Mobile applications Flashcards
Open-source
3
- The software and the original source code are available to download, modify, and redistribute
- Allows creativity and change
- Android OS has a lower cost of services by using an open-source platform as a code base
Closed-source software
6
- Proprietary software that is licensed under the exclusive legal rights of
the copyright holder - Change not allow
- If licensed there are restrictions (cant research, share, study redistribute)
- all you get is product
- you can’t see the code
- When someone won’t give the recipe
Google play Store
2
- Android OS app store
- Java and Android studio
App store
4
- Application on an iOS device to access a store to purchase and download applications
- Can’t download outside app store because it’s closed-source
- to create an app for Apple devices you have to use the programming languages Swift and Xcode
- Must be approved by Apple
Microsoft 365
2
- Provides the ability to have office productivity software and a large
amount of storage space in the cloud (OneDrive) - Will get email (@outlook.com)
iCloud
3
- Email is @icloud.com
- free storage
- works well if using apple devices
Google work space
2
- gmail
- g suite
Most common data synchronization applications
3
- Microsoft 365
- Google Workspace
- iCloud
Mobile device synchronization
7
Defintion: is the process of copying and updating data between devices, ensuring consistency across desktops, laptops, tablets, and smartphones.
Common Uses of Synchronization:
- Syncing data like contacts, calendar, email, pictures, music, videos, documents, applications, and passwords across devices.
Popular Synchronization Services:
- Microsoft 365
- iCloud
- Google Workspace
Benefits:
- Maintains consistency across devices.
- Provides access to updated files and information wherever you are.
Contact
2
- Record inside of an address book that contains fields of names,
addresses, emails, phone numbers, notes, etc. - vCard: Definition (Can import with CSV)
vCard
1
Standard format and is widely supported by most address books and software applications
Calendar Information
2/ What is included in a calendar invite?
- Any record with fields for appointments or tasks with their corresponding
subject, date, location, and attendees - synched with a Cloud-based system (Easier) or ICalendar
Mobile Email
2
- Received using Protocols POP3, IMAP, or Exchange
- Sent using SMTP
Personal effects
5
- normaly Created using mobile devices
- Pictures
- Music
- Videos
- Documents
Apps
3
- There are desktop, Laptop, Tablet and smartpone version (Mobile, Desktop view)
- Can be synched across all apps
- Consider what apps are supported on which devices
Password
7
Definition: Passwords are secret credentials that grant access to resources, websites, or accounts.
Ways to Save Passwords:
1. On Local Devices:
- Store passwords directly on your computer or smartphone.
2. In Browsers:
- Many browsers prompt you with, “Do you want to save login information?”
3. With Third-Party Tools:
- Use password managers like Bitwarden, OnePass, or LastPass for secure storage.
Best Practices:
- Use Encryption: Ensure any tool you use encrypts passwords to protect them from unauthorized access.
- Generate Strong Passwords: Third-party tools can generate secure, random passwords for new accounts.
Synchronization Methods
3
- Cloud
- Computer
- Automobile
Cloud Synchronization
6
- Provides access to the cloud from all devices and becomes the central
repository of all data - Always have access to the cloud from all devices (Pictures, videos, applications, etc.)
- If data is encrypted in the cloud it is relatively safe
- Common cloud services (Microsoft 365, iCloud, Google Workspaces
- Synchronization to the cloud requires a large amount of data transfer from your device over the internet back to the cloud server (By cellular (watch out for data limit (I.E., data cap) or WIFI)
- be aware of storage limits (if you need more you have the ability to pay for more
Data Cap
5
- Reaching the data limit for your cellular plan
- Cut off data
- Data overage ( Charge for use after limit)
- Mobile throttle ( slow you down until end of billing cycle
- to avoid configure phone to only use cellular for certain things and leave others when on wifi (Downloading apps or system updates)
Computer synchronization
2
- Synchronizes directly to the desktop or laptop using a USB or Bluetooth
connection - Also when connecting a mobile device to a computer it will show up as a drive (Allowing you to drag and drop files)
Automobile synchronization
3
- Synchronization with the automobile
- Synchronize entire phone (carplay or android auto)
- MAps, messages, music, etc)
EMM
6
Enterprise mobility management
- Class of software designed to apply security policies for use on mobile
devices
- Common software used VMware Workspace ONE, Microsoft Intune, Symantaec & Broadcom protection mobile, Citrix Endpoint, etc. Management, Apple Business Manager
- EMM comes in two main varieties
1. Mobile device management (MDM)
2. Mobile application management (MAM)
MDM
6
- Mobile device management
- Sets device-level policies for authentication, feature use, and conductivity
- Type of software that allows you to control the device
- also allows the administrator to remotely wipe the device if lost or stolen), lock the device, and remotely access to see what the user is seeing to help troubleshoot
- will give you the ability to turn on or off certain feature including hardware (Disable cameras, microphone, wifi capability).
- Can set up MFA requirements
MAM
8
Mobile Application Management (MAM):
Definition: MAM enforces policies for mobile apps that process corporate data, ensuring security and preventing unauthorized data transfer to personal apps.
Key Features:
1. Sandboxing Corporate Data:
- Creates a secure, encrypted enterprise container or workspace on the device.
- Corporate data stays isolated, with untrusted external apps blocked from accessing the container.
- Support for BYOD (Bring Your Own Device):
- Enables employees to access corporate data securely on personal devices.
- Protects corporate information through encryption and controlled access. - Pre-Configured Corporate Apps:
- Companies typically install and manage secure apps for:
Email
Calendar
Contacts
Data Storage
- These apps are encrypted and cannot be read by other applications.
Benefits:
- Protects corporate data on personal devices.
- Ensures compliance with company security policies.
- Enhances productivity by allowing secure remote access to work resources.
Sandbox Solution (Enterprise)
1
Configures an enterprise-managed container or workspace where the company’s data is stored
DLP
4
Data Loss Prevention
- Detects when data is being taken from a device, ensuring it’s only being used in the proper way
- Whether you’re using MDM or MAM
- Ex: prevent sending data from email and block it.
ABM
3
Apple business manager
- MAM suite that allows applications from a private repository to devices that are part of the corporate network
- Allows outside applications for companies to use b/c apple only allows apps from the app store
Managed Google play
1
- Managed version of the Google Play store that contains apps that are distributed to employees’ devices
MFA
4
Multi-Factor Authentication
-Combining two or more Authentication factor categories (Ex: Knowledge and inherence) also called (2FA)
- enter password and text verification
- Just b/c you have two factors doesnt mean you have multi-factor. (Ex: 2 Knowlege factor (Pin and Password) is still one. Knowledge and possesion is two)
knowledge Factor
5
Something you know
- The simplest form of authentication and refers to something you know
- Answer to a challenge
- What is your password
- Easiest to break (B/C just words or numbers)
Possesion Factor
2
- Something you have
-RSA key fob - Physical token (ID card)
Inherence Factor
3
Something you are
- Pieces of your body (Biometrics i.e, FInger print, Facial scan)
- Most smart phones support
Behavior Factor
3
- Something you do
- The way you do certain things (The way you walk, talk, etc)
- Voice recognition
Location Factor
3
- Somewhere you are
- GPS receiver
- Only login when your in certain areas
Single-factor authentication
2
- Using one authentication factor
- Ex: Single knowledge factor
Authenticator
2 - think capcha
- Is an Application that serves as a possession factor inside a mobile device
- Creates random code
Location services
3 types
- Coarse positioning
- Global positioning (GPS)
- Indoor positioning (IPS)
Coarse Positioning
4
- Oldest Method of positioning using mobile phones
- Rough guess of where you are
- triangulates your location with 3 or more cellular towers
- not accurate can determine location within a couple of city blocks
GPS
5
- Space-based radio navigation system, consisting of satellites and
networks of ground stations - Needs GPS receiver most smartphone and mobile devices have one built in.
- difficult for GPS to give accurate locations when you are indoors
- Must enable in settings
- can be used by apps to see location shopping habits, etc
IPS
Location Factor
- Allows a device to be used indoors to figure out the location
- your device triangulates location by basing proximity to other radio sources
- Uses cellular towers, Wi-Fi access points, Bluetooth beacons, and RFID beacons
- Disallow IPS in location services
Geo-Tracking
5
- Tracking of a location for a given amount of time
- Uses any of the three location serivces (Coarse, GPS, IPS)
- disable IPS and GPS to block geo-tracking
- Locations can be gathered to get a pattern of where you’ve been or will go
- A device uses your location services to track your habits across apps (Spending, searches, location, etc.)
Geotagging
2
- The GPS coordinates inside of photos
- disable in settings in smartphones
Emails will be configured with the following ports
6
- POP3
- IMAP
- SMTP
- But these are not the only ports
- These ports sends email in the clear (without encryption
- For better security you should always configure SSL or TLS when connecting to the email servers
Auto configuration
- When you enter email credentials (Email address and password) the system will automatically know what POP3, IMAP, and SMTP servers to use
- Used by major providers like yahoo, Gmail, Outlook, etc.
- Small or medium sized business use their own email server and are not set up for auto configuration
Configuring corporate email
Set up 4 things
- Incoming email server (IMAP or POP3 and what is fully qualified domain name or IP address of that server mail.diotraining.com
- Outgoing mail server (SMTP) (Same name with SMTP.diontraining.com)
- Enable encryption (TLS or SSL
- Ports (Choose port number (Encrypted or unencrypted (always encrypt))
- Always check with admin to make sure you have the right server names, IP addresses, and port numbers when configuring email on device
TLS
3
Transport layer security
- New and advanced secure version of encryption
- cryptographic protocol that encrypts data sent over the internet to protect it from unauthorized access.
SSL
4
Secure socket layer
- a security protocol that encrypts data sent between two devices or applications to create a secure connection
- SSL encrypts data so that anyone trying to intercept it will only see a jumble of characters that is almost impossible to decrypt. SSL also authenticates the devices involved in the communication to ensure they are who they claim to be.
- Why use TLS over SSL?
Authentication Factors
5
- Something you know (Knowlege factor)
- Something you are (Inheritance factor)
- Something you have (Posession factor)
- Something you do (Behavior factor)
- Somewhere you are (Location factor)
