3.5 Given a scenario, implement secure mobile solutions

Question 1

Cellular

Answer 1

Primary source of communication for mobile devices.
Cellular communication is on encrypted by connecting to the nearest cell tower.
Communication over WIRES is plaintext.

Question 2

Basic mobile device connections

Answer 2

Cellular, Wi-fi, Bluetooth, NFC, Infrared, USB, Point-to-point (PTP), Point-to-multipoint (PTM), GPS, RFID

Question 3

Point-to-Point
Point-to-Multipoint

Answer 3

Communications only received by a single receiver isolated from everything else. Multipoint is the same but connects to multiple receivers.

Question 4

MDM

Answer 4

Mobile device Management is managing multiple mobile devices throughout a enterprise. (Government work phones)
Allows you to enforce config settings.

Question 5

MCM

Answer 5

Mobile Content Management
Controls the “Content” on the mobile phone and what company data is accessed on the the mobile device.

Question 6

Remote Wipe/Remote Sanitation

Answer 6

Mobile management that allows you to delete all data if mobile device is lost REMOTELY.
(mobile device needs to receive a signal)
Full Data Encryption (FDE) needs to be enable to prevent data being restored.

Question 7

Geofencing

Answer 7

Mobile management that allows you to enable features on a mobile device based on the LOCATION (GPS),

Question 8

Geolocation

Answer 8

Includes details on the location and any media made by the device.

Question 9

Push Notifications
Passwords and PINS
Biometrics (Face ID)

Answer 9

Sends information to you device instead of a APP.
Passwords should be strong and storage should be encrypted.
Biometrics uses personal features to authenticate you.

Question 10

Context-Aware Authentication

Answer 10

Evaluates the origin and context of what the user is attempting to get.
If the device and location seem familiar then its low risk authentication. If unfamiliar then high risk

Question 11

Storage Segmentation

Answer 11

A MDM technique that allows you to separate a users personal data and a companies data.
By doing this you can remotely wipe the company’s data while retaining users data

Question 12

FDE

Answer 12

Full Data Encryption on a mobile device means that the storage on the device is encrypted and the physical data port is disable when the phone is locked.

Question 13

MicroSD HSM

Answer 13

MiroSD Hardware Security Module is a mobile device with a MircoSD card that has small form factor encryption hardware.

Question 14

MDM/UEM

Answer 14

MDM/Unified Endpoint Management is software single management platform that combines MDM and EEM into one for mobile devices.

Question 15

MAM

Answer 15

Mobile Application Management is like MDM but focuses on Apps

Question 16

SEAndroid

Answer 16

Security-Enhanced Android (SEAndroid) is a security improvement for Android.

Question 17

Third-party application stores

Answer 17

Mobile devices should not download apps from Third Party App stores because they don’t have strict security posture to host the app.

Question 18

Jail breaking/Rooting

Answer 18

Is breaking the digital rights management (DRM) security on the bootloader on the mobile device so that you can full system privileges.
This allows you to download apps that where originally block because of security reasons.

Question 19

Sideloading

Answer 19

The act of installing a file from a USB or some storage medium.

Question 20

Custom Firmware

Answer 20

Firmware that is installed in place of the original firmware. You do this if the mobile device is jailbroken.

Question 21

Firmware OTA updates

Answer 21

Firmware over the air updates is basically like installing a new IOS. But it can effect MDM because the update may go against the MDM.

Question 22

USB OTG

Answer 22

USB On-The-Go (OTG) is the connection of a USB device that is connected to a mobile device.

Question 23

WiFi Direct/ad hoc

Answer 23

Are peer-to-peer connections that allow WPA2 and WPA3 to connect to other devices without there being a middle man (router)

Question 24

Tethering/Hot Spot

Answer 24

Tethering is the act of sharing a cellular network with a mobile device with other devices.
Hotspot is a form of sharing a cellular network through a mobile device.

Question 25

BYOD

Answer 25

Bring your own device means you are allowed to bring your own device to work but it a open-ended policy and some mobile devices may not have security.

Question 26

COPE

Answer 26

Corporate-Owned Personally Enabled (COPE)
COPE allows the organization to select exactly which devices are to be allowed on the organizational network. They are used for corporate and personal uses.

Question 27

CYOD

Answer 27

Choose your Own Device (CYOD)

Question 28

Corporate-Owned

Answer 28

Devices that the company owns and should only used for corporate reasons. NO personal activities should be used on this device.