

Course Information

Course Name
AND-802: Android Security Essentials

Exam code
AND-802

Duration
2 Days
Overview
This is a two-day (12 hours) professional course, which thoroughly covers the Android security model and concerns of both the developer and end-user point of view. This course is mapped for AND-802 exam.
Audience Profile
Prerequisites
It’s highly recommended that the attendees of this course know the basics of Android application development knowledge.
To acquire good knowledge of Android application development, trainees may attend the “Android Application Development” course
At Course Completion
Upon completing this course, students will be able to:
- Understand Android software architecture.
- Understand Android’s security model.
- Build Android applications with security best practices in mind.
- Build more secure and more robust applications that appeal to clients.
Course Outline
Introduction
Android Platform Architecture
Android Security Architecture
- Application Signing
- Installing Applications
Permissions
- Why Permissions?
- Enforcing Permissions
- Levels of Permissions Protection
- Application – Level Permissions
- Component – Level Permissions
- Extending Android Permissions
Lab 1: Permission
- Creating and Accessing App Permissions
- Configuring Permissions Among Different Apps
Introduction
The Manifest File
- Manifest Tag Attributes
- Application Tag Attributes
Modifying the Application Policy
- Application Running with the Same Linux ID
- Setting Application Permissions
- Permissions for External Applications
- External Storage
- Debugging Mode
Backup
Lab 2
- Creating Two Applications with the Same Linux ID
- Backing up Data on Cloud Storage
Introduction
Data Security Principles
- Confidentiality
- Integrity
- Availability
The Mobile Environment
Data States
Vulnerabilities and Attacks Against Stored Data
- Vulnerabilities of Stored Data
- Threats on Stored Data
Protection Principles
Tips for Android Coding Vulnerabilities
Lab 3
- Ensuring Data Confidentiality – Hacking Applications
- Protecting Application Data with Permissions
Introduction
Data Storage Decisions
- Privacy
- Data Storage Period
Storage Mechanisms
- SharedPreferences
- File
File Operations on an External Storage
Cache
Database
Lab 4: Data Storage Applications
- Using SharedPreferences
- File Storage Operations
- Storing Data in Cache
- SQLite Database Storage
Overview
Overview
This is a two-day (12 hours) professional course, which thoroughly covers the Android security model and concerns of both the developer and end-user point of view. This course is mapped for AND-802 exam.
Audience Profile
Audience Profile
Prerequisities
Prerequisites
It’s highly recommended that the attendees of this course know the basics of Android application development knowledge.
To acquire good knowledge of Android application development, trainees may attend the “Android Application Development” course
At Course Completion
At Course Completion
Upon completing this course, students will be able to:
- Understand Android software architecture.
- Understand Android’s security model.
- Build Android applications with security best practices in mind.
- Build more secure and more robust applications that appeal to clients.
Course Outline
Course Outline
Introduction
Android Platform Architecture
Android Security Architecture
- Application Signing
- Installing Applications
Permissions
- Why Permissions?
- Enforcing Permissions
- Levels of Permissions Protection
- Application – Level Permissions
- Component – Level Permissions
- Extending Android Permissions
Lab 1: Permission
- Creating and Accessing App Permissions
- Configuring Permissions Among Different Apps
Introduction
The Manifest File
- Manifest Tag Attributes
- Application Tag Attributes
Modifying the Application Policy
- Application Running with the Same Linux ID
- Setting Application Permissions
- Permissions for External Applications
- External Storage
- Debugging Mode
Backup
Lab 2
- Creating Two Applications with the Same Linux ID
- Backing up Data on Cloud Storage
Introduction
Data Security Principles
- Confidentiality
- Integrity
- Availability
The Mobile Environment
Data States
Vulnerabilities and Attacks Against Stored Data
- Vulnerabilities of Stored Data
- Threats on Stored Data
Protection Principles
Tips for Android Coding Vulnerabilities
Lab 3
- Ensuring Data Confidentiality – Hacking Applications
- Protecting Application Data with Permissions
Introduction
Data Storage Decisions
- Privacy
- Data Storage Period
Storage Mechanisms
- SharedPreferences
- File
File Operations on an External Storage
Cache
Database
Lab 4: Data Storage Applications
- Using SharedPreferences
- File Storage Operations
- Storing Data in Cache
- SQLite Database Storage
