Mobile Device Security Flashcards

1
Q

Securing Wireless Devices

A

Wi-Fi Protected Access 2 (WPA2) is the highest level of wireless security.
Advanced Encryption Standard (AES).
Bluetooth pairing creates a shared link key to encrypt the connection.
Wired devices are almost always more secure than wireless ones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Mobile Malware

A

Ensure your mobile device is patched and updated.
Only install apps from the official App Store or Play Store.
Do not jailbreak/root device.
Don’t use custom firmware or a custom ROM.
Only load official store apps.
Always update your phone’s OS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SIM Cloning & ID Theft

A

Subscriber Identity Module (SIM) - integrated circuit that securely stores the international mobile subscriber identity (IMSI) number and its related key.
SIM Cloning - allows two phones to utilize the same service and allows an attacker to gain access to the phone’s data; SIM v1 cards were easy to clone but newer SIM v2 cards are much harder; Be careful with where you post phone numbers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Bluetooth Attacks

A

Bluejacking - sending of unsolicited messages to Bluetooth-enabled devices.
Bluesnarfing - unauthorized access of information from a wireless device over a Bluetooth connection.
Bluejacking sends information to a device.
Bluesnarfing takes information from a device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Mobile Device Theft

A

Always ensure your device is backed up.
Don’t try to recover your device alone if it’s stolen.
Remote Lock - requires a PIN or password before someone can use the device.
Remote Wipe - remotely erase all contents on a device to ensure the information is not recovered by the thief.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security of Apps

A

Only install apps from official mobile stores.
Transport Layer Security (TLS)
Mobile Device Management (MDM) - centralized software solution that allows system admins to create and enforce policies across its mobile devices.
Turn location services off to ensure privacy.
Geotagging - embedded location in photos.
Geotagging should be considered when developing security policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Bring Your Own Device (BYOD)

A

Introduces a lot of security issues to consider.
Storage Segmentation - creating a clear separation between personal and company data on a single device.
MDM - centralized software solution for remote administration and configuration of mobile devices.
Choose Your Own Devices (CYOD)
MDM can prevent certain apps from being installed on the device.
Ensure the org has a good policy for mobile devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Hardening Mobile Devices

A
  1. Update your device to the latest version of software.
  2. Install AntiVirus
  3. Train users on proper security and use of the device
  4. Only install apps from the official mobile stores
  5. Do not root or jailbreak devices
  6. Only use v2 SIM cards with your devices
  7. Turn off all unnecessary features
  8. Turn on encryption for voice and data
  9. Use strong passwords or biometrics
  10. Don’t allow BYOD
    Ensure organization has a good security policy for mobile devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly