Career Insider Comprehensive Aptitude Test 0002

Resource 1


CityStay, the city short-stay accommodation app founded in 2014, has just raised a further £12 million, bringing total investment in the company to £38 million and giving it a valuation that is likely to be in excess of £100 million.

CityStay said it would use the funding to refine the app, help it expand into more cities, build out its team, grow its network of partner companies and continue its strong investment in data security.

Founded by New Yorker Mike Linden, CityStar began as an app exclusively for visitors to New York. The app has since expanded to cover more than 20 other U.S. cities —— including Boston, Washington D. C., Miami, New Orleans, Houston, Los Angeles and San Francisco – and has begun its expansion into other international tourist destinations.

So far, these have been limited to major global hubs, such as London, Paris, Tokyo, Beijing, Hong Kong, Singapore, and Sydney. The next set of challenges they will face involve the massive emerging market cities where infrastructure is limited, data is sparse and even consumer approach to smartphone and app use is different.

CityStar’s algorithm pulls in vast amounts of data to present users with a range of short-stay accommodation options, including hotels, holiday rentals,Airbnb properties, and hostels. The results are presented through an easy-to-navigate app that also displays information such as the date and location alternatives, useful nearby information (such as proximity to transport options, restaurants and leisure facilities), ratings and prices.

The CityStar app has been embraced for its clean user-interface, the amount and flexibility of the information that can be presented to inform choices, and the app often features towards the top of the accommodation-app download charts for both iOS and Android.

Unlike some of its competitors, many of whom have experienced significant security breaches in the past year. CityStar prides itself on guaranteeing consumer confidence in its data security processes and features through continuous and dynamic risk assessment and static and dynamic source code analysis at every stage of the development process to ensure code security.

Principal Capital, one of CityStar’s major investors commented, “CityStar is an exceptional company with phenomenal potential. We are proud to have led the previous round of investment and are impressed with the progress the business has already made. We are therefore excited to be continuing to play an instrumental role in supporting the company‘s future development.”


Resource 2

Mobile App Survey Results


Most Popular Twitter Posts

  1. No options for Social Media sign-in is so off-potting!
  2. It’s so important to build content and capability for when the connection is slow!
  3. Security information needs to be available (and accessible!) to evaluate apps
  4. Please, please keep features consistent if converting a traditional browser-based system into an app


Resource 3


Mobile application security has gone from being ‘nice-to-have’ to a ‘must-have’. The proliferation of mobile phone usage has led to an equally stark increase in the number of mobile apps being used, and with that, a spike in mobile app hacking and malware, with data suggesting 2016 has the highest figures recorded.

In a well-publicised, recent security breach, the personal details of thousands of UK property-owners were revealed following an app update to the popular property-rental app, Homesearch. When users logged in to the updated app, data fields showing property owners’ names, occupations and full contact details were shown alongside properties, leading to fears that these could be exploited. Although the issue was swiftly resolved, the impact is yet unknown, with property owners across the whole of the UK affected.

Concerningly, a study of 400 businesses by the Smithson Institute, in 2015, found that the average company tested less than half of the mobile apps it builds, and 25% of companies never tested their apps for security before they go to market. However, very recent data suggests this may be changing.

Here are the three most critical mobile application security vulnerabilities, and what can be done to make them secure:

  1. The codeMobile malware usually works by exploiting vulnerabilities or bugs in the code. Since mobile app developers cannot control app deployment to a specific device, they must take steps during the app development process to prevent infiltrators from modifying the app code or decrypting the network logic.

Securing a mobile app’s code means performing security testing at all stages of the software development lifecycle, instead of just at the Quality Assurance stage just before production. As such, everyone involved on web application development should be provided with basic security training.

  1. The dataWhen people use smartphones for work, they could be inadvertently risking the exposure of company data to cyber-attackers. This can happen if the phone is lost of if the user shares company data with non-enterprise applications.

Common sources of data leakage include cookies, caching buffering through copypaste data, and data logging. Ideally, apps would be designed to prevent the shortage of critical information directly on a device; using data encryption is another key method to secure this information.

  1. The deviceA mobile app is only as secure as the smartphone it is stored on. A phone that has been ‘rooted’ or ‘jailbroken’ is one whose software restrictions have been removed, making it more susceptible to malware.

By making apps ‘risk-aware’, organisations can restrict certain functionalities, remove sensitive data, and prevent access to enterprise resources. Risk-based authentication can also be used to prevent access to devices that are not presenting the proper security profile.

Resource 4

Average size and cost of large-scale UK data breaches (2012-2016)


Resource 5


Question 1

Using all of the information given, and assuming the root cause of data breaches are similar across apps and other sources, which of the following potential solutions to mobile application security vulnerabilities would be best to priorities. In order to try to reduce the cost of data breaches? (see another document)

  1. Thorough security testing during the software development lifecycle
  2. Training employees with data management responsibilities about best data management practice
  3. Recommendations to use different mobile handsets for work and personal use
  4. Regular monitoring to identify system glitches
  5. Implementation of restrictions on work smartphones to minimise sharing of data to non-enterprise application

Question 2

What is the main objective of the article titled “Here to stay”?

  1. To remain app designers of the features that make mobile apps popular with end-users.
  2. To update readers about the latest funding of CityStay by Principal Capital.
  3. To highlight the importance of security in mobile app design.
  4. To give readers a summary of recent developments regarding CityStay, sharing background information about the company.
  5. To share information about CityStay’s key priorities for the immediate future.

Question 3

Considering all of the information presented, please evaluate the following statement: In the last year, mobile apps are typically featuring increased levels of security measures.

  1. Definitely false
  2. Probably false
  3. Probably true
  4. Definitely true
  5. Insufficient information presented

Question 4

By dragging and dropping, please RANK ORDER the option below, with 1 being the most requested, and 5 being the least requested. Please note, there are multiple sources of information, which you can scroll through. Click on the images to enlarge them.

  1. The desire for transparency around app security
  2. Request to keep app design consistent with the browser-based version
  3. Inclusion of a feedback system to report bugs and make suggestions
  4. Interest in being able to use a social media login
  5. Request for offline app capabilities

Question 5

What percentage of non-enterprise users rated customizable experience as ‘Important’ or ‘Very Important?

  1. 3%
  2. 45%
  3. 52%
  4. 32%
  5. 7%

Question 6

Which survey result shows the biggest difference between the percentage of combined ‘Important’ ‘Very Important’ ratings given overall, versus for business users?

  1. Comprehensive security
  2. Customisable experience
  3. Incorporating gasification
  4. Intuitive navigation and good usability
  5. Cannot say

Question 7

Between which years was the percentage year-on-year increase the greatest in average per capita costs of large-scale breaches?

  1. Between 2012 - 2013
  2. Between 2013 - 2014
  3. Between 2014 - 2015
  4. Between 2015 - 2016
  5. Cannot say

Question 8

What percentage of the tweets relating to the Mobile App survey concerning security?

  1. 2%
  2. 1%
  3. 8%
  4. 8%
  5. Cannot say


Test Solutions

Question 1:

Suggested solution: A

Question 2:

Suggested solution: D

Question 3:

Suggested solution: C

Question 4:

Suggested solution: A, E, B, D, C

Question 5:

Suggested solution: A

Question 6:

Suggested solution: C

Question 7:

Suggested solution: A

Question 8:

Suggested solution: E