Mobile Device Security PDF - Exam 212-82
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- CYOD & COPE Policy Implementation - PDF
- Chapter 12 - 05 - Mobile Security Management Solutions PDF
- Mobile Device Security Exam 212-82 PDF
- EC-Council Certified Cybersecurity Technician Exam 212-82 Mobile Device Security PDF
- Chapter 12 - 05 - Mobile Security Management Solutions PDF
- Common Scams on Mobile Devices PDF
Summary
This document details mobile device security concepts, practices, and mobile connection methods for Certified Cybersecurity Technicians. Section 1 explains the module flow for the course, and later sections detail specific connection methods.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Mobile Device Security Module Flow...
Certified Cybersecurity Technician Exam 212-82 Mobile Device Security Module Flow Discuss Security Risks and c e o Guidelines Associated with o; Enterprises Mobile Usage Policies Discuss and Implement o Discuss Mobile Device Enterprise-level Mobile Security Management Concepts Management Solutions 0 Discuss and Implement General Discuss Common Mobile Security Guidelines and Best Usage Policies in Enterprises Practices on Mobile Platforms Copyright © by EC i All Rights Reserved. Reproductionis Strictly Prohibited. Understand Various Mobile Device Connection Methods To secure mobile devices from various cyber-attacks, security professionals should be aware of different connection methods involved in mobile communications. They should also understand how devices gain access to the network and share their resources with other devices. There are many ways in which mobile networks can be connected; therefore, it is important for security professionals to be aware of the security concerns associated with each connection method and how to protect mobile networks from malicious intents. This section discusses various mobile device connection methods. Module 12 Page 1482 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Mobile Device Security Near-field Communication (NFC) »> It employs electromagnetic induction to enable communication between the devices connected within a range of 10 cm Satellite Communication (Satcom) -. » Itis an artificial geostationary satellite that provides services across the globe, but it is much slower and more expensive than other technologies Cellular Communication » Itis based on a single network tower that serves devices located within a specific radius Mobile Device Connection Methods (Cont’d) ANT It is a wireless sensor protocol that enables communication between O sensors and their controllers Universal Serial Bus (USB) It enables wired communication for devices. It can be used for 0 power supply and serial data transmission between devices Global Positioning System (GPS) It is a radio navigation and positioning system based on satellite © communication. It provides information related to geolocation and timing irrespective of weather conditions on the Earth Infrared (IR) It is a wireless technology for transferring data between two devices in the @® digital form within a short range of upuptoto 5S m Module 12 Page 1483 EG-Council Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Exam Mobile Device Security Mobile Device Connection Methods (Cont’d) 5G Cellular (IVIobile) (Mobile) 6 Wi-Fi Wi-Fi Bluetooth Communication It is a common wireless It is a short-range, high-speed, It is a broadband cellular technology used in homes and low-power wireless network that operates at and office buildings to technology that enables high bandwidth with low connect local devices communication between latency and provides high- devices connected within the speed data downloads Bluetooth range Mobile Device Connection Methods (Cont’d) Point-to-point » It enables secure communication between two mobile (P2P) devices without data encryption because they are Connection connected through fixed paths without the P4 > interference of other devices Point-to-. » It allows one-to-many connections by providing multipoint.iol hs f ;el :; | Aee Py multiplee paths from Imultu_p from a single location to several several other = locations ocations 4 o4 - Radio-frequency.. Identification »> It"t works on the basis of radio-frequency technology, Identification (RFID) which identifies a person or object using their tags ~ = (unique labels) -~ ~ Mobile Device Connection Methods The following are some commonly used mobile connection methods. * Near-field communication (NFC): NFC covers very short distances using RFID technology. It employs electromagnetic induction to enable communication between devices connected within a range of 10 cm. The NFC chip embedded within a mobile device can read RFID tags and also be used to establish Bluetooth connections with Module 12 Page 1484 Certified Cybersecurity Technician Copyright © by EC-Council EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Mobile Device Security nearby devices to exchange information such as images and contact lists. Although it allows a very narrow communication range, an attacker with a specialized antenna can intercept and capture the data by jamming the traffic. This security issue may result from the improper configuration of NFC and non-encrypted data transmission. An attacker may craft and send malicious RFID tags, forcing the mobile user to visit a fake website in the browser. Furthermore, an attacker may perform a DoS attack by creating enormous RF signals to corrupt the NFC data being transmitted in that area. = Satellite communication (Satcom): Satcom is an artificial geostationary satellite that provides services across the globe, but it is much slower and more expensive than other technologies. There are many technologies that utilize satellite technology; some employ a connection to geostationary satellites, while others connect to satellites that revolve around the Earth in a low orbit, through which voice and data can be transmitted. The technology also has security concerns such as remote code execution and OS vulnerabilities. = Cellular communication: Cellular communication is based on a single network tower that serves devices located within a specific radius. They are installed in urban, suburban, and rural areas and cover a large distance. Mobile devices contain built-in antennas, which enable the device to communicate via a cellular network. Security concerns with cellular networks include location tracking, exploiting SS7 vulnerability, traffic monitoring, denial-of-service (DoS) attacks, channel jamming attacks, and illegitimate access. = ANT: ANT is a wireless sensor protocol that enables communication between sensors and their controllers. This technology is used in Internet of Things (IoT) devices such as heart-rate or fitness monitoring equipment. It is not a Bluetooth or 802.11 wireless technology and has its own set of protocols developed for low-powered devices. It is susceptible to DoS or jamming attacks, and attackers can capture data in transit. = Universal Serial Bus (USB): USB enables wired communication for devices. It can be used for power supply and serial data transmission between devices. It is also designed to enable hot-swapping and improve plug-and-play features. USB ports are commonly used in mobile devices for both data transmission and power supply. It is relatively more secure than other connection methods, but disgruntled employees can use a USB device to exfiltrate data from the organization’s local network. = Global Positioning System (GPS): GPS is a radio navigation and positioning system based on satellite communication. It provides information related to geolocation and timing irrespective of weather conditions on the Earth. Devices do not need to pass any data to satellites to establish a GPS connection; they only need to receive the signals from four or more satellites out of 28 to estimate their location. As the initial position fixing is slow with GPS, smart devices use assisted GPS (A-GPS), which uses external data sources for improved position fixing and faster location tracing. Security concerns with this technology include the fact that GPS signals can be intercepted and tampered with using specially designed GPS jammers. Module 12 Page 1485 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Mobile Device Security = |Infrared (IR): IR is a wireless technology for transferring data between two devices in the digital form within a short range of up to 5 m. It works only when there is no physical blockage or obstacle between the two devices. It is a type of networking feature integrated within devices such as tablets and smartphones that allows them to manage IR devices. It can also be used to transfer files between devices. Any device with IR accessibility can be managed using the IR feature of a mobile device. Furthermore, IR is used in modern wearable technology to enable devices to emulate the features of a remote control to operate devices such as smart TVs and detect health information such as oxygen levels. IR can also be used to perform IR therapy for treating chronic and acute pains. = Wi-Fi: A Wi-Fi network connects devices within a limited (Wi-Fi enabled) area with high bandwidth. It covers a shorter distance than a cellular network and is a common wireless technology used in homes and office buildings to connect local devices. Furthermore, a mobile device can share its Internet service with other devices by using the hotspot tethering feature based on Wi-Fi technology. If clients do not use an encrypted channel or the channel does not use an appropriate protocol, then the clients can be targeted by main-in-the-middle (MITM) attacks, through which attackers can sniff the traffic between two communicating devices. As the technology uses a set of 5 or 2.5 GHz frequencies, it can also be vulnerable to DoS attacks and frequency interferences. Wi-Fi Direct is another Wi-Fi feature that enables peer-to-peer communication without any mediator such as router, but one of the connected devices in Wi-Fi Direct communication serves as a soft access point. = Bluetooth: Bluetooth technology covers a longer distance than NFC. It is a short-range, high-speed, and low-power wireless technology that enables communication between devices connected within the Bluetooth range. When a device enables a Bluetooth connection, it sends “pairing” requests to a certain number of devices located within range, following which the corresponding device pairs with it using the device name and ID. It is mostly used in personal area networks (PANs). Conventional Bluetooth has a low data transfer rate. Therefore, with modern Wi-Fi technology, Wi-Fi connections are preferred for faster data transmission. Security concerns with Bluetooth technology include interception, eavesdropping, DoS attacks, transmission of viruses or worms, Bluesnarfing, and Bluejacking. = 5@ cellular (mobile) communication: 5G or fifth-generation communication technology is @ broadband cellular network that operates at high bandwidth with low latency and provides high-speed data downloads. Some of the applications of 5G include the automobile industry, public safety, and fixed wireless access. The technology is designed to support loT devices. Security concerns with this technology are associated with its management complexity. Attackers may attempt to take advantage of the increased number of devices connected to a 5G network to compromise and use them as botnets to paralyze the network through DDoS attacks. = Point-to-point (P2P) connection: A P2P connection enables secure communication between two mobile devices without data encryption because they are connected Module 12 Page 1486 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Mobile Device Security through fixed paths without the interference of other devices. For example, in a scenario of mobile communication between two people, only the concerned device can hear the voice from the dialed device. Routing devices can also use this method to connect with each other by adopting the over-the-air encryption technique, which reduces the risk of eavesdropping. = Point-to-multipoint connection: A point-to-multipoint (P2MP, PTMP, and PMP) connection allows one-to-many connections by providing multiple paths from a single location to several other locations. In this connection method, a central antenna broadcasts signals to multiple receiving antennas and devices through either time- division multiplexing (TDM) or frequency-division multiplexing (FDM) for bidirectional data transmission. One technology that uses PMP connections is Bluetooth, which can use the PMP method to connect one device with multiple devices such as headphones and media players. This type of connection does not provide high security or privacy, because the communication channel is broadcasted and shared. * Radio-frequency identification (RFID): RFID works on the basis of radio-frequency technology, which identifies a person or object using their tags (unique labels). The tagging range can vary from a few centimeters to meters. RFID operates in the low- frequency (LF), high-frequency (HF), and ultra-high-frequency (UHF) bands. HF-RFID with a mobile device operates via servers by providing data history, data persistence, and data management. If the reader is located within the range of the tag, it generates an electromagnetic wave that activates the tag, thereby allowing the reader to gather information. RFID systems can be susceptible to attacks such as power analysis, reverse engineering, replay attacks, spoofing, sniffing, DoS, and cloning. Module 12 Page 1487 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.