comptia-a-plus-core2/notes/TRB-3-mobile-security-issues.md

# TRB-3: Mobile Security Issues

Status: not started

Domain:
- 3.0 Software Troubleshooting

Objective alignment:
- 3.3 Troubleshoot common mobile device security issues

## What You Need To Know

Mobile security issues often come from risky configuration or untrusted apps.

Risk factors:
- Unofficial app stores
- Sideloaded applications
- Developer mode
- Rooted or jailbroken device
- Unauthorized apps
- Application spoofing

Symptoms:
- High network traffic
- Slow response
- Data usage alerts
- Limited or no internet
- Many ads
- Fake security warnings
- Unexpected app behavior
- Leaked personal data

## Memory Trick

Use **R-U-D-A**:

- **R**oot/jailbreak
- **U**nofficial store
- **D**eveloper mode
- **A**ds/alerts

Shortcut:
- **If the source or control model is untrusted, treat the phone as high risk.**

## What To Check

App source:
- Was the app installed from the official app store?
- Is the developer name correct?
- Are reviews and permissions suspicious?

Device integrity:
- Is the device rooted or jailbroken?
- Is developer mode enabled?
- Are unknown sources allowed?

Network and data:
- Is one app using unusual data?
- Does traffic spike when the app is open?
- Are VPN or proxy settings unexpected?

User symptoms:
- Fake antivirus pop-ups
- Ads outside the browser
- Browser redirects
- Unrecognized apps

## Response Priorities

For personal devices:
- Remove suspicious apps.
- Update OS and apps.
- Run trusted security tools if available.
- Change passwords from a known-clean device if compromise is suspected.

For managed devices:
- Follow company policy.
- Notify support/security.
- Use MDM actions when appropriate.
- Preserve evidence if required.

## Exam Clues

- Rooted or jailbroken devices bypass normal protections.
- Unofficial app stores increase malware risk.
- App spoofing means a fake app pretends to be legitimate.
- High data usage plus ads and fake warnings points to malware or unwanted software.