# Lab SEC-8: Mobile Device Security Inspection

Domain:
- 2.0 Security

Works on:
- Android phone or tablet
- iPhone or iPad
- Optional Windows, Linux, or macOS browser for account-security review

## Goal

Inspect mobile device security settings without changing risky controls.

Do not erase, wipe, reset, unenroll, remove accounts, remove trusted devices, or turn off security features during this lab.

## Android Steps

Settings names vary by manufacturer. Look for the closest match.

Inspect and record:
- OS version:
- Security patch level:
- Screen lock type:
- Whether fingerprint or face unlock is enabled:
- Whether device encryption is shown as enabled:
- Find My Device status:
- Backup status:
- App update setting in Google Play:
- Unknown app install or sideloading setting:
- Any work profile or device management entry:
- Content restriction or parental control setting, if present:

Useful paths to check:
- Settings > Security and privacy
- Settings > Lock screen
- Settings > Passwords and accounts
- Settings > Google > Find My Device
- Settings > System > System update
- Settings > Apps > Special app access > Install unknown apps
- Google Play > Profile icon > Settings > Network preferences > Auto-update apps

## iPhone or iPad Steps

Inspect and record:
- iOS or iPadOS version:
- Screen lock type:
- Face ID or Touch ID status:
- Find My status:
- iCloud Backup status:
- Automatic updates status:
- App update setting:
- VPN & Device Management profiles, if present:
- Content & Privacy Restrictions status:

Useful paths to check:
- Settings > General > About
- Settings > Face ID & Passcode or Touch ID & Passcode
- Settings > Apple Account > Find My
- Settings > Apple Account > iCloud > iCloud Backup
- Settings > General > Software Update > Automatic Updates
- Settings > App Store > App Updates
- Settings > General > VPN & Device Management
- Settings > Screen Time > Content & Privacy Restrictions

## Optional Computer Account Review

Use only the account that belongs to you.

Windows:

```powershell
start https://account.microsoft.com/devices
start https://myaccount.google.com/security
```

Linux:

```bash
xdg-open https://myaccount.google.com/security
```

macOS:

```bash
open https://appleid.apple.com
```

Record:
- One registered device:
- One security alert or recent activity item, if any:
- Whether recovery email/phone is configured:
- Whether two-factor or multifactor authentication is enabled:

Do not remove devices or change recovery settings during this lab unless you intentionally choose to do that later outside the lab.

## Scenario Matching

Choose the best mobile security action:

1. A user loses a company phone that contains email and files.
2. A company wants all phones to require passcodes and encryption.
3. A personal phone is allowed to access company email.
4. A phone has not received security patches for months.
5. A user installed an app from an unknown website.
6. A parent wants to block adult websites on a child device.
7. A phone is probably stolen and cannot be recovered.

## What You Should Learn

- Mobile security starts with lock method and encryption.
- MDM centrally enforces mobile security settings.
- BYOD requires clear policy because personal and company data share one device.
- Locator, lock, backup, and wipe are the main lost-device responses.
- OS and app updates are security controls.
- Sideloading increases malware risk, especially on Android.