Apr 23, 2024  
2018-2019 Course Catalog 
    
Catalog Navigation
  Catalog Home
  President’s Welcome
  Programs Available 2018-2019
  Programs By Degree Type
  Program by Campus
  Course Descriptions & Competencies
  Program Requirements & Graduation

  Profile of DMACC
  Campus Maps & Directories
  Faculty and Staff 2018-2019

  2018-2019 Academic Calendar
  Frequently Asked Questions
  Student Handbook
  Admissions
  Registration
  Educational Expense/Student Accounts
  Financial Aid
  Academic Information
  Student Services
  Student Activities

  DMACC Business Resources
  Continuing Education & Specialized Programs
  DMACC Foundation
  Archived Catalogs
  My Portfolio
HELP
2018-2019 Course Catalog [ARCHIVED CATALOG]

Facebook this Page (opens a new window)
Tweet this Page (opens a new window)
Add to Portfolio (opens a new window)

MDT 106 - Mobile Device Security

Credits: 3
Lecture Hours: 3
Lab Hours: 0
Practicum Hours: 0
Work Experience: 0
Course Type: Voc/Tech
An introductory course identifying key threats across the mobile environment and techniques to reduce the risk to end-user data on mobile devices. Discuss the range of threats, the potential harm to end-users and the need to provide additional security in mobile apps. Explore app design principles that incorporate countermeasures to attacks targeting mobile devices.
Competencies
  1. Compare and contrast the capabilities and limitations of mobile devices that create unique security challenges
    1. Describe the consumer-oriented nature of mobile device platforms and the responsibility for application developers to protect sensitive personal information while providing a rich client experience.
    2. Explain mobile applications dependence on frequent communications between the client and servers to store and process data, resulting in personal information being present both on the device and in the cloud.
    3. Examine the mobile environment’s controlled access to the platform’s operating system and restrictions on interacting with other applications that limit opportunities to mitigate security flaws.
  2. Identify the stake-holders directly responsible for a safe mobile environment, including mobile app developers, Information Technology (IT) staff/consultants and end-users
  3. Discuss the mobile risk ecosystem
    1. Introduce the mobile ecosystem consisting of small portable devices featuring high-speed processors with extensive memory, over-the-air communications networks, centrally distributed apps, and environmentally aware hardware sensors.
    2. Describe the mobile risk model including the physical, service and app risks.
  4. Explore sensitive information leakage.
    1. Explain the inherently greater risk for data leakage when data is stored on mobile devices.
    2. Describe the many services, within a mobile platform, designed to store sensitive information.
    3. Identify techniques to mitigate information leakage, such as using more secure on-device storage features, app developers writing more secure code, and using Mobile Device Management (MDM) capabilities.
  5. Outline the basic functionality of the cellular network.
    1. Discuss the interoperability of modern cellular networks.
    2. Identify the targets at the endpoints of the mobile networks that are the focus of attacks and countermeasures
    3. Describe possible attacks on the mobile network endpoints
    4. Explore the recommended countermeasures.
  6. Evaluate the general security model for mobile devices.
    1. Discuss the mobile device’s underlying hardware and operating system.
    2. Explore the supporting software libraries and application framework.
    3. Examine the application layer.
    4. Describe the security concerns over software fragmentation
  7. Critique jailbreaking and rooting security issues.
    1. Define jailbreaking and rooting as related to mobile devices
    2. Discuss the pros and cons of jailbreaking and rooting.
    3. Describe techniques for jailbreaking and rooting mobile devices.
    4. Explore countermeasures to jailbreaking and rooting attempts.
  8. Explore malware that exploits features distinctive to the mobile environment.
    1. Explain the fundamentals of mobile malware.
    2. Examine the malware used to violate the end-user’s privacy, conduct fraud, and disrupt the mobile device.
    3. Discuss the current countermeasures to prevent malware on mobile devices.
  9. Assess the vulnerabilities of web services accessible from mobile web apps.
    1. Discuss the security risks of server-side attacks versus client-side attacks
    2. Describe general guidelines for securing web services.
    3. Explore web-based attacks and countermeasures encountered in the mobile environment.
    4. Review common authentication and authorization frameworks for mobile apps.
    5. Outline Mobile Device Management (MDM).
      1. Explain the MDM frameworks ability to remotely (over-the-air) monitor, control, and manage mobile devices.
      2. Discuss device provisioning by which MDM solutions deploy and enforce policies and restrictions on mobile devices.
      3. Explore the device-centric, data-centric, and hybrid MDM models.
      4. Describe the remote wipe and remote lock features of MDM
  10. Evaluate mobile application development security.
    1. Describe the application developer’s role in controlling the interface through which end-users interact with the mobile device and network.
    2. Discuss the built-in security features of the mobile platform and the risks of device theft.
    3. Explore mobile app threat models for identifying security risks.
    4. Examine secure mobile development guidelines to mitigate potential attacks.
  11. Assess the security features of mobile payment systems.
    1. Describe the current mobile payment systems available to app developers.
    2. Explain the components of mobile payment applications
    3. Discuss the functionality of wallet applications including vulnerabilities and defenses.


Facebook this Page (opens a new window)
Tweet this Page (opens a new window)
Add to Portfolio (opens a new window)