also learn how to secure Android devices and applications for the enterprise environment. You will also learn how to plan and carry out penetration testing using a variety of tools and best practices, in addition to performing forensics and hacking techniques on Android applications so as to be able to better secure them prior to deployment on a public market.

Asset ID	sp_foas_a02_it_enus
Course Type	Video Course
Course Category	Internet and Network Technologies Solution Area

Objectives
Dealing with Application Vulnerabilities start the course identify common mobile device security issues describe the methodology used for identifying malware on Android describe the general methodology used to reverse engineer an Android application so as to reveal malicious threats describe Android mobile browser vulnerabilities Securing Android for Enterprise describe Android security concerns that ought to be addressed in the enterprise environment describe compliance and audit considerations that must be taken into account when developing Android apps for enterprise describe considerations for using user-owned, untrusted devices as well as untrusted applications and networks describe considerations for dealing with untrusted systems and content on an enterprise network describe recommended security practices for mobiles in the enterprise environment identify device administration policies and describe how they are implemented on an Android device Using Penetration Testing describe Android device penetration testing methodology describe main steps for carrying out a generic penetration test on Android OS and devices carry out a network scan using Nmap install and use BusyBox on an Android device to examine its network port and socket activity analyze network traffic on an Android device using Wireshark use Burp suite to intercept traffic for a browser application on a virtual Android device describe the Android app development best practices against which penetration tests should be carried out Performing Forensics analyze Android device mount points examine some file systems that typically exist on an Android device examine Android device directory structure describe storage options for Android application data explore the contents of the application data directory for default Android e-mail application identify the advantages and pitfalls of enabling root access on an Android device create a system image for an Android device retrieve and access an Android application database Practice: Analyzing Application Behavior capture and analyze traffic from a sample application, retrieve its database, and view its database contents

Objectives

Dealing with Application Vulnerabilities

start the course
identify common mobile device security issues
describe the methodology used for identifying malware on Android
describe the general methodology used to reverse engineer an Android application so as to reveal malicious threats
describe Android mobile browser vulnerabilities

Securing Android for Enterprise

describe Android security concerns that ought to be addressed in the enterprise environment
describe compliance and audit considerations that must be taken into account when developing Android apps for enterprise
describe considerations for using user-owned, untrusted devices as well as untrusted applications and networks
describe considerations for dealing with untrusted systems and content on an enterprise network
describe recommended security practices for mobiles in the enterprise environment
identify device administration policies and describe how they are implemented on an Android device

Using Penetration Testing

describe Android device penetration testing methodology
describe main steps for carrying out a generic penetration test on Android OS and devices
carry out a network scan using Nmap
install and use BusyBox on an Android device to examine its network port and socket activity
analyze network traffic on an Android device using Wireshark
use Burp suite to intercept traffic for a browser application on a virtual Android device
describe the Android app development best practices against which penetration tests should be carried out

Performing Forensics

analyze Android device mount points
examine some file systems that typically exist on an Android device
examine Android device directory structure
describe storage options for Android application data
explore the contents of the application data directory for default Android e-mail application
identify the advantages and pitfalls of enabling root access on an Android device
create a system image for an Android device
retrieve and access an Android application database

Practice: Analyzing Application Behavior

capture and analyze traffic from a sample application, retrieve its database, and view its database contents