Initial Core 2 study project
This commit is contained in:
commit
10de90430c
120 changed files with 12696 additions and 0 deletions
88
notes/TRB-3-mobile-security-issues.md
Normal file
88
notes/TRB-3-mobile-security-issues.md
Normal file
|
|
@ -0,0 +1,88 @@
|
|||
# TRB-3: Mobile Security Issues
|
||||
|
||||
Status: not started
|
||||
|
||||
Domain:
|
||||
- 3.0 Software Troubleshooting
|
||||
|
||||
Objective alignment:
|
||||
- 3.3 Troubleshoot common mobile device security issues
|
||||
|
||||
## What You Need To Know
|
||||
|
||||
Mobile security issues often come from risky configuration or untrusted apps.
|
||||
|
||||
Risk factors:
|
||||
- Unofficial app stores
|
||||
- Sideloaded applications
|
||||
- Developer mode
|
||||
- Rooted or jailbroken device
|
||||
- Unauthorized apps
|
||||
- Application spoofing
|
||||
|
||||
Symptoms:
|
||||
- High network traffic
|
||||
- Slow response
|
||||
- Data usage alerts
|
||||
- Limited or no internet
|
||||
- Many ads
|
||||
- Fake security warnings
|
||||
- Unexpected app behavior
|
||||
- Leaked personal data
|
||||
|
||||
## Memory Trick
|
||||
|
||||
Use **R-U-D-A**:
|
||||
|
||||
- **R**oot/jailbreak
|
||||
- **U**nofficial store
|
||||
- **D**eveloper mode
|
||||
- **A**ds/alerts
|
||||
|
||||
Shortcut:
|
||||
- **If the source or control model is untrusted, treat the phone as high risk.**
|
||||
|
||||
## What To Check
|
||||
|
||||
App source:
|
||||
- Was the app installed from the official app store?
|
||||
- Is the developer name correct?
|
||||
- Are reviews and permissions suspicious?
|
||||
|
||||
Device integrity:
|
||||
- Is the device rooted or jailbroken?
|
||||
- Is developer mode enabled?
|
||||
- Are unknown sources allowed?
|
||||
|
||||
Network and data:
|
||||
- Is one app using unusual data?
|
||||
- Does traffic spike when the app is open?
|
||||
- Are VPN or proxy settings unexpected?
|
||||
|
||||
User symptoms:
|
||||
- Fake antivirus pop-ups
|
||||
- Ads outside the browser
|
||||
- Browser redirects
|
||||
- Unrecognized apps
|
||||
|
||||
## Response Priorities
|
||||
|
||||
For personal devices:
|
||||
- Remove suspicious apps.
|
||||
- Update OS and apps.
|
||||
- Run trusted security tools if available.
|
||||
- Change passwords from a known-clean device if compromise is suspected.
|
||||
|
||||
For managed devices:
|
||||
- Follow company policy.
|
||||
- Notify support/security.
|
||||
- Use MDM actions when appropriate.
|
||||
- Preserve evidence if required.
|
||||
|
||||
## Exam Clues
|
||||
|
||||
- Rooted or jailbroken devices bypass normal protections.
|
||||
- Unofficial app stores increase malware risk.
|
||||
- App spoofing means a fake app pretends to be legitimate.
|
||||
- High data usage plus ads and fake warnings points to malware or unwanted software.
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue