comptia mobile app security, it certification exams

CompTIA Mobile App Security+: what you need to know about the new ADR-001 and IOS-001 exams

  • By
  • November 8, 2013
1 Comment

comptia mobile app security, it certification examsAs we mentioned the other day, CompTIA recently introduced two interesting certifications. So, if you are working towards the career of mobile apps developer or a cloud professional, consider that you have gotten another goal to strive to.

Today, we’re talking about the vendor’s Mobile App Security+ Certification. With this addition, CompTIA raises an important issue, so often ignored: the security of mobile apps. As we all know (or at least have a gut feeling about), unless we’re talking big players’ ecommerce apps, healthcare and finance, the apps we play around with on our smartphones, aren’t too secure, right?

With smartphones being so vulnerable to hacking, theft or loss, CompTIA insists that it’s the developer’s responsibility to secure the application. And the only sure way to do that lies in planning for security and building security features from the very first stages of the app development process. The challenges of mobile app security can be overcome with the latest technology, such as HTML5, CSS3, JQuery, JQuery Mobile.

So, as CompTIA is fighting to step up security standards of mobile app development, we can expect their certification to become the big thing employers will be looking for in the resumes of their potential developers. So, you should prepare for it. And, as usual, there is no better time than now.

CompTIA Mobile App Security+ has two editions of the exam – for Android and iOS mobile apps (exams ADR-001 and IOS-001 respectively). The exams include 100 multiple choice questions. There is no confirmed information as to whether there are going to be exams for other platforms (Windows Phone mainly, given its steady growth this year), so if Windows is your platform of choice, Microsoft is still your go-to certification destination.

The exams (ADR-001 and IOS-001) will certify that the candidate has the knowledge and skills required to create a secure native Android/iOS mobile application, including securing network communications, backend Web services, etc. Both exams are suited for professionals with at least 2 years of mobile app development experience. Candidates need to be familiar with the principles of secure application development, iOS/Android SDK, and Java(for Android developers).

According to CompTIA, Mobile App Security+ Certification Exam (iOS Edition) IOS-001 covers the following domains:

  1. Application Security and SDLC Fundamentals
  2. Objective-C Coding
  3. iOS SDK, APIs, and Security Features
  4. Web Service and Network Security
  5. Data Security and Implementing Encryption
  6. Application Hardening

To pass, you should have the knowledge and skills to:

  • Describe fundamental principles of application security
  • Describe the security model of iOS devices
  • Describe common threats to mobile application security
  • Develop moderately complex applications using the iOS SDK
  • Describe Web services security model and vulnerabilities
  • Properly implement SSL/TLS for Web communications
  • Utilize the security features of the iOS operating system and APIs
  • Properly implement secure coding techniques
  • Avoid insecure retention of data in memory
  • Describe common implementations of cryptography such as PKI
  • Leverage encryption for storage and/or communications
  • Harden an application against attack to levels appropriate for the risk model of the
  • Application

CompTIA Mobile AppSecurity+ Certification Exam (Android Edition) ADR-001 covers the following domains:

  1. Mobile application security, SDLC, and threat models
  2. Android SDK, APIs, and security features
  3. Web service and network security
  4. Data security and implementing encryption
  5. Application hardening and reverse engineering 5%
  6. Secure Java coding

The successful candidate should have the knowledge and skills to:

  • Describe fundamental principles of application security
  • Describe the security model of Android devices
  • Describe common threats to mobile application security
  • Develop moderately complex applications using the Android SDK
  • Describe Web services security model and vulnerabilities
  • Properly implement SSL/TLS for Web communications
  • Utilize the security features of the Android operating system and APIs
  • Properly implement secure coding techniques
  • Avoid insecure retention of data in memory
  • Describe common implementations of cryptography such as PKI
  • Leverage encryption for storage and/or communications
  • Understand access control and file permissions
  • Harden an application against attack to levels appropriate for the risk model of the application

For more information and detailed exam objectives, please refer to CompTIA’s official website.

Comments
* The most recent comment are at the top

Add Comments

Interesting posts

VMware Certification Exams in 2022: What Updates and Changes Are Expected for IT Specialists?

Technology is advancing rapidly, so the market with the available job roles and the vendors with their certification programs always try to match the current changes. The old exams are withdrawn, while the new ones are released in order to address the new requirements of the field. Thus, VMware, which offers a variety of tests… Read More »

Explore Main Changes to Oracle Certification Program to Rush into 2022 as a Winner

The exam retirement process is an important point in any certification program lifecycle. The old tests go away and new ones come to replace them, which is why some vendors notify their candidates about any changes happening in their programs. The same rule applies to the Oracle portfolio and the paths it has. The notification… Read More »

What Certifications Does Microsoft Plan to Withdraw in 2022 and Why?

The world is transforming rapidly, which is why various technologies and job roles associated with them change every year. To keep the certification programs relevant, the vendors continually review their qualification exams and certificates to be sure that they reflect the latest skills you should have. The same goes for Microsoft. The company keeps track… Read More »

CompTIA Certification Program in 2022: Exam Updates and Key Changes

CompTIA is a company that promotes the growth of the industry, the development of a highly-skilled workforce, as well as a commitment to creating an environment with innovation, benefits, and opportunities that are available to everyone. This is a vendor-neutral and independent source, which covers a wide range of technology-related topics. CompTIA offers its own… Read More »

What’s New in Cisco Certification Program and How Can Its Changes Affect Your Career in 2022?

Cisco is one of the popular companies that help transform business through technology. It knows everything about networking, security, Cloud, collaboration, and data center. Thus, its certification program is one of the best options for the individuals interested in enhancing their skills in these areas. Each year, various technologies change because of how many new… Read More »

What Data-Related Certifications Are Available to IT Professionals in 2022?

The individuals who work in the domains of data science and data analytics can measure and highlight their skills using the special certifications. There are many certificates that focus on this knowledge area. In this article, we are going to take a look at three of them: Dell EMC Specialist – Data Scientist, Advanced Analytics,… Read More »

img