Mobile Software Engineering I - Unit 2

Question 1

What general layers exist in the Android architecture?

Answer 1

• applications
• Java application framework
• android runtime / system libraries
• hardware abstraction layer
• linux kernel
• hardware layer

Question 2

What is a kernel?

Answer 2

The software that creates the environment on which all applications will later run on.

Question 3

What environmental features does the linux kernel provide?

Answer 3

• virtual execution space
• file system

Question 4

What are Wakelocks in regard to Android? How do they operate?

Answer 4

A method to control if the device will stay “awake” or will “sleep”. Wakelocks provide a flag value. The kernel constantly tries to “sleep”, however a true wakelock flag will prevent this.

Question 5

What are some alternatives to wakelocks in Android?

Answer 5

• download manager
• sync adapters
• job scheduler
• firebase cloud messaging
• companion device manager

Question 6

What is Binder in regard to Android?

Answer 6

An inter-process communication that manages the way that the Android system handles memory pressure and wakelocks.

Question 7

What does the ashmem module do in the Android kernel?

Answer 7

Allows unrelated processes to share memory.

Question 8

What are the purposes of the hardware abstraction layer?

Answer 8

• layer of native code inbetween the Java code and the driver code
• abstraction layer for the device’s functionalities
• allows over-the-air updates

Question 9

What is the main purpose of the android runtime environment?

Answer 9

To convert code from high-level languages into binary or machine code.

Question 10

What features does the android runtime environment offer over its predecessor Dalvik?

Answer 10

• ahead-of-time compilation
• garbage collection
• debugging improvements

Question 11

What are some examples of native C or C++ libraries included in the Android architecture?

Answer 11

• OpenGL
• WebKit
• media frameworks
• SSL
• SQLite

Question 12

What primary examples of building blocks in the Java API Framework for Android exist?

Answer 12

• view system
• notification manager
• location manager
• activity manager
• content providers
• resource manager
• core

Question 13

Within the Android stack, where are security measures implemented?

Answer 13

In each layer.

Question 14

What main categories of security issues exist in the Android stack?

Answer 14

• hardware
• operational
• application

Question 15

What is the concept of verified boot?

Answer 15

Ensuring that the kernel and android system are loaded from a secure location.

Question 16

What is the StrongBox Keymaster in Android?

Answer 16

A hardware security module, implemented in tamper-resistant hardware to handle cryptographic keys.

Question 17

What is the concept of application sandboxing?

Answer 17

Applications are loaded and executed in their own process, with individual memory space and a section of the file system they can access. They are isolated from other processes that are simultaneously running.

Question 18

What does SE Linux define that improved the security of Android?

Answer 18

Security Enhanced Linux determines a set of policies with enforcement rules.

Question 19

What are the main cryptographic components in the Android system?

Answer 19

• KeyStore: storage for cryptographic certificates and keys applicable to specific modules
• KeyChain: storage for credentials applicable to the entire system

Question 20

What is the meaning of the following security recommendations as it pertains to Android:

• control permissions given to apps
• use Google Play Protect
• enforce safe browsing
• two-factor authentication
• screen lock and smart lock
• location settings
• encryption
• software update
• unsecure connections
• additional security

Answer 20

• control permissions given to apps
• use Google Play Protect: scans phone for misbehaving or malicious apps
• enforce safe browsing: gives the user a warning when materials from a suspicious website are downloaded or opened
• two-factor authentication
• screen lock and smart lock: smart lock allows the device to remain unlocked in trusted situations or places
• location settings
• encryption
• software update
• unsecure connections
• additional security

Question 21

What are the most important features of Google Play Protect?

Answer 21

• scanning apps installed from Google Play
• erasing remote location or device data
• warning about suspicious websites
• continuous monitoring of applications

Question 22

What important security considerations exist when communicating through a network?

Answer 22

• minimize transmission of sensitive data
• set restrictions (only trust certain certificate authorities)
• use SSL

Question 23

What Android class controls the connectivity to different networks?

Answer 23

ConnectivityManager

Question 24

What different states can exist in the ConnectivityManager in regard to network state?

Answer 24

• connected
• connecting
• disconnected
• disconnecting

Question 25

What different types of network connections exist in the `ConnectivityManager`?

Answer 25

* `TYPE_WIFI` * `TYPE_MOBILE` * `TYPE_BLUETOOTH`

Question 26

What Java package is used to make HTTP requests?

Answer 26

`java.net`

Question 27

What main web services can be used in Android systems?

Answer 27

* **re**presentational **s**tate **t**ransfer (REST) * **s**imple **o**bject **a**ccess **p**rotocol (SOAP) * remote procedure calls (XML-RPC)

Question 28

What java classes can be used to make phone calls directly from an application?

Answer 28

`TelephonyManager` and `PhoneStateListener`

Question 29

What Java class can be used to send SMSs?

Answer 29

`SMSManager`