CompTIA Mobile App Security+: what you need to know about the new ADR-001 and IOS-001 exams
As we mentioned the other day, CompTIA recently introduced two interesting certifications. So, if you are working towards the career of mobile apps developer or a cloud professional, consider that you have gotten another goal to strive to.
Today, we’re talking about the vendor’s Mobile App Security+ Certification. With this addition, CompTIA raises an important issue, so often ignored: the security of mobile apps. As we all know (or at least have a gut feeling about), unless we’re talking big players’ ecommerce apps, healthcare and finance, the apps we play around with on our smartphones, aren’t too secure, right?
With smartphones being so vulnerable to hacking, theft or loss, CompTIA insists that it’s the developer’s responsibility to secure the application. And the only sure way to do that lies in planning for security and building security features from the very first stages of the app development process. The challenges of mobile app security can be overcome with the latest technology, such as HTML5, CSS3, JQuery, JQuery Mobile.
So, as CompTIA is fighting to step up security standards of mobile app development, we can expect their certification to become the big thing employers will be looking for in the resumes of their potential developers. So, you should prepare for it. And, as usual, there is no better time than now.
CompTIA Mobile App Security+ has two editions of the exam – for Android and iOS mobile apps (exams ADR-001 and IOS-001 respectively). The exams include 100 multiple choice questions. There is no confirmed information as to whether there are going to be exams for other platforms (Windows Phone mainly, given its steady growth this year), so if Windows is your platform of choice, Microsoft is still your go-to certification destination.
The exams (ADR-001 and IOS-001) will certify that the candidate has the knowledge and skills required to create a secure native Android/iOS mobile application, including securing network communications, backend Web services, etc. Both exams are suited for professionals with at least 2 years of mobile app development experience. Candidates need to be familiar with the principles of secure application development, iOS/Android SDK, and Java(for Android developers).
According to CompTIA, Mobile App Security+ Certification Exam (iOS Edition) IOS-001 covers the following domains:
To pass, you should have the knowledge and skills to:
CompTIA Mobile AppSecurity+ Certification Exam (Android Edition) ADR-001 covers the following domains:
The successful candidate should have the knowledge and skills to:
For more information and detailed exam objectives, please refer to CompTIA’s official website.
CompTIA CYSA+ CS0-002 – Detection and Containment Part 2
5. Impact Analysis (OBJ 3.1) Impact analysis. When we talk about impact analysis, this is a really important concept as part of our triage function. Now, when we talk about triage, really what we’re focused on is how do you look at an event and decide how severe it is and how much priority you… Read More »
CompTIA CYSA+ CS0-002 – Detection and Containment Part 1
1. Detection and Containment (Introduction) In this section of the course, we’re going to continue our discussion of incident responses by focusing on two phases the detection and analysis phase and the containment phase. We’re going to be covering domain three and domains four in this section of the course, specifically focusing on objectives 4.… Read More »
CompTIA CYSA+ CS0-002 – Analyzing Output from Vulnerability Scanners Part 3
6. OpenVAS and Qualys (OBJ 1.4) Openvoss and qualis. In the last lesson we talked about Nessus, which is a commercially available scanner. In this lesson, I want to talk about two more OpenVAS and Qualis. Now, Nessus began its life as an open source software project, which means it was available for anybody to… Read More »
CompTIA CYSA+ CS0-002 – Analyzing Output from Vulnerability Scanners Part 2
4. Vulnerability Reports (OBJ 1.3) Vulnerability reports. In this lesson we’re going to dig into those vulnerability reports and understand a little bit more about them. Now before we do that, we have to remember that a vulnerability report that is not validated is essentially useless. If I run the scanning tool and I take… Read More »
CompTIA CYSA+ CS0-002 – Analyzing Output from Vulnerability Scanners Part 1
1. Scan Reports (OBJ 1.4) Scan reports. In this lesson we’re going to start looking at some scan reports from our different vulnerability assessment tools. Now these scan reports are going to contain colorcoded vulnerabilities in terms of their criticality. This allows you to very quickly identify what is the most important things that need… Read More »
Cisco CCNA 200-301 – Wireless Networking Fundamentals Part 4
8. Switch Configuration for Wireless – Lab Demo Lecture. You’ll see how to configure a switch to support wireless networks with wireless LAN controller, with a lab demo. I’m going to use packet tracer for this demo, so you can see that I’ve got it open here. I’ve got my switch here in the middle.… Read More »