• Online, Self-Paced
Course Description

Once you have identified threats to mobile security, the next step in creating the fully mobile-aware enterprise is to look at mitigation strategies. In this course, you will learn about threat mitigation in a small, unmanaged environment; in a semi-managed environment using Exchange ActiveSync; and in a fully managed environment using a mobile device management (MDM) solution. You will also learn about mitigation from a Bring Your Own Device (BYOD) and a company-owned device (COD) perspective.

Learning Objectives

Mitigation Strategies

  • start the course
  • describe the requirements for establishing a mobile enterprise
  • describe mobile device ownership models and how they relate to a coherent mobile threat mitigation strategy
  • describe mitigation strategies for unmanaged devices in a small organization
  • describe mitigation strategies for unmanaged company-owned devices
  • describe appropriate user policies for risk mitigation with unmanaged devices

 

Unmanaged Device Configuration

  • configure security settings on unmanaged Android devices
  • configure security settings on unmanaged iPhone and iPad iOS devices
  • configure security settings on unmanaged Windows Phone devices
  • describe requirements for secure cloud storage
  • use Boxcryptor to encrypt and secure cloud data

 

Semi-managed Device Configuration

  • describe Microsoft Exchange ActiveSync functionality for managing mobile devices
  • configure Office 365 Exchange ActiveSync to manage mobile devices

 

Implementing Transport Layer Security

  • describe challenges with transport layer security, and how they can be solved with short-lived session keys and perfect forward secrecy
  • configure perfect forward secrecy in Internet Information Services
  • describe virtual private networks for securing network connections
  • connect a mobile device to a VPN server

 

Containers and Wrappers

  • describe BYOD containers for segregating data on BYOD devices
  • describe usage scenarios for BYOD containers
  • configure BYOD containers using Good Work
  • describe security functionality offered by app wrapper technologies for mobile devices
  • describe methods to mitigate malicious functionality in mobile apps
  • describe methods to mitigate code vulnerabilities in mobile apps

 

Rights Management

  • describe Microsoft Azure Rights Management cloud-based rights management system
  • configure Microsoft Azure Rights Management System to protect confidential documents

 

Practice: Threat Mitigation

  • describe mitigation strategies for BYOD and COD devices in the enterprise

 

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.