Mobile Security

Question 1

What is the difference between a point-to-point wireless connection and a point-to-multipoint wireless connection?

Answer 1

Point-to-point is a 1 to 1 connection. One device is only connected another device wirelessly and that is it.

Point-to-multipoint is what we will most commonly see in wireless network connections, almost exclusively. One device is connected to many different different devices wirelessly.
This doesn’t imply full connectivity between all of the different devices to each other, they might be too far apart from each other. But one device is connected to many different devices.

Question 2

What is the difference between MDM and MCM?

Answer 2

Mobile device management is focused on the overall security of a device, such as which apps are installed, version numbers, etc.

Mobile Content Management (MCM) is focused on the data stored on the mobile device.
You can limit file sharing and viewing.
You can implement DLP to prevent the copy/pasting of sensitive data.
You can ensure data is encrypted on the mobile device.

All of these security options are configured on the mobile device manager, and its up to the administrator of the MDM to configure and set these options.

Question 3

What is a remote wipe?

Answer 3

This is a way of deleting everything from a mobile device when you don’t have access to it.
Often managed from the MDM

You want to always have a backup if you’re using this so you can get everything back.

Question 4

What is geofencing?

Answer 4

This is an MDM tool for restricting or allowing features only when a device is in a particular area.
For example: the camera might only work when outside the office.
This can also be used for authentication.
Example: only allow logins when the device is located in a particular area.

Question 5

What is Context-aware authentication?

Answer 5

This is an authentication method that draws on multiple different sources of context such as:
Where you normally log in (IP address)
Where you normally frequent(GPS information)
Other devices that may be paired(Bluetooth, etc)

Question 6

What is containerization in the context of MDM?

Answer 6

This is a way of separating enterprise mobile apps and data from personal apps and data on a device.
Creates a virtual “container” for company data.
There is limiting data sharing from this contained area, and storage segmentation keeps data separate.

Makes it very easy to manage offboarding and data security.

Question 7

What would the HSM look like in a mobile phone or other very small device?

Answer 7

Instead of a larger HSM like you find in a computer, the HSM in a mobile phone will be on a MicroSD card.
This is called a MicroSD HSM.

Provides all of the features of a normal HSM:
Encryption
Key generation/Key storage
Decryption
Digital signatures
Authentication

Question 8

What is a UEM solution? (unified endpoint management)

Answer 8

A way of managing security posture on a variety of devices and making sure that they all meet the same security requirements.

Question 9

What is MAM?

Answer 9

Mobile application management

Like MDM but for specific applications.
This would be a solution for provisioning, updating, and removing apps.
An example of this would be to create an enterprise app catalog, users could choose and install the apps they need.
This allows the administrator of the MAM to monitor how these applications are being used.
This also allows finely grained control over the data on these mobile devices, so that you can remove just data from one app but leave all of the other data intact.

Question 10

What is SEAndroid?

Answer 10

Security Enhancements for Android

This is basically taking the SELinux functionality and adding it to the android operating system.
This supports access control security policies.
It addresses a broad scope of system security such as: the kernal, userspace,and policy configuration.
Uses Mandatory access control (MAC)
Enabled by default in android.
Also isolates and sandboxes android apps.

Question 11

What is the difference between geofencing and geotagging?

Answer 11

Geofencing is the process of limiting access based on location or authenticating based on location.

Geotagging is when your location is used in the metadata of a file. The metadata of most photos contains the location it was taken in.
Geotagging=Location in metadata

Question 12

What is ad hoc mode?

Answer 12

This is when two devices can directly connect to each other wirelessly without needing an access point.

WiFi direct simplifies this process. It is common to see in home IoT devices.

Question 13

What is BYOD?

Answer 13

Bring your own device.

Employees are allowed to bring their own device to work

Question 14

What is COPE?

Answer 14

Corporate owned, but personally enabled.
This is a mobile deployment model where the company buys the device for you, but it is used both as a corporate device, and a personal device.

Since the device is owned by the company, they have full control of everything on the device. Information can be deleted at any time.

Question 15

What is CYOD?

Answer 15

Choose your own device.
Very similar to COPE, but you get to decide what device you want to use, and then the organization purchases that device for you, but they own it.

Question 16

What is a corporate owned mobile deployment method?

Answer 16

This is where your device is owned by the company, and you can not use it for personal use.
You must have a seperate device for anything personal.

Question 17

What is VMI? …..(think VDI)

Answer 17

This is virtual mobile infrastructure.
Similar to VDI(virtual desktop infrastructure)
The apps and data are completely separated from the mobile device and stored somewhere else, securely, and centralized.

This means that if you lose your mobile device you will not lose any of this data. You can simply reconnect to that data source and have all of your data back