Section C — Practical Tasks (30 marks) 14. (8 marks) Given an APK file named BlockmanAdmin.apk, list the exact command-line steps (using common tools: adb, apktool, jarsigner, keytool, openssl) you would take to: a) Verify the APK’s signature and extract the signing certificate. b) Decompile the APK to view AndroidManifest.xml. Provide commands and brief expected outputs for each step. 15. (8 marks) You discover the admin APK requests SMS and Contacts permissions. Design a short incident response checklist (five steps) to evaluate and mitigate potential privacy/security issues on devices with the APK installed. 16. (8 marks) Create a sample access-control matrix for admin roles: SuperAdmin, Moderator, ContentUploader, SupportAgent. Include permissions for: ManageUsers, BanUsers, UploadContent, ChangeServerSettings, ViewAnalytics, DeleteContent. (Represent as a 4x6 table.) 17. (6 marks) Propose three practical hardening measures for an admin APK before distribution (e.g., remove debug logs, enforce TLS pinning, restrict functionality by build config). For each, explain how to test that the measure is effective.
Duration: 90 minutes Total marks: 100
As a candidate, you want to prepare for the FEAST tests as much as possible. To help you prepare, EUROCONTROL has developed a training platform for applicants. The training platform is free of charge and can be found at https://feast-training.eurocontrol.int/.
The EUROCONTROL Aviation Learning Centre (ALC) is EUROCONTROL’s training centre, located in Luxembourg. It is recognised as a centre of excellence for providing advanced air traffic management (ATM) training, comprising both classroom and e-learning courses, as well as training standards, tools and programmes.
Our training portfolio includes classroom and e-learning training courses aimed at different levels ranging from beginners in ATM to experienced ATM experts. Visit the EUROCONTROL Learning Zone. Our online catalogue of courses allows quick and easy access to all the information you require to help you identify your learning needs.
Section C — Practical Tasks (30 marks) 14. (8 marks) Given an APK file named BlockmanAdmin.apk, list the exact command-line steps (using common tools: adb, apktool, jarsigner, keytool, openssl) you would take to: a) Verify the APK’s signature and extract the signing certificate. b) Decompile the APK to view AndroidManifest.xml. Provide commands and brief expected outputs for each step. 15. (8 marks) You discover the admin APK requests SMS and Contacts permissions. Design a short incident response checklist (five steps) to evaluate and mitigate potential privacy/security issues on devices with the APK installed. 16. (8 marks) Create a sample access-control matrix for admin roles: SuperAdmin, Moderator, ContentUploader, SupportAgent. Include permissions for: ManageUsers, BanUsers, UploadContent, ChangeServerSettings, ViewAnalytics, DeleteContent. (Represent as a 4x6 table.) 17. (6 marks) Propose three practical hardening measures for an admin APK before distribution (e.g., remove debug logs, enforce TLS pinning, restrict functionality by build config). For each, explain how to test that the measure is effective.
Duration: 90 minutes Total marks: 100