kenpat/comptia-a-plus-core2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
comptia-a-plus-core2/labs/SEC-8-mobile-device-security-lab.md

3.4 KiB
Raw Blame History

Lab SEC-8: Mobile Device Security Inspection

Domain:

  • 2.0 Security

Works on:

  • Android phone or tablet
  • iPhone or iPad
  • Optional Windows, Linux, or macOS browser for account-security review

Goal

Inspect mobile device security settings without changing risky controls.

Do not erase, wipe, reset, unenroll, remove accounts, remove trusted devices, or turn off security features during this lab.

Android Steps

Settings names vary by manufacturer. Look for the closest match.

Inspect and record:

  • OS version:
  • Security patch level:
  • Screen lock type:
  • Whether fingerprint or face unlock is enabled:
  • Whether device encryption is shown as enabled:
  • Find My Device status:
  • Backup status:
  • App update setting in Google Play:
  • Unknown app install or sideloading setting:
  • Any work profile or device management entry:
  • Content restriction or parental control setting, if present:

Useful paths to check:

  • Settings > Security and privacy
  • Settings > Lock screen
  • Settings > Passwords and accounts
  • Settings > Google > Find My Device
  • Settings > System > System update
  • Settings > Apps > Special app access > Install unknown apps
  • Google Play > Profile icon > Settings > Network preferences > Auto-update apps

iPhone or iPad Steps

Inspect and record:

  • iOS or iPadOS version:
  • Screen lock type:
  • Face ID or Touch ID status:
  • Find My status:
  • iCloud Backup status:
  • Automatic updates status:
  • App update setting:
  • VPN & Device Management profiles, if present:
  • Content & Privacy Restrictions status:

Useful paths to check:

  • Settings > General > About
  • Settings > Face ID & Passcode or Touch ID & Passcode
  • Settings > Apple Account > Find My
  • Settings > Apple Account > iCloud > iCloud Backup
  • Settings > General > Software Update > Automatic Updates
  • Settings > App Store > App Updates
  • Settings > General > VPN & Device Management
  • Settings > Screen Time > Content & Privacy Restrictions

Optional Computer Account Review

Use only the account that belongs to you.

Windows:

start https://account.microsoft.com/devices
start https://myaccount.google.com/security

Linux:

xdg-open https://myaccount.google.com/security

macOS:

open https://appleid.apple.com

Record:

  • One registered device:
  • One security alert or recent activity item, if any:
  • Whether recovery email/phone is configured:
  • Whether two-factor or multifactor authentication is enabled:

Do not remove devices or change recovery settings during this lab unless you intentionally choose to do that later outside the lab.

Scenario Matching

Choose the best mobile security action:

  1. A user loses a company phone that contains email and files.
  2. A company wants all phones to require passcodes and encryption.
  3. A personal phone is allowed to access company email.
  4. A phone has not received security patches for months.
  5. A user installed an app from an unknown website.
  6. A parent wants to block adult websites on a child device.
  7. A phone is probably stolen and cannot be recovered.

What You Should Learn

  • Mobile security starts with lock method and encryption.
  • MDM centrally enforces mobile security settings.
  • BYOD requires clear policy because personal and company data share one device.
  • Locator, lock, backup, and wipe are the main lost-device responses.
  • OS and app updates are security controls.
  • Sideloading increases malware risk, especially on Android.