Chapter 13: Implementing Secure Mobile Solutions

This microwave uses smaller sectoral antennas, each covering a separate quadrant. Where it is between two sites, it links multiple sites or subscriber nodes to a single hub.

Point-to-multipoint (P2M)

Unless the owner configures some form of authentication, a discoverable device is vulnerable to ________________, a type of spam where the victim receives an unsolicited text (or picture/video) message or vCard (contact details).

bluejacking

Analyze mobile device deployment models to select the best explanation of the Corporate Owned, Personally-Enabled (COPE) deployment model. A.) The employee may use the mobile device to access personal email and social media accounts. The device is chosen and supplied by the company. B.) The employee may use the mobile device to access personal email and social media accounts. The device is chosen and supplied by the employee. C.) The device is the property of the company and may only be used for company business. D.) The employee may use the mobile device to access personal email and social media accounts. The device is chosen by the employee and supplied by the company.

A

Analyze the following scenarios and determine which accurately describes the use of an ad hoc Wi-Fi network. A.) Two wireless stations connect to each other on a temporary basis. B.) A smartphone shares its Internet connection with a PC. C.) Multiple types of wireless devices establish a peer-to-peer network. D.) A smartphone connects to a PC via Bluetooth.

A

Which microwave connection mode is most appropriate for forming a strong connection between two sites? A.) P2P B.) P2M C.) OTA D.) OTG

A

A user would like to install an application on a mobile device that is not authorized by the vendor. The user decides the best way to accomplish the install is to perform rooting on the device. Compare methods for obtaining access to conclude which type of device the user has, and what actions the user has taken. A.) The user has an iOS device and has used custom firmware to gain access to the administrator account. B.) The user has an Android device and has used custom firmware to gain access to the administrator account. C.) The user has an iOS device and has booted the device with a patched kernel. C.) The user has an Android device and has booted the device with a patched kernel.

B

These devices provide the greatest security of the four mobile device deployment models. The device is the property of the company and may only be used for company business.

Corporate Owned, Business Only (COBO)

A user facing a tight deadline at work experiences difficulties logging in to a network workstation, so the user activates a smartphone hotspot and connects a personal laptop to save time. Which of the following vulnerabilities has the user potentially created for the enterprise environment? A.) A device in "discoverable" mode can exploit outdated software patches. B.) The device may be vulnerable to a skimming attack. C.) The device may be able to defeat geofencing mechanisms. D.) The device may circumvent data loss prevention and web content filtering policies.

D

An attacker uses spoofed GPS coordinates on a stolen mobile device, attempting to gain access to an enterprise network. Which statement best describes the attack vector? A.) The attacker uses the spoofed coordinates to defeat containerization on the target network. B.) The attacker uses spoofed coordinates to perform a bluesnarfing attack. C.) The attacker uses spoofed coordinates to establish a rogue wireless access point. D.) The attacker uses spoofed coordinates to defeat geofencing on the target network.

D

The owner of a company asks a network manager to recommend a mobile device deployment model for implementation across the company. The owner states security is the number one priority. Which deployment model should the network manager recommend for implementation? A.) BYOD since the company can restrict the usage to business only applications. B.) CYOD because even though the employee picks the device, the employee only conducts official business on it. C.) COPE since only company business can be conducted on the device. D.) COBO because the company retains the most control over the device and applications.

D

This is firmware updates deliver to radio devices via a cellular data connection

Over-the-air (OTA)

This topology occurs when two nodes have a dedicated connection to one another. In a point-to-multipoint topology, a central node mediates links between remote nodes.

Point-to-Point (P2P)

True or False: Mesh products allow all types of wireless device to participate in a peer-to-peer network, though the products may not be interoperable.

True

True or False: an attacker can installs a rogue wireless access point (WAP)—with a smartphone with tethering capabilities, for example—on a network without authorization which can create an unauthorized WAP backdoor.

True

This specification allows a mobile device to act as a host when a device, such as an external drive or keyboard, is attached. It allows a port to function either as a host or as a device.

USB on the go (OTG)

The term "____________________" is also widely used to mean a hotspot.

Wi-Fi tethering

Wireless stations can establish peer-to-peer connections with one another, rather than using an access point. This is also called an ________________________, or temporary network. There is no established, standards-based support for ad hoc networking, however.

ad hoc network

This system may provision an isolated execution environment for an application with containerization.

host operating

A smartphone can share its Internet connection with another device, such as a PC. Where the PC shares this connection over Wi-Fi with multiple other devices, the smartphone acts as a _____________.

hotspot.

A user who has an _______ device and wants access to the administrator account will perform an action called jailbreaking versus rooting.

iOS

This is the operating system for Apple's iPhone and iPad tablet. Apple makes new versions freely available for these, with devices typically updated very quickly.

iOS

One type of radio frequency ID (RFID) attack is where an attacker uses a fraudulent RFID reader to read the signals from a contactless bank card.

skimming

An attacker steals personal data from a user device with an outdated Bluetooth authentication mechanism. What type of attack has occurred? A.) Bluejacking B.) Bluesnarfing C.) Bluetooth jamming D.) Jailbreaking

B

Pilots in an Air Force unit utilize government-issued tablet devices loaded with navigational charts and aviation publications, with all other applications disabled. This illustrates which type of mobile device deployment? A.) BYOD B.) COBO C.) COPE D.) CYOD

B

Analyze and compare iOS and Android operating systems (OS) to accurately differentiate between the two. (Select all that apply.) A.) Android releases updates often, while iOS is more sporadically released. B.) iOS is limited to Apple products, while Android has multiple hardware vendors. C.) Android is an open source OS based on Linux, unlike iOS, which is a closed and proprietary system. D.) iOS is more vulnerable to attack due to being a closed source, while Android is more secure with multiple partners working to secure the OS.

B and C

This uses an exploit in Bluetooth to steal information from someone else's phone. The exploit (now patched) allows attackers to circumvent the authentication mechanism.

Bluesnarfing

This is generally less susceptible to jamming than Wi-Fi or GPS signals

Bluetooth

This model is the least secure of the four deployment models. The device is owned by the employee, and the employee agrees to use it for company use.

Bring Your Own Device (BYOD)

This device is supplied and chosen by the company and personal use is allowed.

Corporate Owned, Personally-Enabled (COPE)

This model means the device is chosen by the employee and owned by the company. The employee is able to use the device for personal business.

Deploying a Choose Your Own Device (CYOD)

Even without an exploit, a short (4-digit) PIN code is vulnerable to what type of password guessing?

brute force

An attacker can spoof ____________________ using specialist radio equipment to defeat geofencing mechanisms.

GPS signals

This can create a virtual network boundary (based on real-world geography) that utilizes context-aware authentication for establishing a network perimeter on a company's premises.

Geofencing

This occurs when an attacker gains root privileges. An attacker may use this to sideload apps, change or add mobile carriers, or customize OS interfaces.

Jailbreaking

An ____________device is not able to be booted with a patched kernel. Only done iOS devices. Custom firmware or access from the vendor is required to obtain administrator access.

Android

Android is an OS for smartphones and tablets, and is an open source OS. This provides more scope for hardware vendors such as Asus, LG, and Samsung. It offers updates more sporadically, as updates are often dependent on the handset vendor to complete.

Android

Rooting is a term associated with _______________ devices. Some vendors provide authorized mechanisms for users to access the root account on their device. For some devices, it is necessary to exploit a vulnerability or use custom firmware.

Android

This is more vulnerable to attack than iOS. Sporadic updates along with apps being installed from multiple vendors, reduces the security on the devices. iOS is a closed source with frequent updates, providing more security.

Android