3.0 Software Troubleshooting QRS Flashcards
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Slow System performance
TO FIX: 1st check Task Manager for high CPU utilization and I/O
Check if Windows Updated? Patch if needed/update patches and drivers.
CK hdd Diskspace/available space and if needed defrag
**Laptops may be using power-saving mode which Throttles the CPU
SCAN for Anti-virus and anti-malware
- 1 Given a scenario, troubleshoot Windows OS Symptoms
- Limited connectivity
SYMPTOM: See error message “ The connection has limited or no connectivity. You might be unable to access the Internet or some network resources. “
- Local issues • Wireless signal, disconnected cable
- PING your default gateway and external IP
- Check IP address configuration • Reboot
- External issues • Wireless router rebooted/turned off
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Failure to boot
SYMPTOM:
Boot errors • Can’t find operating system • OS missing
• Boot loader replaced or changed
FIX: Check if multiple OS’s are installed? • Check boot drives • Remove any media
- Do Startup Repair
- Recovery Console: bootrec /rebuildbcd
- Modify the Windows Boot Configuration Database (BCD)
- Formerly boot.ini
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- No OS found
SYMPTOM: • error message “Missing NTLDR” • The main Windows boot loader is missing •
• Missing operating system • Boots to Safe Mode • or Windows is not starting normally
FIX: • Run Startup Repair Run Startup Repair or replace manually and reboot
- Boot Configuration Data (BCD) may be incorrect
- Run Startup Repair or manually configure BCD store
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Application crashes
- Application stops working • May provide an error message • May just disappear
- Check the Reliability Monitor • A history of application problems
- Check the Event Log • Often includes useful info
- Checks for resolutions
- Reinstall the application /repair install • Contact application’s support phone line
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Blue screens
SYMPTOM:
Bluescreens and spontaneous shutdowns • Startup and shutdown BSOD • Bad hardware, bad drivers, bad application
FIX:
• Use Last Known Good, System Restore, or Rollback Driver
- Try Safe mode • Reseat or remove the hardware • If possible
- Run hardware diagnostics • Provided by the manufacturer • BIOS may have hardware diagnostics
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Black screens
SYMPTOMS:
Black screen • No login dialog, no desktop • Driver corruption, OS file corruption •
to FIX:
Start in VGA mode • F8 for startup options
- Run SFC - System File Checker • Run from recovery console
- or Update driver in Safe Mode • Download from known good source
- Repair/Refresh or recover from backup
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Printing issues
SYMPTOM: Test the printer • Print or scan a test page • Built into Windows • Not the application •
SOLUTION: Use diagnostic tools • Web-based utilities • Built into the printer
• Vendor specific • Download from the web site • Generic • Available in LiveCD form
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Services fail to start
Starting the system • Device not starting • Check Device Manager and Event Viewer • Often a bad driver • Remove or replace driver
- “One or more services failed to start” • Bad/incorrect driver, bad hardware • Try starting manually
- Check account permissions • Confirm service dependencies
- Windows service; check system files
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Slow bootup
SYMPTOM: Slow boot • Boot process hangs or takes longer than normal • No activity, no drive lights
SOLUTION: • Manage the startup apps • Control what loads during the boot process • GO TO Task Manager > Startup tab • Startup impact, Right-click / Disable
• Disable everything • Load them back one at a time
- 1 Given a scenario, troubleshoot Windows OS Symptoms…
- Slow profile load
SYMPTOM: Slow profile load • Roaming user profile • Your desktop follows you to any computer • Changes are synchronized • Can cause Network latency to the domain controller
• Slows login script transfers • Slow to apply computer and user policies
SOLUTION: • May require many hundreds (or thousands) of LDAP queries • Client workstation picks a remote domain controller instead of local DC
• Problems with local infrastructure, Win admin may have to address via escalation
- 1 Given a scenario, troubleshoot Windows OS: SOLUTIONS
- Defragment the hard drive
- Moves file fragments so they are contiguous • Sharing a common border • Improves read and write time • Only applicable to spinning hard drives (not SSD’s)
- • GUI version in the drive properties, Command line: defrag
Weekly schedule with OS> Control Panel / Administrative Tools / Task Scheduler
- Reboot
- Have you tried turning it off and on again? • There’s a reason it works • Bug in your router software
- Reboot the router
- Application is using too many resources • Stops the app
- Memory leak slowly consumes all available RAM
- Clears the RAM and starts again
- Kill tasks
Kill tasks • Instead of rebooting, find the problem • And kill it
•GO TO: Task Manager - Processes tab • Sort by resource
- CPU, memory, disk, network • Right-click to end task
• Trial and error
- Restart services
- View status in Task Manager • Services tab • Right-click to start, stop, or restart
- Services • Applications that run in the background
- No user interaction • Similar issues as a normal process
- Resource utilization • Memory leaks • Crashes
- Update network settings
Update network settings • One configuration mismatch CAN cause significant network slowdowns
- Speed • Duplex • Most auto negotiations work fine • Until they don’t
- the Driver may not show the negotiated value
- Filter through the Event Viewer • THE NETWORK CARD SPEED/DUPLEX MUST MATCH the switch
- Both sides should be identical
- Reimage/reload OS???
Windows is big • And complex • Spend time trying to find the needle???
• Or simply build a new haystack • Many organizations have prebuilt images
lol, is FASTER TO FIX some ISSUEs BY REIMAGING THE PC.
• Windows includes a reset option • Settings / Update>Security /?Recovery
- Roll back updates
- Device Drivers • These can break Windows • Roll back from the • Windows start menu (F8)
- Restore points • Rewind to an earlier point in time
- Time travel without erasing your work • Application updates
- Restore points are created automatically each time an app is installed
Can manually create in OS as well.
- Roll back devices drivers
• Device Drivers • These can break Windows • Roll back from the • Windows start menu (F8)
- Apply updates
- Windows Update • Centralized OS and driver updates • Lots of flexibility • Change active hours
- Manage metered connections
- Applications must be patched
- Security issues don’t stop at the OS • Download from the publisher
- Repair application
- Application issues • Problems with the application files or configurations
- Each application has its own repair process • Fix missing files • Replace corrupted files
- Fix application shortcuts • Repair registry entries • Update or reconfigure drivers
- Update boot order
- The BIOS determines which physical device will be used during boot • And in which order • Each BIOS is a bit different
- Update boot order • Try to boot from a USB drive •
The configuration is in there somewhere • It’s an easy one to miss
• Usually the first thing to check
- Disable Windows services/applications
• Manage startup processes • Task Manager, Control Panel / Administrative Tools / Services
Disable startup services / apps • It’s difficult to tell what application might be a problem child • Much of the underlying OS operations are hidden from view
- Trial and error • Disable all startup apps and services • Or disable one at a time
- This might take quite a few restarts
- Where do I Disable startup services / apps ?
- Task Manager, Control Panel / Administrative Tools / Services
- Manage startup processes • Task Manager, Control Panel / Administrative Tools / Services -Can be hard to tell which application is the problem child.
- Much of the underlying OS operations are hidden from view
- Trial and error • Disable all startup apps and services
- Or disable one at a time and restart to see if that fixed the issue
May take quite a few restarts
F8/ Safe Mode - Windows 7 and 8/8.1
- Press F8 on boot • Advanced Boot Options • Safe Mode has Only the necessary drivers to get started
- CAN Enable low-resolution (VGA Mode) to Recover from bad video driver installations
- Safe Mode with Networking • Includes drivers for network connectivity
- Safe Mode with Command Prompt • No Windows Explorer – quick and dirty
Safe Mode - Windows 10
• Windows Fast Startup prevents a complete shutdown , SO F8 probably won’t work
- From the Windows desktop
- Hold down shift when clicking Restart
• Settings / Update / Security / Recovery / Advanced startup / Restart now • System Configuration (msconfig)
- Rebuild Windows profiles
User Profiles can become corrupted • The User Profile Service failed the logon. Sometimes a User Profile can’t load.
• If a profile doesn’t exist, it’s recreated, SO if you delete the corrupt user profile, then you start rebuilding process • It’s not as easy as copying a file
- Backups, registry modifications
- Login with domain admin
- Rename the \Users\name folder
- Export the user’s registry
- Delete the registry entry
- Restart the computer
Deleting corrupt Windows profiles
- Login to the computer with Domain Administrator rights • Rename the \Users\name folder • This will save important files
- Backup the user’s registry • HKLM\SOFTWARE\Microsoft\Windows NT\ CurrentVersion\ProfileList
- Right-click / Export • Delete the registry entry - You have a backup :)
- Restart the computer
3.1 Given a scenario, troubleshoot Windows OS: SOLUTIONS
Reconstructing Windows profiles
- Login to the computer with the user account • The profile will be rebuilt • This will recreate the \Users\name folder
- Login as Domain Administrator • Copy over any important files from the old profile
- Do not copy the entire user profile over, because the user’s Corrupted files might exist in the old profile
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Pop-ups
- Pop-ups in your browser • May look like a legitimate application
- May be a malware infection • Update your browser • Use the latest version and check pop-up block feature
- Scan for malware • Consider a cleaning • Rebuild from scratch or known good backup to guarantee removal
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Browser redirection
• Instead of your Google result, your browser goes somewhere else • This shouldn’t ever happen • Malware is the most common cause
CHECK LAN SETTINGS>IE ADVANCED - REMOVE ANY PROXY SERVER, AND CHECK MSCONFIG FOR MALICIOUS NESS
- Use an anti-malware/anti-virus cleaner • This is not the best option
- Restore from a good known backup • The only way to guarantee removal
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Browser Security alerts
SYMPTOM:
Browser security alerts • Security alerts and invalid certificates • Something isn’t quite right - Should raise your interest
SOLUTION:
• Look at the certificate details • Click the lock icon • May be expired or the wrong domain name • The certificate may not be properly signed (untrusted certificate authority)
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Slow performance
Malware network symptoms • Slow performance, lock-up • Malware isn’t the best written code • Internet connectivity issues • Malware likes to control everything
- You go where it wants you to go • You can’t protect yourself if you can’t download • OS updates failures • Malware keeps you vulnerable
- Some malware uses multiple communication paths • Reload or clean • Malware cleaner or recover from known good backup
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Internet connectivity issues
Malware network symptoms • Slow performance, lock-up • Malware isn’t the best written code • Internet connectivity issues
- Malware likes to control everything • You go where it wants you to go • You can’t protect yourself if you can’t download • OS updates failures • Malware keeps you vulnerable
- Some malware uses multiple communication paths • Reload or clean • Malware cleaner or recover from known good backup
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- PC/OS lockup
System lock up • Completely stops • Check Caps Lock and Num Lock status lights
- May still be able to terminate bad apps
- Windows and Linux Task Manager (Ctrl-Alt-Del / Task Manager)
- Mac OS X Force Quit (Command-Option-Esc) • Check logs when restarting • May have some clues about what’s happening
- May be a security issue
- Perform a virus/malware scan
- Perform a hardware diagnostic
- System issues can be a factor
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Application crash
SYMPTOM: • Application stops working • May provide an error message • May just disappear
SOLUTION:
• Check the Reliability Monitor • A history of application problems
- Check the Event Log • Often includes useful reconnaissance
- Checks for resolutions • Reinstall the application • Contact application support
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- OS updates failures
Malware network symptoms • Slow performance, lock-up • Malware isn’t the best written code • Internet connectivity issues • Malware likes to control everything • You go where it wants you to go • You can’t protect yourself if you can’t download • OS updates failures • Malware keeps you vulnerable • Some malware uses multiple communication paths • Reload or clean • Malware cleaner or recover from known good backup
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Rogue antivirus
Virus alerts and hoaxes • Rogue antivirus • May include recognizable logos and language • May require money to “unlock” your PC • Or to “subscribe” to their service • Often requires a specific anti-malware removal utility or technique
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Spam
Email security • Spam - Unsolicited email messages, advertisements, phishing attacks, spread viruses • Spam filters can be helpful
- Renamed system files
Malware OS symptoms • Renamed system files • Won’t need that anymore • Files disappearing • Or encrypted • File permission changes
- Protections are modified • Access denied • Malware locks itself away • It doesn’t leave easily
- Use a malware cleaner or restore from known good backup • Some malware is exceptionally difficult to remove
- Disappearing files
Malware OS symptoms • Renamed system files • Won’t need that anymore • Files disappearing • Or encrypted • File permission changes • Protections are modified • Access denied • Malware locks itself away • It doesn’t leave easily • Use a malware cleaner or restore from known good backup • Some malware is exceptionally difficult to remove
- File permission changes
Malware OS symptoms • Renamed system files • Won’t need that anymore • Files disappearing • Or encrypted • File permission changes • Protections are modified • Access denied • Malware locks itself away • It doesn’t leave easily • Use a malware cleaner or restore from known good backup • Some malware is exceptionally difficult to remove
- Hijacked email- Responses from users regarding email
- Infected computers can become email spammers
- You receive odd replies from other users
- You receive bounce messages from unknown email addresses
Hijacked email - Automated replies from unknown sent email
• Hijacked email • Infected computers can become email spammers • You receive odd replies from other users • You receive bounce messages from unknown email addresses
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Access denied
Malware OS symptoms • Renamed system files • Won’t need that anymore
- Files disappearing • Or encrypted • File permission changes
- Protections are modified • Access denied
- Malware locks itself away • It doesn’t leave easily
- Use a malware cleaner or restore from known good backup
- Some malware is exceptionally difficult to remove
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- Invalid certificate (trusted root CA)
Browser security alerts • Security alerts and invalid certificates • Something isn’t quite right - Should raise your interest
- Look at the certificate details • Click the lock icon
- May be expired or the wrong domain name
- The certificate may not be properly signed (untrusted certificate authority)
- 2 Given a scenario, troubleshoot and resolve PC security issues.
- System/application log errors
System / application log errors • Many errors go undetected • The details are in the log • It may take some work to find them
- Filter and research • Find security issues • Improper logins
- Unexpected application use • Failed login attempts
- 3 Given a scenario, use best practice procedures for malware removal.
- Identify and research malware symptoms.
- Identify malware SYMPTOMs:
- Odd error messages
- Application failures, security alerts
- System performance issues
- Slow boot, slow applications
- Research the malware
- Know what you’re dealing with
- Quarantine the infected systems.
- Quarantine infected systems • IMMEDIATELY Disconnect THE PC from the network • Keep it contained
- Isolate all removable media • Everything should be contained
- Prevent the spread • Don’t transfer files, don’t try to backup • Files ARE Contaminated
- Disable System Restore (in Windows).
- Disable System Restore • Restore points make it easy to rewind • Malware infects restore points • Disable System Protection • No reason to save an infected config • Delete all restore points • Remove all infection locations
- Remediate/CLEAN the infected systems.
4a. Remediate: Update anti-virus
AND 4b. Remediate: Scan and remove
4a. Remediate
a. Update the anti-malware software.
Update anti-virus • both Signature and engine updates
- The engine • The guts of the machine
- Signature updates • A very, very tiny shelf life
- Automatic vs. manual • Manual updates are almost pointless
- Your malware may prevent the update process • Copy from another computer
4b. Remediate: USE Scan and use removal techniques
(safe mode, pre-installation environment).
Safe mode • Loads the bare minimum operating system • Just enough to get the OS running • may prevent the bad stuff from running
- Pre-installation environment (WinPE) • Recovery Console, bootable CD/DVDs/USBs • Build your own from the Windows
- Assessment and Deployment Kit (ADK) • May require the repair of boot records and sectors
- Delete and rebuild
- Microsoft, Symantec, McAfee • Malwarebytes Anti-Malware - Malware-specific
- Schedule scans and run updates.
- Built into the antivirus software • Automated signature updates and scans
- Task scheduler • Run any task
- Operating system updates • Make sure its enabled and working
- Enable System Restore and create a restore point (in Windows).
- Enable System Protection • Now you’re clean - Put things as they were • Create a restore point - Start populating again
- Educate the end user.
- One on one - Personal training
- Posters and signs - High visibility
- Message board posting - The real kind
- Login message - These become invisible
- Intranet page - Always available
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Dim display
Dim display • Difficult to see the details, even in low light
- Check the brightness setting
- iOS: Settings / Display and brightness
- Android: Settings / Display / Brightness level
- Replace the bad display - backlight issue
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Intermittent wireless
Wireless connectivity
- Intermittent connectivity
- Move closer to access point
- Try a different access point
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- No wireless connectivity
- No wireless connectivity
- Check/Enable WiFi, check security key configuration
- Hard reset can restart wireless subsystem
turn off Airplane mode
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- No Bluetooth connectivity
- Check/Enable Bluetooth
- Check/Pair Bluetooth component
- Hard reset to restart Bluetooth subsystem
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Cannot broadcast to external monitor
Cannot broadcast to monitor • Broadcast to a TV • Apple TV, Xbox, Playstation, Chromecast, etc.
- Check app requirements • Every broadcast device is different
- All devices must be on the same wireless network • Can’t mix your private and guest network
• Signal strength is important • Between phone and television
AND
• Between television and the Internet
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Touchscreen non-responsive
SYMPTOM: • Touchscreen completely black or touchscreen not responding to input
SOLUTION:
close all open apps, reboot the phone. May have to hard reset the device
May have to remove the screen protector, until it can be ruled out as a problem, Restart the device and recalibrate the screen if necessary.
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Apps not loading
App issues • Apps not loading, slow app performance
- Restart the phone - Hold power button, power off • Stop the app and restart
- iPhone: Double-tap home button, slide app up
- Android: Settings/Apps, select app, Force stop • Update the app - Get the latest version
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Slow performance
- Apps not loading, slow app performance • Restart the phone - Hold power button, power off • Stop the app and restart
- iPhone: Double-tap home button, slide app up
- Android: Settings/Apps, select app, Force stop • Update the app - Get the latest version . ARE You being throttled?
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Unable to decrypt email
Unable to decrypt email • Built-in to corporate email systems – Outlook • Each user has a private key
- You can’t decrypt without the key
- Install individual private keys on every mobile device
- Use a Mobile Device Manager (MDM)
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Extremely short battery life
Short battery life • Bad reception - Always searching for signal • Disable unnecessary features • 802.11 wireless, Bluetooth, GPS • Check application battery usage • iPhone: Settings/General/Usage • Android: Settings/Battery • Aging battery - There’s only so many recharges
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Overheating
Overheating • Phone will automatically shut down to avoid damage • Charging/discharging the battery, CPU usage, display light • Check app usage - Some apps can use a lot of CPU • Avoid direct sunlight - Quickly overheats
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Frozen system
Frozen system • Nothing works - No screen or button response • Soft reset - Hold power down and turn off • Hard reset • iOS: Hold power and home button for 10 seconds • Android: Combinations of power, home, and volume • Ongoing problems may require a factory reset
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- No sound from speakers
No sound from speakers • No sound from a particular app • Check volume settings - Both app and phone settings • Bad software / delete and reload • Try headphones • Sound starts but then stops • Dueling apps / keep app in foreground • No speaker sound from any app (no alarm, no music, no audio) • Load latest software • Factory reset
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- Inaccurate touch screen response
Inaccurate touch screen response • Screen responds incorrectly or is unresponsive • Close apps - Low memory can cause resource contention • Perform a soft reset, unless a hard reset is required • May require a hardware fix • Replace the digitizer / reseat cables
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- System lockout
System lockout • Too many incorrect unlock attempts • iOS: Erases the phone after 10 failed attempts • Android: Locks or wipes the phone after failed attempts
- 4 Given a scenario, troubleshoot mobile OS and application issues. COMMON SYMPTOM:
- App log errors
App log errors • Most log information is hidden • You’ll need developer tools to view it • A wealth of information • If you can decipher it • This might take a bit of research • Viewing logs • iOS - Xcode • Android – Logcat
HOW TO RESTART Apple iOS device?
Apple iOS restart • Hold power button, slide to power off, press power button • Hold down power button and Home button for 10 seconds
HOW TO RESTART Android device?
• Android device restart • Remove battery, put back in, power on • Hold down power and volume down until restart • Some phones have different key combinations
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Signal drop/weak signal
Signal drop / weak signal • Drops and weak signals prevent traffic flows • Make sure you’re connecting to a trusted WiFi network • Use a VPN if you’re not • Never trust a public WiFi Hotspot • Tether with your own device • Run a speed test • Cell tower analyzer and test
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Power drain
Power drain • Power drains faster than normal • Heavy application use • Increased network activity • High resource utilization • Check application before install • Use an App scanner • Force stop running apps • Run anti-malware • Check for malicious activity • Perform a clean install • Factory reset, reinstall apps
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Slow data speeds
• Unusual network activity • Unintended WiFi connections • Data transmission over limit • Check your network connection • Run a WiFi analyzer • Are you on a trusted WiFi network? • Check network speed • Run speed check / cell tower analyzer • Examine running apps for unusual activity • Large file transfers, constant activity
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Unintended WiFi connection
SYMPTOM: Accidently connect to the wrong WiFi connection
TO FIX:
Remove TO FIX:
disable scan for malware
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Unintended Bluetooth pairing
SYMPTOM: Unintended Bluetooth pairing • Connect with a device that isn’t yours • This is bad!
TO FIX: • Remove the Bluetooth device • You would have to re-pair to access again • Disable Bluetooth radio • No Bluetooth communication at all • Run an anti-malware scan • Make sure there are no malicious apps
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Leaked personal files/data
SYMPTOM: Leaked information • Unauthorized account access • Unauthorized root access • Leaked personal files and data
TO FIX:
• Determine cause of data breach
• Perform an app scan, run anti-malware scan
- Factory reset and clean install • This is obviously a huge issue
- Check online data sources • Apple iTunes/iCloud/Apple Configurator, Google Sync, Microsoft OneDrive
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Data transmission over limit
SYMPTOM: Slow data speeds • may be throttled by phone provider
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Unauthorized account access
SYMPTOM: • Unauthorized account access • Unauthorized root access • Leaked personal files and data
TO FIX:
- Determine cause of data breach
- Perform an app scan, run anti-malware scan
- Factory reset and clean install
- This is obviously a huge issue!!!
- Check online data sources • Apple iTunes/iCloud/Apple Configurator, Google Sync, Microsoft OneDrive
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Unauthorized location tracking
SYMPTOM: Unauthorized location tracking • Real-time tracking information and historical tracking details • This should be as protected as your other data
TO FIX:
• Run an anti-malware scan
• Malicious apps can capture many data points
- Check apps with an offline app scanner
- Get some insight into what’s running
- Perform a factory reset
- Restore from a known-good backup
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- Unauthorized camera/ microphone activation
SYMPTOM: Unauthorized camera / microphone use • Third-party app captures intimate information • Ethical and legal issues
TO FIX:
• Run an anti-malware scan • Try to identify the source of the breach • Confirm that loaded apps are legitimate
- Check with a third-party scanner
- Factory refresh • Completely reset and start from the beginning
- 5 Given a scenario, troubleshoot mobile OS and application security issues. COMMON SYMPTOM:
- High resource utilization
SYMPTOM: • Power drains faster than normal • Heavy application use • Increased network activity • High resource utilization
TO FIX:
• Check applications before install • Use an App scanner • Force stop running apps • Run anti-malware • Check for malicious activity
• Perform a clean install • Factory reset, reinstall apps
