iOS Security Specialist Training
Currently, 75% of smartphone devices in the United States are running either iOS or Android. Training your personnel to keep smart phones and mobile devices secure is becoming more and more important. PaRaBaL’s experienced team of instructors are ready to provide the training your company needs to keep your facility and organization safe and secure.
Looking for Android Security Training?
PaRaBaL now offers training courses delivered to your door. A fleet of Mac Minis loaded with the latest security course disk images and in-person Parabal instruction bring the full iOS Security Specialist Training experience to the location of your choosing. For more detailed information, have a look at our brochure.
|Course Meeting Times:||9am to 4pm M-W|
|Course Location:||PaRaBaL Training Facility|
|Upcoming Course Dates:||Jan 7th – Jan 9th
Feb 5th – Feb 7th
|Request a Quote:||Send Request|
Our training provides an in depth into iPhone security: how to explore and address vulnerabilities throughout the device. Security professionals learn about device architecture, device forensics, application testing, device auditing, and most importantly, how to determine and mitigate vulnerabilities. Technical topics covered include specific hacker attacks, data transmission models, iOS directory structures, application code decompiling, and data protection. Participants will be part of a hands-on exercise involving an iPhone emulator and executing a penetration test where many of the course materials are used.
A strong understanding of structured programming and data networking, including knowledge of security protocols.
- Knowledgeable in in HSPA, LTE, EV-DO, CDMA, and WiFi data transmissions.
- Create solid mobile data policies and procedures and prioritize missing polices that lead to vulnerabilities.
- Execute and quantify penetration testing on an iPhone using the emulator.
- Understand data harvesting techniques, and worms.
- iOS exploit prevention – Identify potential security deficiencies in network transmission models, and devices operating system and application software.
- Execute device forensics and understand where sensitive data is stored and accessed on the iPhone.
- Review third party software and apps that can comprise security and other software that enhances security.
This course is taught using a variety of instructional tools including lecture, class discussions, printed material, and individual emulation projects.
Topics and Assignments
- Day 1. Policies and procedures, Securing the Wireless Network/ Vulnerabilities of the wireless network (part 1). Common policies and the impact to security; Data time slice stealing; Data handling differences between AT&T and Verizon; vulnerabilities with Proportional Fair
- Day 2. Securing the Wireless Network/Vulnerabilities of the wireless network (part 2). Securing the iPhone device (part 1). Understanding iPhone directory structure, iOS, log files, and other data housing directories; ActiveSync; Jailbreak and other development and security tools.
- Day 3. Securing the iPhone device (part 2). SSH; Installer.app; SMS; SQLite Database; iPhone emulator
- Day 4. Forensics – challenges with the iPhone, Auditing security and security products. Good Forensic Practices; Technical Processes; Disk Layout; Property Lists; Non-Apple hacking and security software
- Day 5. Emulator exercise (penetration test setup and execution), emulator test, and Q&A. Use an Emulator on a Mac bringing together instructional point covered throughout the week. Q&A on topics covered. One hour test to quantify the material retained.
Assessment Exercise: Penetration test setup and execution
This exercise will involve decompiling an iPhone app, examining the app for security holes, source code analysis, data protection, keyboard cache. The exercise will cover key iPhone components, SQLite, buffer overflows, directory management, cached files, property list files, and log files.
White paper: PaRaBaL iOS vs Android White Paper