Section 18.169 Mobile Vulnerabilities and Attacks

Question 1

Different Types of Mobile Vulnerabilities

Sideloading

Answer 1

The practice of installing applications on a device from unofficial sources which actually bypasses the devices default app store

● Can introduce malware; download apps from official sources with strict review processes

Mitigation techniques: always download apps from an official and trusted source

Question 2

Different Types of Mobile Vulnerabilities

Jailbreaking/Rooting

Answer 2

Process that gives users escalated privileges on the device and allows users to circumvent the built in security mesaures by the devices

● Prevents installation of manufacturer updates, leaving devices vulnerable

Greater customisation but less security

Question 3

Different Types of Mobile Vulnerabilities

Insecure Connection Methods

Answer 3

Using open Wi-Fi networks or pairing with unknown devices over Bluetooth exposes devices to attacks

Mitigation techniques: Use cellular data for more secure connections. Connect only to known devices and set devices to non-discoverable when not pairing

Question 4

Different Types of Mobile Vulnerabilities

Mobile Device Management (MDM) Solution

Answer 4

Used to conduct patching of the devices by pushing any necessary updates to the devices to ensure that they are always equipped with the latest security patches

Question 5

Mobile Device Management (MDM) Solution

Patching

Answer 5

Ensuring devices receive necessary security updates

Question 6

Mobile Device Management (MDM) Solution

Configuration Management

Answer 6

Enforcing standardized configurations for security

Question 7

Mobile Device Management (MDM) Solution

Best Practice Enforcement

Answer 7

Disabling sideloading, detecting jailbreaking/rooting, and enforcing VPN use