Section 5 - Mobile Device Security Flashcards
There’s two main things ways we connect wireless devices. They are…?
Bluetooth
Wifi
If we’re using Wifi we want to make sure we’re protecting it at the highest level. This can be done using what?
WPA2
Wifi Protected Access 2 is a advanced encryption standard (AES)
How do you protect your mobile device from mobile malware?
- Have an antivirus solution on your device
- Make sure your mobile device is patched and updated
- Make sure you’re updating your OS
- Only install applications from an offical app store
- Be careful of the sites you visit and the thing you click on
- Do not jailbreak or root your device. This bypasses the natural protections that your system has
- Don’t use custom firmware or ROM (this is specific to Android users) you’re using an alternate version of the operating system that makes it difficult for the manufacturer to send patches to you
What is important to remember regarding updating operating systems for Androids?
Unlike iPhone who will send out a push notification when there’s available updates and patches (thus ensuring you have the latest OS) Android is more complicated. Google puts out the base operating system and when there’s a vulnerability, they create patches for it and send it out to their different manufacturers. However, since most people are using a Google-based Android device (most people use Samsung, for instance) those patches could take several months before they are available to your specific device.
What does SIM stand for?
Subscriber Identity Module
What does a SIM card do?
This is an integrated circuit that securely stores the international mobile subscriber identity, your IMSI number and it’s related key.
** This is what tells the cellphone towers which device is assigned to which number
What is SIM cloning?
SIM cloning allows two cellphones to utilize the same service and allows the attacker to gain access to the phone’s personal data
How can you prevent identify theft or account takeover?
Be careful where you post your phone number
*** If you are a victim of a data breach, and somebody has stolen your name and your address and your email, and now they have your phone number, they can perform this account takeover against you.
What is bluejacking?
Bluejacking is sending unsolicited messages to bluetooth enabled devices
*** This often happens by having somebody who will pair to your device and then send the data to you
What is bluesnarfing?
Unauthorized access of information from a wireless device over a Bluetooth connection
What is the difference between bluejacking and bluesnarfing?
Bluejacking SENDS information to a device
Bluesnarfing TAKES information from a device
What does the discoverable mode on bluetooth do?
It will sit there and wait to accept connections from any device that comes in the area
What is the best way to defend your mobile device?
Full disk encryption
Set up tracking on your device
do not jailbreak or root your phone
use a secure web browser (such as chrome as opposed to a third-party web browser hardly anyone knows)
always use the secure version of a website (this is denoted by the https at the front of the web address. This will ensure you have TLS tunnel created between your phone and the server.)
turn off location services for any apps that don’t need it
What is the best way to assure you don’t get malware from an app?
only install applications from an official mobile store
What is the following called?
APPLE - This means you’re going to remove the security protections that has put in place so that you can it from your wireless carrier to a different wireless carrier or install third-party apps outside of the App store
ANDROID - This allows you to have administrative permissions over it. You can install whatever applications you want and make the phone do things that it wasn’t necessarily designed to do.
Jailbreaking (Apple)
Rooting (Android)
What is TLS?
Transport Layer Security
This puts an encryption layer and a tunnel between your device and the server to ensure you have confidentiality and nobody is conducting a man-in the middle attack from you
What is MDM?
Mobile Device Management
A centralized software solution that allows your system administrators to create and enforce policies across all of the mobile devices
*** May be something to consider if your organization is going to be providing their employees with a cellphone
What is geotagging?
Embedding the geolocation coordinates or GPS coordinates into a piece of data
*** This is most commonly done with a photo or a video. By default, when you take a picture, your GPS coordinates are embedded into that photo as metadata. This allows for your coordinates to be found if you were to post that photo to a social media platform.
When it comes to BYOD many companies will do what as a means to protect their assets from malware risk?
Storage Segmentation
Creating a clear separation between personal and company data on a single device
*** For example, having two emails - one for personal and one for email.
What is MDM?
Mobile Device Management
Centralized software solution for remote administration and configuration of mobile devices
*** With this, you are able to push out software policies, prevent installing application and install updates remotely without the user knowing.
An alternative that a lot of companies have to BYOD is…?
CYOD
Choose Your Own Device
This gives employees the choice of a phone and the company will pay for it. Then they will install MDM on it to make sure it is safe to use.
What is DLP?
Data Loss Prevention
What is mobile device hardening?
Increasing the security of your mobile device
What are the best ways to conduct mobile device hardening?
- Update your device to the latest version of the software
- Install AntiVirus
- Train users on proper security and use of the device
- Only install applications from official mobile stores
- Do not jailbreak or root your device
- Only use v2 SIM cards with your devices (v1 is very suspectible to SIM cloning)
- Turn off all unnecessary features
- Turn on encryption for voice and data
- Use strong passwords and/or biometrics
- Don’t allow BYOD
