Mobile devices are smartphones, tablets, and laptop computers. Because they are mobile, they are more susceptible to some threats. There are many methods available to reduce risks associated with mobile devices. If you’re planning on taking the Security+ exam, you should have a good understanding of methods on securing the device and on application security.
For example, can you answer this question?
Q. Your company has recently provided mobile devices to several employees. A security manager has expressed concerns related to data saved on these devices. Which of the following would BEST address these concerns?
A. Disabling the use of removable media
B. Installing an application that tracks the location of the device
C. Implementing a BYOD policy
D. Enabling geo-tagging
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
Managing Mobile Devices
Mobile device management (MDM) includes the technologies to manage mobile devices such as smartphones and tablets. The goal is to ensure these devices have similar security methods in place as desktop computers.
Traditional management tools such as Microsoft ConfigMgr ensure systems are kept up to date with current patches, have antivirus software installed with up-to-date definitions, and are secured using standard hardening practices. In the past, many of these management tools didn’t include support for mobile devices. As BYOD became more and more popular, vendors upgraded these tools (and developed new ones) to manage mobile devices. ConfigMgr 2012 R2 includes support for many mobile devices, including Apple iOS-based devices and Android-based devices.
MDM tools often include the following features:
- Patch management. Patch management ensures that mobile devices are kept up to date with current patches.
- Antivirus management. Antivirus management ensures systems have antivirus software installed and it is up to date with current definitions.
- Application control. Some MDM tools can restrict what applications can run on mobile devices. They often use application whitelists to control the applications.
When employee-owned devices are in use, MDM tools typically block access to the network if the device doesn’t meet minimum requirements. For example, if the device isn’t patched or doesn’t have up-to-date antivirus software, the MDM software works with network access control (NAC) technologies to prevent the device from connecting to the network.
Remember this
Mobile device management tools help ensure devices are up to date with current patches and have up-to-date antivirus installed. These tools often block devices that are not up to date.
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
Application Security
Application security can be a significant concern when it includes authentication methods. Many mobile devices store or cache credentials such as usernames and passwords, so if attackers can access the device, they might be able to access applications without providing credentials.
One credential management method is to prevent the use of cached or stored credentials. This requires users to reenter their credentials each time they log on. Similarly, key management methods prevent the use of cached or stored encryption keys.
These methods don’t block or weaken authentication. Additionally, they don’t prevent single sign-on methods using transitive trusts. They just force the user to enter cached credentials when they first access an application.
Geo-tagging adds geographical information to files such as pictures when posting them to social media web sites. For example, when you take a picture with a smartphone that has GPS features enabled, the picture application adds latitude and longitude coordinates to the picture. Thinking of friends and family, this is a neat feature. However, thinking of thieves and criminals, they can exploit this data. For example, if Lisa frequently posts pictures of friends and family at her house, these pictures identify her address. If she later starts posting pictures from a vacation location, thieves can realize she’s gone and burglarize her home.
Remember this
Geo-tagging adds geographical information to files such as pictures when posting them on social media sites. Criminals can exploit this information when watching a specific person.
Q. Your company has recently provided mobile devices to several employees. A security manager has expressed concerns related to data saved on these devices. Which of the following would BEST address these concerns?
A. Disabling the use of removable media
B. Installing an application that tracks the location of the device
C. Implementing a BYOD policy
D. Enabling geo-tagging
Answer is A. Disabling the use of removable media on the devices will reduce the potential of data loss from these devices. It would make it more difficult to copy data to and from the devices.
Tracking the location won’t affect data.
The devices are provided by the company, so a bring your own device (BYOD) policy isn’t relevant.
Geo-tagging only refers to geographic location information attached to pictures posted on social media sites.
