Lesson 18 Mobile OS Security// Mobile OS && App Security// Mobile OS and App Security // SUPPORTING MOBILE SOFTWARE
A user's phone is randomly rebooting all the time. What should the user do first to diagnose the issue? Battery diagnostics Inadequate resources Autorotate settings Ensure the device is connected to Wi-Fi.
BATTERY DIAGNOSTICS
A company sets up a mobile device management policy. The company has concerns about the controllability of the devices due to liability, so they are going to purchase the devices for employees to use for business. What is this policy considered? BYOD COBO COPE CYOD
COBO
A security analyst sets up a new mobile device management policy and is looking into remote wiping, device wiping, and enterprise wiping. Which of the following will the enterprise wipe erase? (Select all that apply.) Corporate container Personal apps Business accounts Settings
CORPORATE CONTAINER BUSINESS ACCOUNTS
A user is frustrated that an app continuously crashes after receiving a recent update. What is the first step the user should try? Clear app cache. Reboot. Force stop and relaunch. Check for pending updates.
Check for pending updates
You are troubleshooting a user device that keeps powering off unexpectedly. You run hardware diagnostics and confirm there is no component fault or overheating issue. What should your next troubleshooting step be?
Check that the device has sufficient spare storage, and check for updates. If you can't identify a device-wide fault, test to see whether the issue is associated with use of a single app.
A security manager is looking at mobile security for company devices. They are investigating no-root firewalls and understanding how this works. Which of the following best describes no-root firewalls? Control access locally. Block phishing sites. Control access through a VPN. Block adware.
Control access through a VPN
A company wants to minimize the number of devices and mobile OS versions that it must support but allow use of a device by employees for personal email and social networking. What mobile deployment model is the best fit for these requirements?
Corporate owned, personally enabled (COPE) will allow standardization to a single device and OS. As the requirement does not specify a single device and OS, choose your own device (CYOD) would also fit.
True or false? Updates are not necessary for iOS devices because the OS is closed source.
False. Closed source just means that the vendor controls development of the OS. It is still subject to updates to fix problems and introduce new features.
True or false? A factory reset preserves the user's personal data.
False. Restoring to factory settings means removing all user data and settings.
What two types of biometric authentication mechanism are supported on smartphones?
Fingerprint recognition and facial recognition.
A user is experiencing issues on their iPhone. The user should troubleshoot what first? Hold the power button. Hold the Side/Top buttons. Perform a Settings/General/Factory reset. Perform a System/Advanced/Factory reset.
Hold the Side/Top buttons
2. Advanced malware can operate covertly with no easily detectable symptoms that can be obtained by scanning the device itself. What other type of symptom could provide evidence of compromise in this scenario?
Leaked data files or personal information such as passwords.
93.3% complete Question A user started using near-field communication (NFC) for payments; however, the user is unable to pay using NFC. Which of the following is NOT part of troubleshooting? Unlock. Ensure airplane mode is off. Hold closer and longer to the reader. List in recipient's authorized list.
List in recipient authorized list
A security manager sets up monitoring mechanisms to detect a rooted or jailbroken device. What type of security mechanism should the manager implement? MDM AV Firewall No-root firewall
MDM
A user connects their laptop to the company's wireless access point, but the internet is very slow. A connection to the Wi-Fi with their corporate mobile device is even slower. What should the user try? Check for airplane mode. Check individual radio functions. Move closer to the AP. Reboot the device.
Move closer to the AP.
A security manager puts together a security awareness campaign for mobile devices. Which of the following is least likely to be a symptom of malware? High number of ads Sluggish response time Overheating Limited/no internet connectivity
Overheating
A user reports that a new device is not sustaining a battery charge for more than a couple of hours. What type of malware could this be a symptom of?
This is most characteristic of cryptomining malware as that explicitly hijacks the compute resources of a device to perform the intensive calculations required to mint blockchain currency.
You are updating an internal support knowledge base with advice for troubleshooting mobile devices. What is the first step to take if a user reports that an app will not start?
Use force stop if available and/or reboot the device
A user worries about downloading malicious software onto their corporate device. They worry most about which of the following? Sideloading Root access Missing or renamed files Spoofed app
spoofed app
A security manager proactively looks for solutions concerning illegitimate apps running on corporate iOS devices and stealing credentials to leverage against the infrastructure. What is the security manager concerned about? App Store Developer tools OS compatibility Overheating
Developer Tools
You are assisting with the configuration of MDM software. One concern is to deny access to devices that might be able to run apps that could be used to circumvent the access controls enforced by MDM. What types of configurations are of concern?
Devices that are jailbroken or rooted allow the owner account complete control. Devices that allow installation of apps from untrusted sources, such as by sideloading APK packages or via developer mode, could also have weakened permissions.
A mobile device manager is looking at data encryption and the "Data Protection" setting. Which of the following does this protect? Contacts SMS message Pictures Email data
Email Data
A security analyst analyzes how most attackers perform exploits against iOS operating systems. Which of the following is most applicable? A.Sideloaded apps B.While tethered C.Root access D.Clear app cache
While Tethered
The marketing department has refitted a kitchen area and provisioned several smart appliances for employee use. Should the IT department have been consulted first?
Yes. Uncontrolled deployment of network-enabled devices is referred as shadow IT. The devices could increase the network attack surface and expose it to vulnerabilities. The devices must be deployed in a secure configuration and monitored for security advisories and updates.
A user is setting up their company phone and wants the login to be secure. Which of the following authentications is the least secure? Screen swipe PIN Fingerprint Facial recognition
screen swipe
