Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Mobile > chapter 8 > Flashcards

chapter 8 Flashcards

1
Q

Mobile Infrastructure Risks

A
  • Software
  • Hardware
  • Network
  • Organization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  • fake access point
  • can obtain user credentials
  • it uses weak authentication methods
    • Open authentication
    • shared authentication
    • WEP
  • This can be found in corporate environment, bookstore, basta sa public
A

Rogue Access point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  • Send deauthentication traffic
  • Get user to re-enter credentials, but attacker is sniffing
  • preventing a client from communicating with wireless network
  • use rogue points that overpower the legitimate one
A

Denial of service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  • Drive around looking for unprotected wireless network
A

Wardriving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  • marks and symbols on the sidewalk or wall identifying a vulnerable access point
A

warchalking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  • intercept communication between the transmitter and receiver
  • take advantage of weak encryption algorithm and weak keys
A

Man in the middle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

how to avoid man in the middle

A
  • use stronger keys

- strong encryption methods, implemented correctly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  • spoof a carrier’s tower and infrastructure so that devices connect to it
A
  • Tower spoofing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

use of untrusted or compromised applications on mobile devices

A

Software risks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what app store that are safe

A
  • apple and microsoft
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what app store that is not safe

A
  • android
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

malicious software

A

malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

transferred via files or executable software from device to device

A

virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

masquerades as a useful program

A

trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

self replicate across a network

A

worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

steal data, password, credit card numbers

A

spyware

17
Q

install a program that allows you to modify the device in a way that it is not approved by the manufacturer

A

jailbreak

18
Q

user gains full administrative access

A

rooting

19
Q

software used to capture and record keystrokes sent to a device

A

key logging

20
Q

allows uncontrolled access to the hardware and root level permission of the device

A

unsupported OS

21
Q
  • Create a duplicate of a smartphone, including firmware configuration
  • Impersonate the legitimate owner of the device
  • making and receiving phone calls, text messages and accessing data
A

device cloning

22
Q

the problem is that we store useful information in our phone

A

device theft

23
Q

Policies in Organization should address issues:

A
  • Device Security
  • Antivirus
  • Forensics
  • Patching
  • Upgrades
24
Q

Detects malicious network traffic and unauthorized network access

A

Intrusion detection system

25
Q

Block or reroute traffic based on port, protocol, or IP address

A

Intrusion prevention system

26
Q

Loaded with known attack signatures or rules

A

signature-based systems

27
Q

learn the unique traffic patterns inherent in the network they are protecting

A

anomaly-based systems

28
Q
  • Applications run in restricted memory space
  • Application are firewalled from each other
  • can’t share data or files
A

Application Sandboxing

29
Q
  • Separation of corporate data from personal data on individual device
  • Can also be implemented in a large infrastructure, such as a mass storage areas that contain device backups
  • Separate corporate and private applications
A

Data containers

30
Q
  • firmware chip that provides security functions
  • usually contain cryptographic functions
  • can encrypt the entire device, its storage and removable media
  • better than software-based authentication and encryption
A

Trusted Platform modules

31
Q
  • Restrict the types of data and files entering and exiting a device or network
  • Prevent downloading of stuff
  • can be placed upon the source of the content, blocking certain domains sites, and IP address
A

Content Filtering

32
Q
  • Data breaches, hacking and unauthorized exfiltration of data by insiders
  • Multilayer security effort
  • classify data in terms of sensitivity and label it
  • Store restricted data in folders, databases or media
  • Physical controls
A
  • DLP (Data loss prevention)

Mobile (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions