Course Details

Previous Page


Securing Mobile Devices in the Enterprise: Mobile Security Threats


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number



Overview/Description
Mobile security threats are among the most serious threats to the enterprise, as mobile attacks are often a gateway to a wider attack on connected resources. The Open Web Application Security Project tracks the top 10 security concerns for mobile devices and applications, and this course uses those risks as a basis for discussing mobile security. In this course, you will learn about some best practices for securely handling mobile devices.

Target Audience
Enterprise network engineers and managers; network security engineers and managers; anyone tasked with providing secure access to company resources from mobile devices

Prerequisites
None

Expected Duration (hours)
2.0

Lesson Objectives

Securing Mobile Devices in the Enterprise: Mobile Security Threats

  • |INS start the course |/INS
  • describe current mobile devices and form factors
  • describe the current state of mobile device security
  • describe mobile security considerations
  • describe the process to determine risk in a mobile environment
  • describe sensitive mobile assets
  • describe sensitive usage scenarios for mobile devices
  • describe how mobile data is stored and transported
  • list the OWASP top 10 mobile risks, and describe how weak server-side controls affect mobile device back-end systems
  • describe how insecure data storage affects mobile device front-end and back-end systems
  • describe how insufficient transport layer protection affects mobile device front-end and back-end systems
  • describe how unintended data leakage affects mobile device front-end and back-end systems
  • describe how poor authorization and authentication affects mobile device front-end and back-end systems
  • describe how broken cryptography affects mobile device front-end and back-end systems
  • describe how client-side injection affects mobile device front-end systems
  • describe how security decisions via untrusted inputs affect mobile device back-end systems
  • describe how improper session handling affects mobile device front-end systems
  • describe how lack of binary protections affects mobile device front-end systems
  • describe the potential technical impacts of mobile exploits
  • describe the potential business impacts of mobile exploits
  • describe requirements for secure device data handling
  • describe requirements for secure device authorization and authentication
  • describe requirements for secure device sensors, jailbreaking, and mobile device management systems
  • describe requirements for secure device connectivity and apps
  • describe requirements for users of secure devices
  • assess threats from OWASP top 10 and their impact on mobile systems
  • Course Number:
    sp_emds_a01_it_enus