Securing Mobile Devices(Comptia Objective 2.8) Flashcards
What are the various types of screen locks on mobile devices?
- Fingerprint(Biometrics)
- Face Unlock( Don’t trust this)
- Swipe( Choose a pattern)
- Passcode( Choose a PIN or add complexity)
After 10 failed attempts of unlocking the screen lock on an IOS device what happens?
- Everything get’s erased from the device.
- Sometimes picture is taken by the phone of the person attempting to login to that device with a failed PIN, facelock, fingerprint etc.
What happens after a certain number of failed screen lock access attempts on an android device?
- Device get’s locked and will require a google login to regain access to the device.
What do many devices have to locate them?
- Built-in GPS and location helpers.
- Will allow you to find your phone on a map
- Devices can also be controlled from afar and make a sound or display a message.
- Option also exists to remotely wipe everything from the device.( So at least you know your data is safe)
How does Remote backup work for smart devices?
- Constantly backs up a mobile device wherever it may happen to be and saves to the cloud. (Not a manual process)
- Allows you to backup without wires( use whatever existing network you’re connected to)
- Can restore with one click( Restores everything). Just authenticate and wait.
What are some benefits of Apples IOS when it comes to Anti-Virus and Anti-Malware?
- Apple IOS is a closed environment, tightly regulated.
- Malware has to find a vulnerability
- Only 1st party approved applications can be installed.
How does Android compare to Apple IOS when it comes to dealing with Viruses and Malware?
- Android is a more open operating system. App’s can be installed from anywhere
- This makes it easier for malware to find it’s way in making running Anti-virus and anti-malware software crucial for mobile devices.
What is a feature of mobile devices that make them more secure than Desktop Computers or laptops?
- Apps run in a “Sandbox”. They can only access what data you choose to give them access to.
- This makes mobile devices relatively safe.
When it comes to patching and OS updates for mobile devices what are some important things to remember?
- All devices need updates( Even mobile devices)
- This includes Device patches, security updates, operating system updates( New features, bug fixes)
- Don’t get behind to avoid security problems.
Biometric Authentication should also be implemented along with?
- Multi-factor authentication( More than one factor, password, passcode, swipe pattern etc)
- Biometrics include Fingerprint, face, iris etc.
What is an important thing to remember when it comes to Biometrics as a security method?
- We’re just figuring this out( Biometrics have a long way to go there have been instances of bad guys circumventing the fingerprint swipe login.
What does an Authenticator app do?
- Acts like a physical Pseudo-random token generator and provides a code on screen that only the person with the phone would know and allows access with the correct code.
What does a physical token generator do
- Generates a pseudo random code that you can type in in the login process to gain access. Usually connects to a keychain.
Similar to Desktop computers what can you do to prevent loss of data
- Full Device Encryption.
- In IOS this is enable by default and is decrypted with your device lock password/code.
- In Android full device encryption can be turned on by going into the settings and turning it ono.
What are the differences between Trusted and untrusted sources?
- Once malware is on a phone it has a huge amount of access. For this reason you shouldn’t install APK files from an untrusted sources.
- in IOS all apps are curated by Apple and they analyse every app to ensure they are safe and meet their approval.
- On Android devices apps can be downloaded from Google Play or sideloaded(Third Party not google) this is where problems can occur as anyone can essentially make an app for android without Google Plays approval. And malware can find itself onto a device.