Skip to main content

GIAC Mobile Device Security Analyst (GMOB)

Practitioner Certification
GIAC Mobile Device Security Analyst (GMOB)
Register nowRenew
dod_8140
Jump to:

Convey your fluency in mobile device security and your capability to investigate and protect critical devices.

The GIAC Mobile Device Security Analyst (GMOB) certification validates a practitioner’s ability to assess and manage mobile device and application security, and to mitigate against malware and stolen devices. GMOB certification holders are the professionals charged with protecting systems and networks, who know how to properly secure mobile devices and the vital information they access.

Areas Covered

  • Managing Android and iOS devices and applications; Jailbreaking and rooting mobile devices
  • Mitigating against mobile malware and stolen mobile devices
  • Analyzing and reverse engineering applications; Manipulating application behavior
  • Assessing application security; Manipulating network traffic; Intercepting encrypted network traffic

Who is GMOB for?

  • Security personnel who are responsible for assessing, deploying, or securing mobile phones and tablets
  • Penetration testers
  • Ethical hackers
  • Auditors who need to build deeper technical skills
  • Network and system administrators

Exam Format

  • 1 proctored exam
  • 2 hours
  • Minimum passing score of 71%
  • 75 questions

Note: GIAC periodically reviews and may update certification specifications to ensure fairness, validity, and reliability. Using a psychometric standard-setting study, GIAC has set the passing score for the GMOB exam at 71% for all candidates who receive the exam version released on or after  December 24th, 2016.

To confirm the exam format and passing score that apply to your specific attempt, please refer to the Certification Information section of your GIAC account: https://exams.giac.org/pages/attempts.

Certification Delivery

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

Woman Staring at Tablet

Exam Certification Objectives & Outcome Statements

  • Analyzing Mobile ApplicationsThe candidate will demonstrate the understanding of techniques to evaluate mobile application binaries and permissions in order to detect potentially harmful behavior.
  • Attacking Encrypted TrafficThe candidate will demonstrate an understanding of tools and techniques that can exploit SSL/TLS channels and render encryption ineffective during mobile device penetration testing.
  • Managing Android Devices and ApplicationsThe candidate will demonstrate familiarity with Android configuration, data structure, applications, and security models and how they affect security posture.
  • Managing iOS Devices and ApplicationsThe candidate will demonstrate familiarity with iOS configuration, data structure, applications, and security models and how they affect security posture.
  • Manipulating Mobile Application BehaviorThe candidate will demonstrate the understanding of security evasion techniques to test the security of mobile applications in order to detect potentially harmful behavior.
  • Manipulating Network TrafficThe candidate will demonstrate an understanding of typical techniques a penetration tester can use to manipulate how a mobile device interacts with networks and services to capture and manipulate network traffic.
  • Mitigating Against Mobile MalwareThe candidate will be able to demonstrate how to protect mobile device data, and mitigate against malware targeted to mobile devices.
  • Mitigating Against Stolen Mobile DevicesThe candidate will be able to demonstrate how to mitigate against the threat of data loss from stolen mobile devices.
  • Mobile Application Security AssessmentsThe candidate will demonstrate familiarity with using the Mobile Application Security Verification Standard to audit the security of mobile applications.
  • Reverse Engineering Mobile ApplicationsThe candidate will demonstrate an understanding of the core concepts associated with reverse-engineering applications on the most commonly used mobile device operating systems.
  • Unlocking and Rooting Mobile DevicesThe candidate will demonstrate understanding of the concept and processes behind rooting, jailbreaking, and unlocking mobile devices and the security ramifications.

Practice Tests

  • Practice exams are a simulation of the real exam, allowing you to become familiar with the test engine and style of questions
  • Practice exams can serve as a gauge to determine if your preparation methods are sufficient
  • The bank of practice questions is limited, so you may encounter the same question on multiple practice tests
  • Practice exams never include actual exam questions
  • Purchase a GMOB practice test here

How To Prepare

Other Resources

  • Training is available  in a variety of modalities including live training and OnDemand
  • Practical work experience can help ensure that you have mastered the skills necessary for certification
  • College level courses or self-paced study through other programs or materials may meet the needs for mastery
  • Understand the procedure to contest exam results

Find Affiliate Training

Explore affiliate training options to prepare for your GIAC certification exam.

Find Training Now

Subscribe to GIAC’s Monthly Newsletter

Receive expert insights, priority access to certifications, essential updates on regulatory changes and industry developments.