Mobile Device Security

Question 1

Near field communication (NFC)

Answer 1

Employment of electromagnetic induction to enable communication between devices within 10cm

Question 2

Satellite communications (SATCOM)

Answer 2

Artificial geostationary satellite that provides services across the globe

Question 3

Cellular Communication

Answer 3

Based on a single network tower that serves devices located within a certain radius.

Question 4

ANT

Answer 4

A wireless sensor protocol that enables communication between sensors and their controllers

Question 5

Universal serial bus (USB)

Answer 5

Enabled wired communication between devices that can be used for power supply, and serial data transmission.

Question 6

Global positioning system (GPS)

Answer 6

A system that determines the precise location of something on earth through a series of satellites, tracking stations, and recievers.

Question 7

Infrared (IR)

Answer 7

A wireless technology for transmitting data between two devices in the digital form within 5m

Question 8

Wi-Fi

Answer 8

A common wireless technology used in homes and office buildings to connect local devices.

Question 9

Bluetooth

Answer 9

A short range high speed low power wireless technology that enables communication between devices

Question 10

5G cellular Communication

Answer 10

A broadband cellular network that operates at low latency, high bandwidth, and provides high speed downloads

Question 11

Point to point (P2P) connection

Answer 11

Enables secure communication between two devices without encryption, through a fixed path.

Question 12

Point to multipoint connection

Answer 12

Allows one to many connections by providing multiple paths from a single location to many others

Question 13

Radio frequency identification (RFID)

Answer 13

A form of wireless communication that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency portion of the electromagnetic spectrum to uniquely identify something.

Question 14

Mobile app management

Answer 14

Used by IT admins and others to secure and control organizational data.

Question 15

Mobile security management

Answer 15

The actions and precautionary steps for securing the organizations data and mobile devices used by it’s members

Question 16

Enterprise Mobility Management

Answer 16

Used to secure data in employees personal devices

Question 17

Remote wipe

Answer 17

Allows admins to remotely remove data from a mobile device

Question 18

Screen lock

Answer 18

Used to prevent unauthorized access to the device

Question 19

Passwords/pins

Answer 19

Form of authentication on electric devices

Question 20

Geolocation

Answer 20

Can identify the real world location of devices through the internet

Question 21

Geofencing

Answer 21

Virtual fence that interferes with mobile users when they cross an arbitrary line

Question 22

Full device encription

Answer 22

Can encrypt all data stored within a device

Question 23

Containerization

Answer 23

The application of encryption software to segment a device between personal data and the encrypted organizational data.

Question 24

BYOD

Answer 24

Bring your own device

Question 25

COPE

Answer 25

Company owned personally enabled

Question 26

COBO

Answer 26

Company owned business only

Question 27

CYOD

Answer 27

Choose your own device

Question 28

What are the benefits of BYOD

Answer 28

Low cost, less employee aggravation

Question 29

What are the downsides of BYOD

Answer 29

Difficult to maintain security, comparability issues which make it hard to scale

Question 30

What must be done to successfully implement BYOD

Answer 30

``` Define the specs Decide how the data will be managed Policies How security will be implemented How support will be issued ```

Question 31

What are the benefits of CYOD

Answer 31

Streamlines options Able to control the devices without overly disturbing employees Devices meet any spec requirements Lower cost than COPE

Question 32

What are the disadvantages of CYOD

Answer 32

Employees must seek out repairs and replacement Must use updates though the organization Slow deployment timeframe

Question 33

What must be done to implement a CYOD policy?

Answer 33

Define a set of devices A set of deletion policies Define the security that must be implemented Define how support will be obtained by user

Question 34

What are the benefits to the COPE policy

Answer 34

Greater control Org retains device ownership Prevents multiple devices from being required

Question 35

What are some of the downsides of COPE

Answer 35

Org will be required to purchase the device Monitoring policies will need to be put in place Business will be required to update all devices Slow deployment time

Question 36

What will be needed to deploy a COPE policy

Answer 36

The purchasing of devices and required software Allow employees to work with the device to develop a tech portfolio Develop policies Deploy security and support

Question 37

What are the benefits of COBO

Answer 37

Prevents data loss | The org posseses full authority

Question 38

What are the downsides of COBO

Answer 38

High purchase cost | Requires employees to carry multiple devices

Question 39

What must be done to implement a COBO policy?

Answer 39

Prohibit personal use on business devices Allow employees to get used to the device Develop policies Deploy security and support on COBO devices

Question 40

Enterprise Mobile Device Security risks

Answer 40

Weak security systems Insufficient config allowance Can be taken outside the bounds of physical security

Question 41

What challenges face mobile devices when it comes to security?

Answer 41

Harder to track and secure Can be easily mismanaged Have to ensure all devices are up to date

Question 42

Risks for all mobile policies

Answer 42

The sharing of confidential data Data leakage and endpoint security Supporting different devices/ OS's Mixing of personal and private data The ability to bypass policy issues Disgruntled employees

Question 43

Sec prof guidelines for Mobile policies

Answer 43

Ensure multi-layer protection of systems Educate the employees Clarify which apps and data are owned by who Use of encrypted channels for sensitive data Clarify any bans Control access Ensure employees sign off on the policies

Question 44

Employee guidelines for Mobile policies

Answer 44

Use encryption to store all sensitive data Maintain a separation of org and personal data Register devices that contain any org data Update the OS regularly Use anti-virus and DLP solutions Set a strong passcode

Question 45

Mobile device Management (MDM)

Answer 45

Used to deploy, manage, and monitor org owned devices

Question 46

Features of MDM solutions

Answer 46

Security management Device configuration Device inventory and tracking Over the air distribution Policy management Password enforcement Data encryption enforcement Network integration Remote data wipe Blacklisting/ whitelisting of apps and devices

Question 47

Mobile application management (MAM)

Answer 47

Enables network defenders to secure, manage, and distribute applications on employee mobile devices

Question 48

What are the features of an MAM solution

Answer 48

Device activation Enrollment in provisioning capabilities Remote wipe and other device level functionality Minimal admin intervention

Question 49

Mobile Content Management (MCM) or Mobile Information Management (MIM)

Answer 49

Provides secure access to corporate data Enables secure sharing

Question 50

Mobile Threat Defence (MTD)

Answer 50

As to secure mobile devices against malicious threats, network attacks, and device vulnerabilities

Question 51

Mobile Email Management (MEM)

Answer 51

Pre-config emails on devices remotely, ensures that only approved apps and devices can access the emails, prevents unauthorized access to emails, pre installs the email client

Question 52

Unified endpoint management (UEM)

Answer 52

Ensures remote provisioning, managing, controlling, and securing internet based solutions Tracking device usage Remote, Manuel, or auto pushing of updates Supporting employee owned devices Threat detection and mitigation

Question 53

Enterprise Mobility Management (EMM)

Answer 53

A comprehensive solution responsible for MDM, MAM, MTM, MCM, and MEM. Secures and manages devices across multiple OSs.

Question 54

Mobile app security best practices

Answer 54

Ensures that the app does not save passwords Avoid the use of the query string while handling sensitive data Use code obfuscation and encryption Implement two-factor authentication Use SSL/TLS to send data over secure channels Avoid caching app data Perform validation checks on input data Implement secure session management

Question 55

Mobile data security best practices

Answer 55

Encrypt the data stored on the device Enable over the air encryption Backup the mobile data periodically Do not store extremely sensitive data on the device Do not store passwords or pins as contacts Use private data centers to store data

Question 56

Mobile network security guidelines

Answer 56

Disable interfaces like Bluetooth, IR, and WiFi when not in use Set Bluetooth enabled devices to non discoverable Avoid connecting to unknown WiFi Config web accounts to use secure connections

Question 57

General guidelines for Mobile platform security

Answer 57

Avoid excessive installation of apps Avoid auto uploading photos Maintain configuration control and management Install from trusted sources Wipe or delete data before disposing a device Disable GPS unless required

Question 58

Kaspersky

Answer 58

Internet security for Android uses machine learning to combat new threats

Question 59

Avira

Answer 59

Mobile security for iOS devices provides web protection, identity safeguarding, and identifies phishing websites.