GIAC Mobile Device Security Analyst (GMOB)
Mobile phones and tablets continue to demonstrate their usefulness and importance in enterprises and government offices. With the amount of sensitive data that can be accessed on these devices and their lack of security, mobile devices are enticing targets for nefarious attackers.
The GMOB ensures that the people charged with protecting systems and networks know how to properly secure the mobile devices accessing vital information.
The GIAC Mobile Device Security Analyst (GMOB) certification is ideal for security personnel whose job duties involve assessing mobile devices to find security vulnerabilities. A successful GMOB candidate will have an up-to-date technical knowledge and thorough understanding of mobile device penetration testing and the ability to perform a basic security analysis of mobile applications. They will also be able to understand and apply security policies in a mobile environment as well as:
- Test for and mitigate against common vulnerabilities and security threats against mobile applications.
- Be familiar with mobile device architecture, operating systems, and security features.
- Understand the general common methods used to attack mobile devices, including jailbreaking, rooting, sidejacking, and web application attacks.
- Use common techniques to protect mobile devices, including configuration management and encryption.
Preparing for the GMOB Exam: Candidates may choose to prepare for the GMOB exam by taking the SANS Training Course: SEC575: Mobile Device Security and Ethical Hacking
*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*
- 1 proctored exam
- 75 questions
- Time limit of 2 hours
- Minimum Passing Score of 66%
Certifications must be renewed every 4 years. Click here for details.
NOTE: GIAC exams are NOT given the day after the conference ends.
GIAC certification attempts purchased without SANS training will be activated in your SANS/GIAC account within 24 business hours of purchase. GIAC certification attempts purchased with SANS training will be activated in your SANS/GIAC account 7 days after the end of the conference. In both cases, you will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt. GIAC exams must be proctored through Pearson VUE. Please click the following link for instructions on How to Schedule Your GIAC Proctored Exam. GIAC exams are delivered online through a standard web browser.
- Certified Professionals (GMOB)
- Exam Feedback Procedure
- Grievance Procedure
- Proctored exam procedure
- SANS Information Security Reading Room
Bulletin (Part 2 of Candidate Handbook)
Exam Certification Objectives & Outcome Statements
The topic areas for each exam part follow:
- Android Essentials and Device Management
- The candidate will demonstrate familiarity with Android configuration and security models and how they affect security posture.
- Application Network Activity Analysis
- The candidate will demonstrate the ability to capture and interpret network traffic for the purposes of assessing the security of mobile device applications.
- Blackberry Essentials and Device Management
- The candidate will demonstrate familiarity with Blackberry phone configuration and security models and how they affect security posture.
- iOS Essentials and Device Management
- The candidate will demonstrate familiarity with iOS configuration and security models and how they affect security posture.
- Mobile and Wireless Infrastructure Attacks
- The candidate will demonstrate the ability to recognize and leverage architectural opportunities on mobile devices and the associated infrastructure to improve security of mobile devices.
- Mobile Device Penetration Testing
- The candidate will demonstrate the ability to implement a regular penetration testing program to evaluate a mobile device deployment, to identify vulnerabilities, and to accurately evaluate the threat of vulnerabilities to an organization.
- Mobile Web Application Attacks
- The candidate will demonstrate understanding of common mobile web application attacks such as XSS, client-side injection, SQL injection, and parameter tampering.
- Operational Security for Mobile Devices
- The candidate will be able to demonstrate how to implement and test secure mobile device configurations, protect mobile device data, and mitigate against malware targeted to mobile devices.
- Securing Mobile Devices in the Enterprise
- The candidate will be able to design a mobile device policy that recognizes and mitigates against threats posed to mobile devices and their supporting infrastructures, and to validate the acceptable use of mobile devices.
- Static Application Analysis
- The candidate will demonstrate the understanding of techniques to evaluate mobile application binaries and permissions in order to detect potentially harmful behavior.
- Traffic Manipulation Attacks
- The candidate will demonstrate an understanding of typical wireless traffic attacks such as sidejacking, traffic manipulation and SSL/TLS attacks.
- Unlocking Mobile Devices
- The candidate will demonstrate understanding of the concept and processes behind rooting, jailbreaking, and unlocking mobile devices and the security ramifications.
- Windows Phone Essentials and Device Management
- The candidate will demonstrate familiarity with Windows Phone configuration and security models and how they affect security posture.
Where to Get Help
Training is available from a variety of resources including on line, course attendance at a live conference, and self study.
Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.
Finally, college level courses or study through another program may meet the needs for mastery.
The procedure to contest exam results can be found at http://www.giac.org/about/procedures/grievance.