Module 5 Textbook & Quiz | ITE-249-02 Mobile, Embedded, and Specialized Device Security
Internet of Things (IoT) - Connecting any device to the Internet for the purpose of sending and receiving data to be acted upon.
Although this definition could encompass laptop computers and tablets, more often IoT refers to devices that heretofore were not considered as computing devices connected to a data network. IoT devices include wearable technology and multifunctional devices as well as many everyday home automation items such as thermostats, coffee makers, tire sensors, slow cookers, keyless entry systems, washing machines, electric toothbrushes, headphones, and light bulbs, to name just a few. It is estimated that, by 2025, there will be more than 25 billion IoT devices, of which more than half will be consumer devices.
An embedded system is computer hardware and software contained within a larger system designed for a specific function.
Embedded systems are devices that contain a central processing unit (CPU) of their own. This CPU runs an operating system and some applications to perform certain specialized functions. Examples of embedded systems include: • Automatic Teller Machine (ATM) • Printers • Digital watches • Digital cameras • Automobiles If an embedded system connects to the Internet, it becomes an IoT device. An embedded system can have the following vulnerabilities: • An overload of tasks may cause scheduling problems • Can be attacked as there is no built-in security • Prone to power drain attack in which the battery of the device is drained out
12. Hisoka is creating a summary document for new employees about their options for different mobile devices. One part of his report covers encryption. What would Hisoka NOT include in his document? a. Apple uses file-based encryption to offer a higher level of security. b. Data backed up to an Apple or Google server could be unlocked by a court order. c. All modern versions of mobile device OS encrypt all user data by default. d. Encryption occurs when the mobile device is locked.
a. Apple uses file-based encryption to offer a higher level of security.
Choose which statement is wrong by applying your knowledge from the reading. a. COPE allows users to use their own personal mobile devices for business purposes. b. Circumventing the installed built-in limitations on an Apple iPhone is called jailbreaking. c. Due to its slow speed and other limitations, infrared capabilities in mobile devices are rarely found today.
a. COPE allows users to use their own personal mobile devices for business purposes.
8. Enki received a request by a technician for a new subnotebook computer. The technician noted that he wanted USB OTG support and asked Enki's advice regarding its. Which of the following would Enki NOT tell him? a. A device connected via USB OTG can function as a host. b. USB OTG is only available for connecting Android devices to a subnotebook. c. A device connected via USB OTG can function as a peripheral for external media access. d. Connecting a mobile device to an infected computer using USB OTG could allow malware to be sent to that device.
b. USB OTG is only available for connecting Android devices to a subnotebook.
1. Akira is explaining to his team members the security constraints that have made it a challenge for protecting a new embedded system. Which of the following would Akira NOT include as a constraint? a. Authentication b. Power c. Availability d. Cost
c. Availability
4. In her job interview, Xiu asks about the company policy regarding smartphones. She is told that employees may choose from a limited list of approved devices but that she must pay for the device herself; however, the company will provide her with a monthly stipend. Which type of enterprise deployment model does this company support? a. COPE b. BYOD c. CYOD d. Corporate owned
c. CYOD
14. What allows a device to be managed remotely? a. Mobile wrapper management (MWM) b. Mobile resource management (MRM) c. Mobile device management (MDM) d. Mobile application management (MAM)
c. Mobile device management (MDM)
Choose which statement is wrong by applying your knowledge from the reading. a. Power, compute, and network are all security constraints for embedded systems and specialized devices. b. RTOS is tuned to accommodate very high volumes of data that must be immediately processed for critical decision making. c. Multiple SCADAs are controlled by an ICS.
c. Multiple SCADAs are controlled by an ICS.
10. Which of the following technologies can convert a texting app into a live chat platform? a. MMS b. SMS c. RCS d. QR
c. RCS
6. What is the process of identifying the geographical location of a mobile device? a. Geotracking b. GeoID c. Geomonitoring d. Geolocation
d. Geolocation
2. Agape has been asked to experiment with different hardware to create a controller for a new device on the factory floor. She needs a credit-card-sized motherboard that has a microcontroller instead of a microprocessor. Which would be the best solution? a. Raspberry Pi b. FPGA c. SoC d. Arduino
d. Arduino
13. What does containerization do? a. It places all keys in a special vault. b. It splits operating system functions only on specific brands of mobile devices. c. It slows down a mobile device to half speed. d. It separates personal data from corporate data.
d. It separates personal data from corporate data.
15. Which of these is NOT a security feature for locating a lost or stolen mobile device? a. Remote lockout b. Alarm c. Thief picture d. Last known good configuration
d. Last known good configuration
11. What prevents a mobile device from being used until the user enters the correct passcode? a. Swipe identifier (SW-ID) b. Screen timeout c. Touch swipe d. Screen lock
d. Screen lock
19. Which tool manages the distribution and control of apps? a. MAM b. MCM c. MFM d. MDM
a. MAM
17. Which of these is considered the strongest type of passcode to use on a mobile device? a. Password b. Draw connecting dots pattern c. PIN d. Fingerprint swipe
a. Password
20. Which type of OS is typically found on an embedded system? a. COPE b. RTOS c. SoC d. OTG
b. RTOS
16. What enforces the location in which an app can function by tracking the location of the mobile device? a. Geofencing b. Location resource management c. Graphical Management Tracking (GMT) d. GPS tagging
a. Geofencing
9. Banko's sister has just downloaded and installed an app that allows her to circumvent the built-in limitations on her Android smartphone. What is this called? a. Rooting b. Sideloading c. Jailbreaking d. Ducking
a. Rooting
18. Which of the following is NOT a context-aware authentication? a. Trusted contacts b. Trusted devices c. Trusted places d. On-body detection
a. Trusted contacts
3. Hakaku needs a tool with a single management interface that provides capabilities for managing and securing mobile devices, applications, and content. Which tool would be the best solution? a. MMAM b. MDM c. UEM d. MCCM
b. MDM?
7. Which of these is used to send SMS text messages to selected users or groups of users? a. Pull notification services b. Push notification services c. Replay notification distribution (RND) d. MAM mass SMS
b. Push notification services
5. Aoi researched with adding a new class of Android phones to a list of app. dev. 1 of the considerations is how freq. the smartphones receive firmware OTA updates. Which of the reasons would Aoi NOT list in her report as a factor in the frequency of Android firmware OTA updates? a. Because many of the OEMs have modified Android, they are reluctant to distribute updates that could potentially conflict with their changes. b. OEMs are hesitant to distribute Google updates because it limits their ability to differentiate themselves from competitors if all versions of Android start to look the same through updates. c. Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks. d. Because OEMs want to sell as many devices as possible, they have no financial incentive to update mobile devices that users would then continue to use indefinitely.
c. Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks.
