Lesson 13 - Implementing Secure Mobile Solutions

Question 1

Methods of provisioning mobile devices to users, such as BYOD and CYOD.

Answer 1

Deployment Model

Question 2

Security framework and tools to facilitate use of personally-owned devices to access corporate networks and data.

Answer 2

Bring Your Own Device (BYOD)

Question 3

Enterprise mobile device provisioning model where the device is the property of the organization and personal use is prohibited.

Answer 3

Corporate Owned, Business Only (COBO)

Question 4

Enterprise mobile device provisioning model where the device remains the property of the organization, but certain personal use, such as private email, social networking, and web browsing, is permitted.

Answer 4

Corporate Owned, Personally Enabled (COPE)

Question 5

Enterprise mobile device provisioning model where employees are offered a selection of corporate devices for work and, optionally, private use.

Answer 5

Choose Your Own Device (CYOD)

Question 6

The process and supporting technologies for tracking, controlling, and securing the organization’s mobile infrastructure.

Answer 6

Mobile Device Management (MDM)

Question 7

Enterprise management function that enables control over apps and storage for mobile devices and other endpoints.

Answer 7

Mobile Application Management (MAM)

Question 8

Enterprise software for controlling device settings, apps, and corporate data storage on all types of fixed, mobile, and IoT computing devices.

Answer 8

Unified Endpoint Management (UEM)

Question 9

Since version 4.3, Android has been based on Security-Enhanced Linux, enabling granular permissions for apps, container isolation, and storage segmentation.

Answer 9

SEAndroid

Question 10

An access control scheme that verifies an object’s identity based on various environmental factors, like time, location, and behavior.

Answer 10

Context-Aware Authentication

Question 11

Software that allows deletion of data and settings on a mobile device to be initiated from a remote server.

Answer 11

remote wipe

Question 12

a small form factor hardware security module designed to store cryptographic keys securely. This allows the cryptographic material to be used with different devices, such as a laptop and smartphone.

Answer 12

MicroSD HSM

Question 13

a means of determining the device’s latitude and longitude based on information received from satellites via a GPS sensor.
Means of determining a receiver’s position on the Earth based on information received from GPS satellites. The receiver must have line-of-sight to the GPS satellites.

Answer 13

Global Positioning System (GPS)

Question 14

A means of deriving a device’s location when indoors, by triangulating its proximity to radio sources such as Bluetooth beacons or WAPs.

Answer 14

Indoor Positioning System (IPS)

Question 15

The practice of creating a virtual boundary based on real-world geography.

Answer 15

Geofencing

Question 16

The process of adding geographical identification metadata, such as the latitude and longitude where the device was located at the time, to media such as photographs, SMS messages, video, and so on.

Answer 16

GPS Tagging

Question 17

Installing an app to a mobile device without using an app store.

Answer 17

Sideloading

Question 18

A type of virtualization applied by a host operating system to provision an isolated execution environment for an application.

Answer 18

Containerization

Question 19

this term is associated with Android devices. Some vendors provide authorized mechanisms for users to access the root account on their device. For some devices it is necessary to exploit a vulnerability or use custom firmware. Custom firmware is essentially a new Android OS image applied to the device. This can also be referred to as a custom ROM, after the term for the read only memory chips that used to hold firmware.

Answer 19

Rooting

Question 20

iOS is more restrictive than Android so the term “jailbreaking” became popular for exploits that enabled the user to obtain root privileges, sideload apps, change or add carriers, and customize the interface. iOS jailbreaking is accomplished by booting the device with a patched kernel. For most exploits, this can only be done when the device is attached to a computer when it boots (tethered jailbreak).

Answer 20

Jailbreaking

Question 21

For either iOS or Android, this means removing the restrictions that lock a device to a single carrier.

Answer 21

Carrier Unlocking

Question 22

Close-range networking (usually based on Bluetooth or NFC) allowing communications between personal devices, such as smartphones, laptops, and printers/peripheral devices.

Answer 22

Personal Area Networks (PANs)

Question 23

A type of wireless network where connected devices communicate directly with each other instead of over an established medium.

Answer 23

Adhoc Network

Question 24

Using the cellular data plan of a mobile device to provide Internet access to a laptop or PC. The PC can be tethered to the mobile by USB, Bluetooth, or Wi-Fi (a mobile hotspot).

Answer 24

Hotspot

Question 25

Using the cellular data plan of a mobile device to provide Internet access to a laptop or PC. The PC can be tethered to the mobile by USB, Bluetooth, or Wi-Fi (a mobile hotspot).

Answer 25

Tethering

Question 26

Sending an unsolicited message or picture message using a Bluetooth connection.

Answer 26

Bluejacking

Question 27

A wireless attack where an attacker gains access to unauthorized information on a device using a Bluetooth connection.

Answer 27

Bluesnarfing

Question 28

Computing devices integrated into wearable items, such as bands, watches, and glasses. Most are focused on providing information and contact management via the Internet and many incorporate health and fitness monitoring.

Answer 28

Wearable Technology

Question 29

this allows the device to interact with an IR receiver and operate a device such as a TV or HVAC monitor as though it were the remote control handset.

Answer 29

RF Blaster

Question 30

these are used as proximity sensors (to detect when a smartphone is being held to the ear, for instance) and to measure health information (such as heart rate and blood oxygen levels).

Answer 30

IR Blaster

Question 31

A means of encoding information into passive tags, which can be easily attached to devices, structures, clothing, or almost anything else.

Answer 31

Radio Frequency ID (RFID)

Question 32

these are used as proximity sensors (to detect when a smartphone is being held to the ear, for instance) and to measure health information (such as heart rate and blood oxygen levels).

Answer 32

IR Sensor

Question 33

where an attacker uses a fraudulent RFID reader to read the signals from a contactless bank card.

Answer 33

Skimming

Question 34

A standard for peer-to-peer (2-way) radio communications over very short (around 4”) distances, facilitating contactless payment and similar technologies. NFC is based on RFID.

Answer 34

Near Field Communication (NFC)
NFC does not provide encryption.

Question 35

An NFC transaction is sometimes known as

Answer 35

A Bump

Question 36

USB specification allowing a mobile device to act as a host when a device such as an external drive or keyboard is attached.

Answer 36

On The Go (OTG)

Question 37

A system for sending text messages between cell phones.

Answer 37

Short Message Service (SMS)

Question 38

Extension to SMS allowing digital data (picture, video, or audio) to be sent over a cellular data connection.

Answer 38

Multimedia Message Service (MMS)

Question 39

Platform-independent advanced messaging functionality designed to replace SMS and MMS.

Answer 39

Rich Communication Service (RCS)
No end-to-end encryption.

Question 40

Mechanism to send text messages to a browser or mobile device.

Answer 40

Push Notifications

Question 41

A firmware update delivered on a cellular data connection.

Answer 41

Over-the-Air (OTA)

Answer 42

Point-to-Point (P2P)