Section 5 - Mobile Device Security Flashcards
There’s two main things ways we connect wireless devices. They are…?
Bluetooth
Wifi
If we’re using Wifi we want to make sure we’re protecting it at the highest level. This can be done using what?
WPA2
Wifi Protected Access 2 is a advanced encryption standard (AES)
How do you protect your mobile device from mobile malware?
- Have an antivirus solution on your device
- Make sure your mobile device is patched and updated
- Make sure you’re updating your OS
- Only install applications from an offical app store
- Be careful of the sites you visit and the thing you click on
- Do not jailbreak or root your device. This bypasses the natural protections that your system has
- Don’t use custom firmware or ROM (this is specific to Android users) you’re using an alternate version of the operating system that makes it difficult for the manufacturer to send patches to you
What is important to remember regarding updating operating systems for Androids?
Unlike iPhone who will send out a push notification when there’s available updates and patches (thus ensuring you have the latest OS) Android is more complicated. Google puts out the base operating system and when there’s a vulnerability, they create patches for it and send it out to their different manufacturers. However, since most people are using a Google-based Android device (most people use Samsung, for instance) those patches could take several months before they are available to your specific device.
What does SIM stand for?
Subscriber Identity Module
What does a SIM card do?
This is an integrated circuit that securely stores the international mobile subscriber identity, your IMSI number and it’s related key.
** This is what tells the cellphone towers which device is assigned to which number
What is SIM cloning?
SIM cloning allows two cellphones to utilize the same service and allows the attacker to gain access to the phone’s personal data
How can you prevent identify theft or account takeover?
Be careful where you post your phone number
*** If you are a victim of a data breach, and somebody has stolen your name and your address and your email, and now they have your phone number, they can perform this account takeover against you.
What is bluejacking?
Bluejacking is sending unsolicited messages to bluetooth enabled devices
*** This often happens by having somebody who will pair to your device and then send the data to you
What is bluesnarfing?
Unauthorized access of information from a wireless device over a Bluetooth connection
What is the difference between bluejacking and bluesnarfing?
Bluejacking SENDS information to a device
Bluesnarfing TAKES information from a device
What does the discoverable mode on bluetooth do?
It will sit there and wait to accept connections from any device that comes in the area
What is the best way to defend your mobile device?
Full disk encryption
Set up tracking on your device
do not jailbreak or root your phone
use a secure web browser (such as chrome as opposed to a third-party web browser hardly anyone knows)
always use the secure version of a website (this is denoted by the https at the front of the web address. This will ensure you have TLS tunnel created between your phone and the server.)
turn off location services for any apps that don’t need it
What is the best way to assure you don’t get malware from an app?
only install applications from an official mobile store
What is the following called?
APPLE - This means you’re going to remove the security protections that has put in place so that you can it from your wireless carrier to a different wireless carrier or install third-party apps outside of the App store
ANDROID - This allows you to have administrative permissions over it. You can install whatever applications you want and make the phone do things that it wasn’t necessarily designed to do.
Jailbreaking (Apple)
Rooting (Android)
