Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTIA Security+ SY0-501 - Objectives > 2.5 Given a scenario, deploy mobile devices securely. > Flashcards

2.5 Given a scenario, deploy mobile devices securely. Flashcards

1
Q

Connection Methods

A

Mobile devices have become a huge concern in companies today due to the fact that they store local copies of company messages and company data. It is important to have strong policies surrounding the use of mobile devices such as smart phones and tablets and to ensure those policies are being followed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Connection Methods - Cellular

A

The most common method that mobile devices use to connect to the network or the Internet is via their cellular network. The cellular network is provided by the mobile device’s service provider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Connection Methods - WiFi

A

Mobile devices can connect to company Wi-Fi networks to gain Internet connectivity and to access network resources. The Wi-Fi network is then connected to the corporate network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Connection Methods - SATCOM

A

SATCOM is short for satellite communication and is a common connectivity method when sending or receiving small amounts of data, such as via point-of-sale systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Connection Methods - Bluetooth

A

Mobile devices can use Bluetooth to obtain a connection to a computer or device as long as the devices are in close proximity. Bluetooth uses the 2.4-GHz frequency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Connection Methods - NFC

A

Near Field Communication allows two electronic devices to exchange data when they are placed within two inches of one another. You can use this to have devices share information such as contacts or to pay for a transaction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Connection Methods - ANT

A

ANT is a wireless communication protocol that allows you to transfer data between devices. ANT uses the 2.4-GHz frequency like Bluetooth. Unlike Bluetooth, ANT does not use up as much battery life, which makes it a great fit for smart devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Connection Methods - Infrared

A

Infrared, or IR, is a wireless communication that relies on line of sight between the two devices sharing data via an infrared light.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Connection Methods - USB

A

You can connect your mobile device to the USB port of a system using a USB cable. This is common to transfer data such as videos or pictures to the computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Mobile Device Management Concepts

A

.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Mobile Device Management Concepts - Application Management

A

Implement any application controls on the device that restrict what the application can do or access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Mobile Device Management Concepts - Content Management

A

Look to content-filtering features on the device that can block certain types of content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Mobile Device Management Concepts - Remote Wipe

A

Mobile devices such as smartphones and tablets support remotely wiping the device if it is lost or stolen. Remotely wiping the device will erase all the data off it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Mobile Device Management Concepts - Geofencing

A

Geofencing is a feature that allows administrators of software to define GPS coordinates that create a boundary (or virtual fence). When a device running the software goes outside the boundaries, an alarm is triggered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Mobile Device Management Concepts - Geolocation

A

Geolocation is the term for identifying the geographic location of an item such as a mobile phone. For example, once the geolocation (GPS coordinates) of a mobile phone is determined, you can then associate that with a street address using mapping technologies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Mobile Device Management Concepts - Screen Locks

A

It is critical to ensure that screens on mobile devices such as smartphones and laptops are configured to lock after a short period of inactivity. As a result, anyone wishing to use the mobile device and access the data on it must type the password for the device. So if you lose the device and someone finds it, they would need to know the password to access the data on the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Mobile Device Management Concepts - Push Notification Services

A

Mobile devices allow you to configure which push notification services to use to send status and notifications to the device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Mobile Device Management Concepts - Passwords and Pins

A

Ensure all mobile devices have complex passwords configured to use the device and thus to access the data on it. For corporate devices, you can configure policies to enforce complex passwords for the device. For example, you can do this in ActiveSync policies on the Microsoft Exchange Server for mobile devices that support ActiveSync

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Mobile Device Management Concepts - Biometrics

A

Some devices may allow the configuration of biometrics in order to use the device. For example, some devices may do a retina scan or fingerprint read in order to authenticate to the device.

20
Q

Mobile Device Management Concepts - Context-aware Authentication

A

Context-aware authentication is a new type of security feature that allows an application or cloud service to be aware of your habit —for example, the location you usually log on from, or the device you typically use to log on. With context-aware authentication, if the system determines there is high confidence it is actually you using your credentials (based on the context), then you have a simple logon experience. If the system rates low confidence that it is actually you who is logging in, then it resorts to enforcing a more complicated logon approach involving solutions such as two-factor authentication.

21
Q

Mobile Device Management Concepts - Containerization

A

Sometimes referred to as sandboxing, you can run software on the device that creates a security container that prevents access to sensitive data stored on the device.

22
Q

Mobile Device Management Concepts - Storage Segmentation

A

Some devices allow you to segment the storage on the device, allowing you control over what data can be accessed. For example, a mobile device may segment corporate data from personal data, allowing you to wipe the corporate data only if the company needs you to.

23
Q

Mobile Device Management Concepts - Full Device Encryption

A

Most mobile devices support encrypting data on the device. Device encryption is critical to ensure that anyone who is able to connect the device or its memory to a computer cannot read the data.

24
Q

Enforcement and Monitoring

A

Organizations typically have strict requirements regarding how their devices should and should not be used. When managing your organization’s mobile devices, it is important that you enforce the organization’s policies by monitoring how devices are being used and looking for policy violations.

25
Enforcement and Monitoring for: Third-party App Stores
Your organization may want to disable access to third-party app stores as a method of controlling the applications that are installed on the devices.
26
Enforcement and Monitoring for: Rooting/Jailbreaking
Rooting or jailbreaking is when the user of the device is able to gain privileged access to the device and configure the device in any way they want. Be sure to monitor for jailbreaking of the devices!
27
Enforcement and Monitoring for: Sideloading
Sideloading refers to installing applications from a source other than the app store provided by the vendor. Many organizations attempt to restrict sideloading of applications to a central location controlled by the company
28
Enforcement and Monitoring for: Custom Firmware
Monitor the organization’s devices for firmware upgrades that need to be performed in order to keep devices current. Also, be sure to monitor that employees are not applying custom firmware solutions to the devices. It’s also possible to overwrite the firmware with custom firmware. Some people do this as another method of rooting Android devices. The process is typically complex and fraught with risks. However, some people find downloadable images and copy them onto their devices to overwrite the firmware.
29
Enforcement and Monitoring for: Carrier Unlocking
Monitor devices for unlocking. Devices typically are associated with a specific carrier, but a device can be unlocked if the user wants to use the device with a different carrier. The carrier typically charges a fee to have the device unlocked.
30
Enforcement and Monitoring for: Firmware OTA Updates
Firmware updates can be sent to mobile devices and tablets using the carrier’s wireless network with what is known as over-the-air (OTA) updates. OTA updates were originally used only to update the firmware on the device, but can also be used to update the OS as well.
31
Enforcement and Monitoring for: Camera Use
Your organization should establish a policy regarding whether employees are allowed to use mobile device cameras in the workplace. If it is not permitted (typically for security reasons), you should disable the cameras. Organizations can deploy device policies requiring the camera on the device to be disabled.
32
Enforcement and Monitoring for: SMS/MMS
Your organization should decide if employees should be using the text messaging services of the mobile device. Many organizations have policies in place indicating when the user is not allowed to be texting. For example, while driving or walking.
33
Enforcement and Monitoring for: External Media
Devices can typically have external media connected to them such as SD cards or MicroSD cards. Consider disabling these slots to control media connected to the device.
34
Enforcement and Monitoring for: USB OTG
USB On-the-Go (OTG) is a specification that enables a compliant mobile device to have many different types of devices connect to it. For example, if your mobile device or tablet supports USB OTG, you could connect a communication device such as a keyboard or mouse and use that with your mobile device.
35
Enforcement and Monitoring for: Recording Microphone
For privacy reasons, you can disable the recording microphone on the organization’s devices.
36
Enforcement and Monitoring for: GPS Tagging
Evaluate the GPS tagging functionality on devices to ensure that the devices are not tagging the GPS coordinates of photos that are taken (if permitted). This can be used to track an employee’s location if they are taking photos and uploading to social media.
37
Enforcement and Monitoring for: WiFi Direct/Ad Hoc
You may want to monitor how the wireless networking feature is being used and control whether the user is connecting to wireless networks in infrastructure mode or if they are allowed to connect in ad hoc mode. With infrastructure mode, the administrator controls who can connect to the network and which security features are enabled.
38
Enforcement and Monitoring for: Tethering
Tethering means sharing the mobile device’s Internet connection with other devices. You may want to restrict the tethering features on mobile devices to prevent users from sharing their Internet connections in this manner.
39
Enforcement and Monitoring for: Payment Methods
Monitor and control how users can make payments from mobile devices. With technologies like NFC, it is easy for users to complete transactions from mobile devices.
40
Deployment Models
When an organization decides to have employees use mobile devices to perform job-related tasks, the organization can choose several different ways to integrate mobile devices into the workplace
41
Deployment Models - BYOD
The “bring your own device” model encourages users to connect to the corporate network with their personal mobile devices for work purposes. While the benefit is that the organization can avoid the cost of purchasing the mobile devices, you will need to be clear on the policy and if the organization will push settings down to the devices.
42
Deployment Models - COPE
A “corporate-owned, personally enabled” (COPE) model can work better from a security standpoint than a BYOD model because it is hard for companies to control a device when they do not own the device. With COPE, the company supplies the device to the user, so it is managed by the IT department, but the company allows and promotes personal usage of the device as well.
43
Deployment Models - CYOD
A “choose your own device” model involves the organization providing users with a list of approved devices and allowing each user to choose which device they would like to use.
44
Deployment Models - Corporate-owned
With a “corporate-owned device” model, the company fully manages the devices and employees must follow company policy when using the devices.
45
Deployment Models - VDI
Virtual desktop infrastructure is a model where the user uses a thin client to connect to their desktop environment running in a data center. With VDI you can introduce the mobile device as the thin client so that the user can access their desktop environment from anywhere. The benefit is that the resources are not on the mobile device—it simply connects to a virtual desktop within the company.

CompTIA Security+ SY0-501 - Objectives (45 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions