13. Mobile and wireless security Flashcards
What are the objectives covered in Chapter 13?
Domain 2.0: Threats, Vulnerabilities, and Mitigations; Domain 3.0: Security Architecture; Domain 4.0: Security Operations
Includes specific objectives like explaining vulnerabilities and comparing security strategies.
What types of vulnerabilities are discussed in this chapter?
Mobile device vulnerabilities: Side loading, Jailbreaking
These vulnerabilities can compromise the security of mobile devices.
What are some general data considerations mentioned?
Geolocation
Geolocation can impact data security and privacy.
What does hardening targets involve?
Hardening targets: Mobile devices, Workstations, Switches, Routers, Cloud infrastructure, Servers, ICS/SCADA, Embedded systems, RTOS, IoT devices
Hardening is essential for protecting various types of computing resources.
What are the key mobile solutions discussed?
Mobile device management (MDM); Deployment models: Bring your own device (BYOD), Corporate-owned, personally enabled (COPE), Choose your own device (CYOD); Connection methods: Cellular, Wi-Fi, Bluetooth
These solutions help manage and secure mobile devices in organizations.
What wireless security settings are mentioned?
Wi-Fi Protected Access 3 (WPA3); AAA/Remote Authentication Dial-in User Service (RADIUS); Cryptographic protocols; Authentication protocols
These settings are critical for securing wireless networks.
True or False: Wireless networks have the same security challenges as wired networks.
False
Wireless networks broadcast signals and can be accessed from outside organizational spaces.
What are some common wireless connectivity options?
Bluetooth; Cellular; Wi-Fi
Understanding these options is essential for wireless network design.
What is the importance of wireless authentication?
Ensures secure access to wireless networks
EAP (Extensible Authentication Protocol) is commonly used for this purpose.
What are the mobile device deployment models?
Bring your own device (BYOD); Choose your own device (CYOD); Corporate-owned, personally enabled (COPE)
These models influence how organizations provide devices to users.
What is the role of mobile device management (MDM)?
To manage and secure mobile devices throughout their life cycles
MDM tools help ensure devices are secure from issuance to retirement.
Fill in the blank: The traffic on most cellular and point-to-point commercial wireless networks may need to be treated as if it is traversing a _______.
potentially hostile network path
This is due to the lack of customer control over these networks.
What are some best practices for wireless network design?
Site surveys; Heat maps
These practices help optimize wireless network performance and security.
What are the three key wireless connectivity options that organizations may deploy?
Wi-Fi, cellular, and Bluetooth
These technologies are essential for connecting devices and systems.
Why is it important to understand common attacks against wireless networks?
It helps security professionals design a secure wireless network
Understanding potential attacks informs better security measures.
What role do site surveys play in network design?
They help understand the environment where the network will be deployed
Site surveys can include heatmaps to visualize signal propagation.
What do heatmaps in the context of network design show?
Signal propagation
Heatmaps assist in determining optimal device placement.
What are some concerns when protecting controllers and access points?
Patching, maintenance, and secure remote access
Protecting these components is crucial for overall network security.
What does WPA3 provide in terms of authentication?
Simultaneous authentication of equals (SAE) and enterprise models
Enterprise models connect to RADIUS servers for organizational credentials.
What are EAP and its variants used for?
Authentication protocols
They allow choices based on hardware support and specific authentication needs.
What are the two main deployment models for mobile devices?
BYOD processes and corporate-owned models
BYOD allows users to bring their own devices, while corporate models deploy locked-down devices.
What is the purpose of mobile device management tools?
To manage and secure mobile devices
MDM tools provide a range of features necessary for security professionals.
What does BYOD stand for?
Bring Your Own Device
What are the advantages of BYOD?
- More user freedom
- Lower cost to the organization
What is a disadvantage of BYOD?
Greater risk since the organization does not control, secure, or manage the device
What does CYOD stand for?
Choose Your Own Device
In a CYOD model, who owns the device?
The organization
What is the main advantage of the COPE model?
Allows reasonable personal use while meeting enterprise security and control needs
What does COBO stand for?
Company-Owned Business Only
What is the key feature of COBO devices?
Used only for business work with no personal use
What is Virtual Desktop Infrastructure (VDI)?
A technology that allows low-security devices to access a secured, managed environment
What is mobile device hardening?
The process of securing mobile devices to resist threats
Name two benchmarks available for mobile device hardening.
- iOS benchmark
- Android benchmark
What is a key practice in hardening mobile devices?
Updating and patching the OS
What is the function of remote wipe capability?
Used to erase data on a device when lost or stolen
True or False: Remote wipe can only wipe organizational data and applications.
False
What does MDM stand for?
Mobile Device Management
What is the main purpose of MDM tools?
To manage mobile devices and ensure data security
What does UEM stand for?
Unified Endpoint Management
What is the difference between MDM and UEM?
MDM focuses on mobile devices, while UEM integrates management of various devices including desktops and laptops
What are application management features in MDM?
- Deploying specific applications
- Limiting application installations
- Monitoring application usage
What is content management in the context of mobile devices?
Ensures secure access and control of organizational files on mobile devices
What is geolocation used for in mobile device management?
To make decisions about device operation based on its location
What is the purpose of screen locks, passwords, and PINs?
To prevent unauthorized access to mobile devices
What are biometrics in mobile devices?
Authentication methods like fingerprints and facial recognition
What is context-aware authentication?
Authentication that considers user behavior and context, such as location and usage patterns
What does containerization do for mobile devices?
Separates work and personal-use contexts to reduce risk of data exposure
What is full-device encryption (FDE)?
A security measure to protect data on lost or stolen devices
What is the benefit of push notifications in MDM?
To alert users or communicate important messages from a central location
What is the role of storage segmentation?
To keep personal and business data separate on mobile devices
What is the impact of rooting or jailbreaking a device?
Allows users to bypass security controls and install unauthorized software
What are some controls organizations may implement for wireless connectivity?
- Limiting Wi-Fi network connections
- Preventing ad hoc networks
- Disabling tethering
What are some features MDM tools may include?
- Per-application VPN
- Onboarding tools for BYOD
- Advanced threat detection
What is a challenge of managing mobile devices?
Variability between hardware manufacturers and operating system limitations
Fill in the blank: The _______ model provides the greatest control but the least flexibility.
Fully corporate-owned
What is one of the key best practices recommended by the NSA for mobile device security?
Implementing strong authentication measures
What are the types of wireless networks commonly found in organizations?
Wi-Fi, Bluetooth, cellular, Zigbee
These networks differ in functionality and security challenges.
What is the primary function of cellular networks?
Provide connectivity for mobile devices by dividing areas into ‘cells’ with tower coverage
Modern cellular networks use technologies like LTE and 5G.
What are the key differences between 4G and 5G networks?
4G requires fewer antennas; 5G requires greater antenna density and provides greater bandwidth and throughput
5G networks also necessitate careful antenna placement in building designs.
How is cellular connectivity typically provided?
By a cellular carrier rather than the organization itself
This means cellular networks are managed outside the organization’s control.
What does Wi-Fi primarily rely on for wireless networking?
2.4 GHz and 5 GHz radio bands
Wi-Fi signals can be blocked by obstacles like walls or trees.
List the current and historical Wi-Fi standards mentioned.
- 802.11b
- 802.11a
- 802.11g
- 802.11n
- 802.11ac
- 802.11ax
- 802.11be
Each has its own maximum speed and frequency.
What are the maximum speeds of 802.11ax and 802.11be?
802.11ax: 9.6 Gbit/s; 802.11be: 40+ Gbit/s
802.11be also supports multiple frequency bands.
What security features do WPA2 and WPA3 provide?
- Encryption options
- Protection for network frames
- Authentication options
These features help secure Wi-Fi networks.
What is the typical range for Bluetooth connections?
Less than 100 meters, typically 5–30 meters
Bluetooth is designed for low-power, short-range connections.
What are the four security modes of Bluetooth?
- Security Mode 1: No security
- Security Mode 2: Service-level enforced security
- Security Mode 3: Link-level enforced security
- Security Mode 4: Standard pairing with Security Simple Pairing
These modes determine the security level of Bluetooth connections.
What types of RFID tags exist?
- Active tags
- Semi-active tags
- Passive tags
Each type has different power sources and functionalities.
What are the frequency ranges used by RFID tags?
- Low-frequency
- High-frequency
- Ultra-high-frequency
Different ranges cater to various applications and distances.
What is the primary function of GPS technology?
To provide positioning and navigation using a constellation of satellites
GPS can position devices within a foot of their actual location.
True or False: GPS signals can be jammed or spoofed.
True
GPS jamming is illegal in the United States.
What is NFC primarily used for?
Very short-range communication between devices
Commonly used in payment systems like Apple Pay and Google Pay.
What are the characteristics of infrared (IR) networking?
Works in line of sight; supports low to gigabit speeds
IR networks are less common today, having been largely replaced by Bluetooth and Wi-Fi.
What are the four major wireless connection models?
- Point-to-point
- Point-to-multipoint
- Mesh
- Broadcast
Each model describes different ways devices can connect and communicate.
What is an ‘evil twin’ in wireless network security?
A malicious access point that appears to be a legitimate network
Attackers use it to capture sensitive data from connected clients.
What is a rogue access point?
An access point added to a network without authorization
It can provide attackers with a point of entry into the network.
What are rogue access points?
APs added to your network either intentionally or unintentionally
They can offer a point of entry to attackers or unwanted users.
What is the purpose of wireless intrusion detection systems?
To continuously scan for unknown access points and determine if they are connected to your network
This involves combining wireless network testing with wired network logs and traffic information.
Define bluejacking.
Sending unsolicited messages to Bluetooth-enabled devices
What is bluesnarfing?
Unauthorized access to a Bluetooth device to gather information
What is a Bluetooth impersonation attack (BIA)?
Exploits weaknesses in Bluetooth specification, lacking mutual authentication
They have not yet been seen in the wild but pose a potential threat.
True or False: The security model for Bluetooth has significantly improved over the years.
False
What is disassociation in the context of wireless networks?
When a device disconnects from an access point
How do attackers typically force a device to disassociate?
By sending a deauthentication frame to the access point
What is the difference between Wi-Fi jammers and deauthers?
Deauthers send deauthentication frames; jammers send powerful traffic to drown out signals
What is sideloading?
Transferring files to a mobile device to install applications outside of the official app store
What does jailbreaking allow a user to do?
Gain more access to a mobile device than is typically allowed
What is the purpose of conducting a site survey?
To determine existing networks and physical structure for access point placement
Fill in the blank: In the 2.4 GHz band, channels 1, 6, and 11 are used to avoid _______.
Overlap and interference
What is the function of Wi-Fi analyzer software?
To gather data for surveying and planning networks, creating heatmaps, and identifying channels
What is WPA2?
Wi-Fi Protected Access 2, a widely used security standard for wireless networks
List the two major usage modes of WPA2.
- WPA2-Personal
- WPA2-Enterprise
What encryption does CCMP use in WPA2?
Advanced Encryption Standard (AES)
What is WPA3?
The replacement for WPA2, required to be supported in all Wi-Fi devices since mid-2020
What feature does WPA3-Personal implement to enhance password-based authentication?
Simultaneous Authentication of Equals (SAE)
Define perfect forward secrecy.
A process that changes encryption keys regularly to protect communication
What is the main advantage of WPA3-Enterprise over WPA2?
Stronger encryption with an optional 192-bit security mode
What is an open network?
A network that does not require authentication and often uses a captive portal
Describe preshared keys (PSKs) in network authentication.
Require a shared passphrase for encryption but do not uniquely identify users
What does enterprise authentication rely on?
A RADIUS server and utilizes 802.1X for authentication
What is a captive portal?
A captive portal redirects traffic to a website or registration page before allowing access to the network
Captive portals often require users to provide information to gain access to open networks
What is the risk associated with open networks?
Open networks do not provide encryption, leaving user data at risk unless traffic is sent via secure protocols like HTTPS
This means that sensitive information can be intercepted by malicious actors
What does preshared keys (PSKs) require?
A passphrase or key that is shared with anyone who wants to use the network
This allows traffic to be encrypted but does not uniquely identify users
What is enterprise authentication reliant on?
A RADIUS server and utilizes an Extensible Authentication Protocol (EAP) for authentication
What is 802.1X?
An IEEE standard for access control used for both wired and wireless devices
In wireless networks, it integrates with RADIUS servers for user authentication
What actions can be taken based on user information after authentication?
Users can be placed in groups or network zones or have other actions taken based on attributes
What is the role of EAP in wireless networks?
EAP is used by 802.1X as part of the authentication process when devices authenticate to a RADIUS server
Name a common EAP variant.
Protected EAP (PEAP)
Other variants include EAP-FAST, EAP-TLS, and EAP-TTLS
How does Protected EAP (PEAP) enhance security?
Authenticates servers using a certificate and wraps EAP in a TLS tunnel for security
What is the focus of EAP-FAST?
Providing faster reauthentication while devices are roaming
It improves on vulnerabilities in the Lightweight Extensible Authentication Protocol (LEAP)
What does EAP-TLS implement?
Certificate-based authentication and mutual authentication of the device and network
Fill in the blank: EAP-TTLS extends EAP-TLS and does not require client devices to have a _______.
certificate
What is a concern for EAP-TTLS deployments?
It may require additional software to be installed on some devices
This can be a barrier compared to PEAP, which does not have this requirement
What is RADIUS?
Remote Authentication Dial-in User Service
It is used for authenticating individuals to remote networks using their home organization’s accounts
What is the purpose of federating RADIUS servers?
To allow individuals from other organizations to authenticate to remote networks using their home organization’s credentials
What is eduroam?
A federated authentication service for wireless that allows users from any participating institution to authenticate and use networks
It is widely used in higher education
What does the Security+ exam outline focus on?
WPA3, RADIUS, cryptographic protocols, and authentication protocols
It does not go into specifics about cryptographic protocols and authentication protocols
What should you consider while preparing for the Security+ exam regarding WPA3?
The new security features of WPA3 and its improvements over WPA2
What are the types of wireless networks commonly found in organizations?
Wi-Fi, Bluetooth, cellular, Zigbee
These networks differ in functionality and security challenges.
What is the primary function of cellular networks?
Provide connectivity for mobile devices by dividing areas into ‘cells’ with tower coverage
Modern cellular networks use technologies like LTE and 5G.
What are the key differences between 4G and 5G networks?
4G requires fewer antennas; 5G requires greater antenna density and provides greater bandwidth and throughput
5G networks also necessitate careful antenna placement in building designs.
How is cellular connectivity typically provided?
By a cellular carrier rather than the organization itself
This means cellular networks are managed outside the organization’s control.
What does Wi-Fi primarily rely on for wireless networking?
2.4 GHz and 5 GHz radio bands
Wi-Fi signals can be blocked by obstacles like walls or trees.
List the current and historical Wi-Fi standards mentioned.
- 802.11b
- 802.11a
- 802.11g
- 802.11n
- 802.11ac
- 802.11ax
- 802.11be
Each has its own maximum speed and frequency.
What are the maximum speeds of 802.11ax and 802.11be?
802.11ax: 9.6 Gbit/s; 802.11be: 40+ Gbit/s
802.11be also supports multiple frequency bands.
What security features do WPA2 and WPA3 provide?
- Encryption options
- Protection for network frames
- Authentication options
These features help secure Wi-Fi networks.
What is the typical range for Bluetooth connections?
Less than 100 meters, typically 5–30 meters
Bluetooth is designed for low-power, short-range connections.
What are the four security modes of Bluetooth?
- Security Mode 1: No security
- Security Mode 2: Service-level enforced security
- Security Mode 3: Link-level enforced security
- Security Mode 4: Standard pairing with Security Simple Pairing
These modes determine the security level of Bluetooth connections.
What types of RFID tags exist?
- Active tags
- Semi-active tags
- Passive tags
Each type has different power sources and functionalities.
What are the frequency ranges used by RFID tags?
- Low-frequency
- High-frequency
- Ultra-high-frequency
Different ranges cater to various applications and distances.
What is the primary function of GPS technology?
To provide positioning and navigation using a constellation of satellites
GPS can position devices within a foot of their actual location.
True or False: GPS signals can be jammed or spoofed.
True
GPS jamming is illegal in the United States.
What is NFC primarily used for?
Very short-range communication between devices
Commonly used in payment systems like Apple Pay and Google Pay.
What are the characteristics of infrared (IR) networking?
Works in line of sight; supports low to gigabit speeds
IR networks are less common today, having been largely replaced by Bluetooth and Wi-Fi.
What are the four major wireless connection models?
- Point-to-point
- Point-to-multipoint
- Mesh
- Broadcast
Each model describes different ways devices can connect and communicate.
What is an ‘evil twin’ in wireless network security?
A malicious access point that appears to be a legitimate network
Attackers use it to capture sensitive data from connected clients.
What is a rogue access point?
An access point added to a network without authorization
It can provide attackers with a point of entry into the network.
What are rogue access points?
APs added to your network either intentionally or unintentionally
They can offer a point of entry to attackers or unwanted users.
What is the purpose of wireless intrusion detection systems?
To continuously scan for unknown access points and determine if they are connected to your network
This involves combining wireless network testing with wired network logs and traffic information.
Define bluejacking.
Sending unsolicited messages to Bluetooth-enabled devices
What is bluesnarfing?
Unauthorized access to a Bluetooth device to gather information
What is a Bluetooth impersonation attack (BIA)?
Exploits weaknesses in Bluetooth specification, lacking mutual authentication
They have not yet been seen in the wild but pose a potential threat.
True or False: The security model for Bluetooth has significantly improved over the years.
False
What is disassociation in the context of wireless networks?
When a device disconnects from an access point
How do attackers typically force a device to disassociate?
By sending a deauthentication frame to the access point
What is the difference between Wi-Fi jammers and deauthers?
Deauthers send deauthentication frames; jammers send powerful traffic to drown out signals
What is sideloading?
Transferring files to a mobile device to install applications outside of the official app store
What does jailbreaking allow a user to do?
Gain more access to a mobile device than is typically allowed
What is the purpose of conducting a site survey?
To determine existing networks and physical structure for access point placement
Fill in the blank: In the 2.4 GHz band, channels 1, 6, and 11 are used to avoid _______.
Overlap and interference
What is the function of Wi-Fi analyzer software?
To gather data for surveying and planning networks, creating heatmaps, and identifying channels
What is WPA2?
Wi-Fi Protected Access 2, a widely used security standard for wireless networks
List the two major usage modes of WPA2.
- WPA2-Personal
- WPA2-Enterprise
What encryption does CCMP use in WPA2?
Advanced Encryption Standard (AES)
What is WPA3?
The replacement for WPA2, required to be supported in all Wi-Fi devices since mid-2020
What feature does WPA3-Personal implement to enhance password-based authentication?
Simultaneous Authentication of Equals (SAE)
Define perfect forward secrecy.
A process that changes encryption keys regularly to protect communication
What is the main advantage of WPA3-Enterprise over WPA2?
Stronger encryption with an optional 192-bit security mode
What is an open network?
A network that does not require authentication and often uses a captive portal
Describe preshared keys (PSKs) in network authentication.
Require a shared passphrase for encryption but do not uniquely identify users
What does enterprise authentication rely on?
A RADIUS server and utilizes 802.1X for authentication
What is a captive portal?
A captive portal redirects traffic to a website or registration page before allowing access to the network
Captive portals often require users to provide information to gain access to open networks
What is the risk associated with open networks?
Open networks do not provide encryption, leaving user data at risk unless traffic is sent via secure protocols like HTTPS
This means that sensitive information can be intercepted by malicious actors
What does preshared keys (PSKs) require?
A passphrase or key that is shared with anyone who wants to use the network
This allows traffic to be encrypted but does not uniquely identify users
What is enterprise authentication reliant on?
A RADIUS server and utilizes an Extensible Authentication Protocol (EAP) for authentication
What is 802.1X?
An IEEE standard for access control used for both wired and wireless devices
In wireless networks, it integrates with RADIUS servers for user authentication
What actions can be taken based on user information after authentication?
Users can be placed in groups or network zones or have other actions taken based on attributes
What is the role of EAP in wireless networks?
EAP is used by 802.1X as part of the authentication process when devices authenticate to a RADIUS server
Name a common EAP variant.
Protected EAP (PEAP)
Other variants include EAP-FAST, EAP-TLS, and EAP-TTLS
How does Protected EAP (PEAP) enhance security?
Authenticates servers using a certificate and wraps EAP in a TLS tunnel for security
What is the focus of EAP-FAST?
Providing faster reauthentication while devices are roaming
It improves on vulnerabilities in the Lightweight Extensible Authentication Protocol (LEAP)
What does EAP-TLS implement?
Certificate-based authentication and mutual authentication of the device and network
Fill in the blank: EAP-TTLS extends EAP-TLS and does not require client devices to have a _______.
certificate
What is a concern for EAP-TTLS deployments?
It may require additional software to be installed on some devices
This can be a barrier compared to PEAP, which does not have this requirement
What is RADIUS?
Remote Authentication Dial-in User Service
It is used for authenticating individuals to remote networks using their home organization’s accounts
What is the purpose of federating RADIUS servers?
To allow individuals from other organizations to authenticate to remote networks using their home organization’s credentials
What is eduroam?
A federated authentication service for wireless that allows users from any participating institution to authenticate and use networks
It is widely used in higher education
What does the Security+ exam outline focus on?
WPA3, RADIUS, cryptographic protocols, and authentication protocols
It does not go into specifics about cryptographic protocols and authentication protocols
What should you consider while preparing for the Security+ exam regarding WPA3?
The new security features of WPA3 and its improvements over WPA2
What does BYOD stand for?
Bring Your Own Device
What are the advantages of BYOD?
- More user freedom
- Lower cost to the organization
What is a disadvantage of BYOD?
Greater risk since the organization does not control, secure, or manage the device
What does CYOD stand for?
Choose Your Own Device
In a CYOD model, who owns the device?
The organization
What is the main advantage of the COPE model?
Allows reasonable personal use while meeting enterprise security and control needs
What does COBO stand for?
Company-Owned Business Only
What is the key feature of COBO devices?
Used only for business work with no personal use
What is Virtual Desktop Infrastructure (VDI)?
A technology that allows low-security devices to access a secured, managed environment
What is mobile device hardening?
The process of securing mobile devices to resist threats
Name two benchmarks available for mobile device hardening.
- iOS benchmark
- Android benchmark
What is a key practice in hardening mobile devices?
Updating and patching the OS
What is the function of remote wipe capability?
Used to erase data on a device when lost or stolen
True or False: Remote wipe can only wipe organizational data and applications.
False
What does MDM stand for?
Mobile Device Management
What is the main purpose of MDM tools?
To manage mobile devices and ensure data security
What does UEM stand for?
Unified Endpoint Management
What is the difference between MDM and UEM?
MDM focuses on mobile devices, while UEM integrates management of various devices including desktops and laptops
What are application management features in MDM?
- Deploying specific applications
- Limiting application installations
- Monitoring application usage
What is content management in the context of mobile devices?
Ensures secure access and control of organizational files on mobile devices
What is geolocation used for in mobile device management?
To make decisions about device operation based on its location
What is the purpose of screen locks, passwords, and PINs?
To prevent unauthorized access to mobile devices
What are biometrics in mobile devices?
Authentication methods like fingerprints and facial recognition
What is context-aware authentication?
Authentication that considers user behavior and context, such as location and usage patterns
What does containerization do for mobile devices?
Separates work and personal-use contexts to reduce risk of data exposure
What is full-device encryption (FDE)?
A security measure to protect data on lost or stolen devices
What is the benefit of push notifications in MDM?
To alert users or communicate important messages from a central location
What is the role of storage segmentation?
To keep personal and business data separate on mobile devices
What is the impact of rooting or jailbreaking a device?
Allows users to bypass security controls and install unauthorized software
What are some controls organizations may implement for wireless connectivity?
- Limiting Wi-Fi network connections
- Preventing ad hoc networks
- Disabling tethering
What are some features MDM tools may include?
- Per-application VPN
- Onboarding tools for BYOD
- Advanced threat detection
What is a challenge of managing mobile devices?
Variability between hardware manufacturers and operating system limitations
Fill in the blank: The _______ model provides the greatest control but the least flexibility.
Fully corporate-owned
What is one of the key best practices recommended by the NSA for mobile device security?
Implementing strong authentication measures
What are the three key wireless connectivity options that organizations may deploy?
Wi-Fi, cellular, and Bluetooth
These technologies are essential for connecting devices and systems.
Why is it important to understand common attacks against wireless networks?
It helps security professionals design a secure wireless network
Understanding potential attacks informs better security measures.
What role do site surveys play in network design?
They help understand the environment where the network will be deployed
Site surveys can include heatmaps to visualize signal propagation.
What do heatmaps in the context of network design show?
Signal propagation
Heatmaps assist in determining optimal device placement.
What are some concerns when protecting controllers and access points?
Patching, maintenance, and secure remote access
Protecting these components is crucial for overall network security.
What does WPA3 provide in terms of authentication?
Simultaneous authentication of equals (SAE) and enterprise models
Enterprise models connect to RADIUS servers for organizational credentials.
What are EAP and its variants used for?
Authentication protocols
They allow choices based on hardware support and specific authentication needs.
What are the two main deployment models for mobile devices?
BYOD processes and corporate-owned models
BYOD allows users to bring their own devices, while corporate models deploy locked-down devices.
What is the purpose of mobile device management tools?
To manage and secure mobile devices
MDM tools provide a range of features necessary for security professionals.
