Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

PenTest+ > Section 13: Attacks on Mobile Devices > Flashcards

Section 13: Attacks on Mobile Devices Flashcards

1
Q

Mobile Deployment Options

A

o Corporate-Owned, Business Only (COBO)
▪ Purchased by the company for use by the employees only for work related purposes
▪ Most secure
▪ Most restrictive
▪ Most expensive

o Corporate-Owned, Personally-Enabled (COPE)
▪ Provides employees with a company procured device for work-related and/or personal use

o Choose Your Own Device (CYOD)
▪ Allows employees to select a device from an approved list of vendors or devices
o Bring Your Own Device (BYOD)
▪ Allows employees to bring their own devices into work and connect them to the corporate network
▪ BYOD brings up privacy concerns and is the most difficult to secure

o Virtual Mobile Infrastructure (VMI)
▪ Like VDI, but utilizes a virtualized mobile operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Disassembler

A

A computer program that translates machine language into assembly language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Machine Code

A

The binary code executed by the processor, typically represented as 2 hex digits for each byte

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Assembly Code

A

The native process or instruction set used to implement a program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Decompiler

A

Software that translates a binary or low-level machine language code into higher level code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Drozer

A

A complete security audit and attack framework that provides the tools to use and share public exploits for the Android OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Android APK Decompiler (APKX)

A

A tool that can extract an APK file, an Android binary, or application back to its Java source code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Frida

A

▪ An open-source tool that provides custom developer tools for
penetration testers when conducting application pentesting on mobile apps
▪ Frida supports both iOS and Android applications, as well as Windows, macOS, and Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Needle

A

▪ An open-source, modular framework used to streamline the security assessment process on iOS application
▪ Frida is a better choice for iOS exploitation as Needle has already been decommissioned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Ettercap

A

A comprehensive toolkit for conducting on-path attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Mobile Security Framework (MobSF)

A

An automated, all-in-one mobile application pentesting, malware
analysis, and security assessment framework capable of performing both static and dynamic analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Postman

A

An API platform for building and using APIs that simplifies each step of the API lifecycle and streamlines collaboration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

PenTest+ (22 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions