Mobile Device Security

Question 1

Near field communication (NFC)

Answer 1

Employment of electromagnetic induction to enable communication between devices within 10cm

Question 2

Satellite communications (SATCOM)

Answer 2

Artificial geostationary satellite that provides services across the globe

Question 3

Cellular Communication

Answer 3

Based on a single network tower that serves devices located within a certain radius.

Question 4

ANT

Answer 4

A wireless sensor protocol that enables communication between sensors and their controllers

Question 5

Universal serial bus (USB)

Answer 5

Enabled wired communication between devices that can be used for power supply, and serial data transmission.

Question 6

Global positioning system (GPS)

Answer 6

A system that determines the precise location of something on earth through a series of satellites, tracking stations, and recievers.

Question 7

Infrared (IR)

Answer 7

A wireless technology for transmitting data between two devices in the digital form within 5m

Question 8

Wi-Fi

Answer 8

A common wireless technology used in homes and office buildings to connect local devices.

Question 9

Bluetooth

Answer 9

A short range high speed low power wireless technology that enables communication between devices

Question 10

5G cellular Communication

Answer 10

A broadband cellular network that operates at low latency, high bandwidth, and provides high speed downloads

Question 11

Point to point (P2P) connection

Answer 11

Enables secure communication between two devices without encryption, through a fixed path.

Question 12

Point to multipoint connection

Answer 12

Allows one to many connections by providing multiple paths from a single location to many others

Question 13

Radio frequency identification (RFID)

Answer 13

A form of wireless communication that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency portion of the electromagnetic spectrum to uniquely identify something.

Question 14

Mobile app management

Answer 14

Used by IT admins and others to secure and control organizational data.

Question 15

Mobile security management

Answer 15

The actions and precautionary steps for securing the organizations data and mobile devices used by it’s members

Question 16

Enterprise Mobility Management

Answer 16

Used to secure data in employees personal devices

Question 17

Remote wipe

Answer 17

Allows admins to remotely remove data from a mobile device

Question 18

Screen lock

Answer 18

Used to prevent unauthorized access to the device

Question 19

Passwords/pins

Answer 19

Form of authentication on electric devices

Question 20

Geolocation

Answer 20

Can identify the real world location of devices through the internet

Question 21

Geofencing

Answer 21

Virtual fence that interferes with mobile users when they cross an arbitrary line

Question 22

Full device encription

Answer 22

Can encrypt all data stored within a device

Question 23

Containerization

Answer 23

The application of encryption software to segment a device between personal data and the encrypted organizational data.

Question 24

BYOD

Answer 24

Bring your own device

Question 25

COPE

Answer 25

Company owned personally enabled

Question 26

COBO

Answer 26

Company owned business only

Question 27

CYOD

Answer 27

Choose your own device

Question 28

What are the benefits of BYOD

Answer 28

Low cost, less employee aggravation

Question 29

What are the downsides of BYOD

Answer 29

Difficult to maintain security, comparability issues which make it hard to scale

Question 30

What must be done to successfully implement BYOD

Answer 30

Define the specs
Decide how the data will be managed
Policies
How security will be implemented
How support will be issued

Question 31

What are the benefits of CYOD

Answer 31

Streamlines options
Able to control the devices without overly disturbing employees
Devices meet any spec requirements
Lower cost than COPE

Question 32

What are the disadvantages of CYOD

Answer 32

Employees must seek out repairs and replacement
Must use updates though the organization
Slow deployment timeframe

Question 33

What must be done to implement a CYOD policy?

Answer 33

Define a set of devices
A set of deletion policies
Define the security that must be implemented
Define how support will be obtained by user

Question 34

What are the benefits to the COPE policy

Answer 34

Greater control
Org retains device ownership
Prevents multiple devices from being required

Question 35

What are some of the downsides of COPE

Answer 35

Org will be required to purchase the device
Monitoring policies will need to be put in place
Business will be required to update all devices
Slow deployment time

Question 36

What will be needed to deploy a COPE policy

Answer 36

The purchasing of devices and required software
Allow employees to work with the device to develop a tech portfolio
Develop policies
Deploy security and support

Question 37

What are the benefits of COBO

Answer 37

Prevents data loss

The org posseses full authority

Question 38

What are the downsides of COBO

Answer 38

High purchase cost

Requires employees to carry multiple devices

Question 39

What must be done to implement a COBO policy?

Answer 39

Prohibit personal use on business devices
Allow employees to get used to the device
Develop policies
Deploy security and support on COBO devices

Question 40

Enterprise Mobile Device Security risks

Answer 40

Weak security systems
Insufficient config allowance
Can be taken outside the bounds of physical security

Question 41

What challenges face mobile devices when it comes to security?

Answer 41

Harder to track and secure
Can be easily mismanaged
Have to ensure all devices are up to date

Question 42

Risks for all mobile policies

Answer 42

The sharing of confidential data

Data leakage and endpoint security

Supporting different devices/ OS’s

Mixing of personal and private data

The ability to bypass policy issues

Disgruntled employees

Question 43

Sec prof guidelines for Mobile policies

Answer 43

Ensure multi-layer protection of systems

Educate the employees

Clarify which apps and data are owned by who

Use of encrypted channels for sensitive data

Clarify any bans

Control access

Ensure employees sign off on the policies

Question 44

Employee guidelines for Mobile policies

Answer 44

Use encryption to store all sensitive data

Maintain a separation of org and personal data

Register devices that contain any org data

Update the OS regularly

Use anti-virus and DLP solutions

Set a strong passcode

Question 45

Mobile device Management (MDM)

Answer 45

Used to deploy, manage, and monitor org owned devices

Question 46

Features of MDM solutions

Answer 46

Security management

Device configuration

Device inventory and tracking

Over the air distribution

Policy management

Password enforcement

Data encryption enforcement

Network integration

Remote data wipe

Blacklisting/ whitelisting of apps and devices

Question 47

Mobile application management (MAM)

Answer 47

Enables network defenders to secure, manage, and distribute applications on employee mobile devices

Question 48

What are the features of an MAM solution

Answer 48

Device activation

Enrollment in provisioning capabilities

Remote wipe and other device level functionality

Minimal admin intervention

Question 49

Mobile Content Management (MCM) or Mobile Information Management (MIM)

Answer 49

Provides secure access to corporate data

Enables secure sharing

Question 50

Mobile Threat Defence (MTD)

Answer 50

As to secure mobile devices against malicious threats, network attacks, and device vulnerabilities

Question 51

Mobile Email Management (MEM)

Answer 51

Pre-config emails on devices remotely, ensures that only approved apps and devices can access the emails, prevents unauthorized access to emails, pre installs the email client

Question 52

Unified endpoint management (UEM)

Answer 52

Ensures remote provisioning, managing, controlling, and securing internet based solutions

Tracking device usage

Remote, Manuel, or auto pushing of updates

Supporting employee owned devices

Threat detection and mitigation

Question 53

Enterprise Mobility Management (EMM)

Answer 53

A comprehensive solution responsible for MDM, MAM, MTM, MCM, and MEM. Secures and manages devices across multiple OSs.

Question 54

Mobile app security best practices

Answer 54

Ensures that the app does not save passwords

Avoid the use of the query string while handling sensitive data

Use code obfuscation and encryption

Implement two-factor authentication

Use SSL/TLS to send data over secure channels

Avoid caching app data

Perform validation checks on input data

Implement secure session management

Question 55

Mobile data security best practices

Answer 55

Encrypt the data stored on the device

Enable over the air encryption

Backup the mobile data periodically

Do not store extremely sensitive data on the device

Do not store passwords or pins as contacts

Use private data centers to store data

Question 56

Mobile network security guidelines

Answer 56

Disable interfaces like Bluetooth, IR, and WiFi when not in use

Set Bluetooth enabled devices to non discoverable

Avoid connecting to unknown WiFi

Config web accounts to use secure connections

Question 57

General guidelines for Mobile platform security

Answer 57

Avoid excessive installation of apps

Avoid auto uploading photos

Maintain configuration control and management

Install from trusted sources

Wipe or delete data before disposing a device

Disable GPS unless required

Question 58

Kaspersky

Answer 58

Internet security for Android uses machine learning to combat new threats

Question 59

Avira

Answer 59

Mobile security for iOS devices provides web protection, identity safeguarding, and identifies phishing websites.