Section 5: Mobile Device Security

Question 1

What is WPA2 in relation of wifi? What encryption standard does it use?

Answer 1

Wifi-Protected Access 2 (WPA2) is the highest level of security for wifi and it uses AES.

Question 2

How security work in bluetooth?

Answer 2

Bluetooth pairs using a Link Key to encrypt its connection

Question 3

What is SMS-Phising?

Answer 3

Pre-Txt scam that link out to malware containing sites.

Question 4

What is a SIM card?

Answer 4

Subscriber Identity Module (SIM) is an integrated circuit that securely stores the International Mobile Subscriber Identity (IMSI) number and its related key.

Question 5

What is SIM cloning?

Answer 5

SIM Cloning allows tow phones to utilize the same service and allow an attacker to gain access to the phones data.

Question 6

What is phone highjacking?

Answer 6

Phone Highjacking is taking over a phone number using social engineering or SIM cloning to gain access to 2-factor authentication and takes over other account from the victim.

Question 7

What is Bluejacking?

Answer 7

Bluejacking is sending unsolicited messages to bluetoother enable devices. Sending

Question 8

What is Bluesnarfing?

Answer 8

Bluesnarfing is taking information from a device over bluetooth connection. Taking

Question 9

What are two types of bluetooth attacks?

Answer 9

Bluejacking (sending data)

Bluesnarfing (taking data)

Question 10

What is Remote wipe?

Answer 10

Remote wipe is the process of remotely wiping a device from the internet.

Question 11

What is Remote Lock?

Answer 11

Remote Lock is the process of remotely encrypting a device requiring a special password to decrypt the phone.

Question 12

What is TLS?

Answer 12

Transport Layer Security (TLS) creates a secure tunnel between the site and device.

Question 13

What is MDM in relation to device security?

Answer 13

Mobile Device Management (MDM) is centralized software solution that allows system administrators to create and enforce policies across it mobile device.

Question 14

What is the most dangerous device model in a work place?

Answer 14

Bring your own device BYOD is the most dangerous because it incurs many possible problems that the employer cannot control. Security is heavily left up to the employee.

Question 15

What is Storage Segmentation in relation to devices?

Answer 15

Storage segmentation is the process of creating clear separations between personal and company data on a single device.

Question 16

What is one Administrative and one Technical control in relation to Storage Segmentation on devices?

Answer 16

Technical Control - an app that all work is done on

Administrative - a policy that says how data should be used.

Question 17

What its the CYOD model for mobile devices at a business?

Answer 17

Chose your own device (CYOD) is a mobile device model where the employer gives the employee a few choices in devices that MDM and other security policies built into them.

Question 18

What are the 10 ways you can harden your mobile devices?

Answer 18

1. Update devices
2. Instal AntiVirus/Malware
3. User Training on proper security and use of devices
4. Officail mobile Apps only
5. No jailbroken or rooted phones
6. SIMv2
7. Turn off all unnecessary features
8. Turn on encryption voice and data
9. String Passwords, biometrics, Find my phone, remote wipe/lock
10. NO BYOD (bring your own device)