Scribd
Upload
98 views57 pages

Ciampa SecurityAwareness6e PPT Module05

Uploaded by

wbysnjxqwg
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
98 views57 pages

Ciampa SecurityAwareness6e PPT Module05

Uploaded by

wbysnjxqwg
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 57

Security

Awareness, 6e
Module 5: Mobile Security

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 1
Icebreaker
Once Upon a Time

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 2
Module Objectives
5.1: Explain how Wi-Fi, Bluetooth, and Near Field Communication
operate
5.2: Identify attacks on wireless networks
5.3: Describe different types of mobile devices
5.4: Describe the risks associated with mobile devices
5.5: Explain how to implement mobile defenses

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 3
Introduction
• Users now spend over half of computing time each day using a
mobile device
• Nomophobia is the fear of not being with your mobile phone
• Wireless networks have become a prime target for attackers
− Attempt to capture unprotected wireless signal

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 4
Mobile Attacks
• Attacks directed at mobile devices
− Several types
• Attacks directed toward wireless networks:
− Affect mobile devices

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 5
Attacks on Wireless Networks (1 of
13)
• Popular types of wireless networks
− Wi-Fi, Bluetooth, Near Field Communication
• Wi-Fi networks
− Wireless local area network (WLAN)
− Use radio frequency (RF) transmissions
− Devices in range of a connection device can send and receive
information
• Institute of Electrical and Electronics Engineers (IEEE)
responsible for establishing Wi-Fi standards

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 6
Attacks on Wireless Networks (2 of
13)
Table 5-1 Wi-Fi names and standards
Wi-Fi Alliance IEEE Ratification Frequency Maximum data
version name date utilized rate
None 802.11 1997 2.4 GHz 2 Mbps
Wi-Fi 1 802.11b 1999 2.4 GHz 11 Mbps
Wi-Fi 2 802.11a 1999 5 GHz 54 Mbps
Wi-Fi 3 802.11g 2003 2.4 GHz 54 Mbps
Wi-Fi 4 802.11n 2009 2.4 GHz & 5 GHz 600 Mbps
Wi-Fi 5 802.11ac 2014 5 GHz 7.2 Gbps
Wi-Fi 6 802.11ax 2019 2.4 GHz & 5 GHz 9.6 Gbps
Wi-Fi 6E 802.11ax 2020 1-6 GHz 9.6 Gbps

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 7
Attacks on Wireless Networks (3 of
13)
• Wi-Fi equipment
− A Wi-Fi “chipset” is internal and is a means to send and receive
the wireless signals
− Special bridging software to interface wireless devices to other
devices
− Wireless broadband router
 Mostly used for home-based Wi-Fi networks
 Base station for sending and receiving signals
 Residential WLAN Gateway to the Internet

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 8
Attacks on Wireless Networks (4 of
13)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 9
Attacks on Wireless Networks (5 of
13)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 10
Attacks on Wireless Networks (6 of
13)
• Mesh Wi-Fi network consists of a main wireless router that
connects directly to the modem along with a series of
“satellite” modules called nodes that are placed around the
house
• Access point (AP) is more sophisticated than a wireless router
− Used in a business or school setting
− Signals can only be transmitted for several hundred feet
− Multiple APs are used to provide “cells” or areas of coverage
− Users move (called roaming) from one cell to another
 A handoff occurs so that the AP to which the user is closest now
becomes the new base station
Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 11
Attacks on Wireless Networks (7 of
13)
• Attacks on Wi-Fi
• Risks from attacks on home-based Wi-Fi networks:
− Steal data
− Read wireless transmissions
− Inject malware
− Download harmful content

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 12
Attacks on Wireless Networks (8 of
13)
• Bluetooth
− Common wireless technology
− Short-range
 Up to 33 feet (10 meters); 1 Mbps transmission rate
• Bluetooth attacks
− Bluejacking
 Sending unsolicited messages to Bluetooth-enabled devices (usually
text messages)
− Bluesnarfing
 Accessing unauthorized information

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 13
Attacks on Wireless Networks (9 of
13)
Table 5-2 Bluetooth products
Category Bluetooth pairing Usage
Automobile Hands-free car system with Drivers can speak commands to browse the cell phone’s contact
cell phone list, make and receive hands-free phone calls, or use its
navigation system.
Home Stereo headphones with Users can create a playlist on a portable music player and listen
entertainment portable music player through a set of wireless headphones or speakers.
Photographs Digital camera with printer Digital photos can be sent directly to a photo printer or from
pictures taken on one cell phone to another phone.
Computer Computer with keyboard and A small travel mouse can be linked to a laptop or a full-size
accessories mouse mouse and keyboard can be connected to a desktop computer.
Sports and Heart rate monitor with Exercisers can track heart rates and blood oxygen levels.
fitness wristwatch
Medical and Blood pressure monitors with Patient information can be sent to a smartphone, which can then
health smartphones send an emergency phone message if necessary.

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 14
Attacks on Wireless Networks (10 of
13)
• Near Field Communication (NFC)
− Set of standards used to establish communication between
devices in very close proximity (4 centimeters)
− Passive NFC device contains information that can be read but
does not read or receive information
− Active NFC device can read information as well as transmit data

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 15
Attacks on Wireless Networks (11 of
13)
• Examples of NFC
− Entertainment, such as a ticket to a stadium or concert
− Office, can be used to enter an office
− Retail stores, such as coupons or customer reward cards
− Transportation, can be used to quickly pass through turnstiles
• Contactless payment systems
− Consumer NFC devices used as an alternative to payment
methods using cash or a credit card

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 16
Attacks on Wireless Networks (12 of
13)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 17
Attacks on Wireless Networks (13 of
13)
Table 5-3 NFC risks and
defenses
Vulnerability Explanation Defense
Eavesdropping Unencrypted NFC communication Because an attacker must be extremely
between the device and terminal can be close to pick up the signal, users should
intercepted and viewed. remain aware of their surroundings
while making a payment.
Data theft Attackers can “bump” a portable reader This can be prevented by turning off
to a user’s smartphone in a crowd to NFC while in a large crowd.
make an NFC connection and steal
payment information stored on the
phone.
Man-in-the- An attacker can intercept the NFC Devices can be configured in pairing so
middle attack communications between devices and one device can only send while the
forge a fictitious response. other can only receive.
Device theft The theft of a smartphone could allow Smartphones should be protected with
an attacker to use that phone for passwords or strong PINs.
purchases.

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 18
Attacks on Mobile Devices (1 of 8)
• Most mobile devices have a common set of core features,
which differentiate them from other computing devices
• Types of Mobile Devices
− Tablets
− Smartphones
− Wearables
− Portable Computers

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 19
Attacks on Mobile Devices (2 of 8)
Table 5-4 Mobile device core and additional
features
Core features Additional features
Small form factor Global Positioning System (GPS)
Mobile operating system Microphone and/or digital camera
Wireless data network interface for Wireless cellular connection for voice communications
accessing the Internet, such as Wi-Fi or
cellular telephony
Applications (apps) that can be acquired Wireless personal area network interfaces like
through different means Bluetooth or near field communication (NFC)
Local non-removable data storage Removable storage media
Data synchronization capabilities with a Support for using the device itself as removable
separate computer or remote servers storage for another computing device

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 20
Attacks on Mobile Devices (3 of 8)
• Tablets
− Portable computing devices generally larger than smartphones
− First introduced in 2010
− Rely on a touch screen instead of keyboard
− Often classified by screen size
 Two most common are 5–8.5 and 8.5–10
− Designed for user convenience
− Have an OS
 Most common: Apple iOS, Google Android, and Microsoft Windows

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 21
Attacks on Mobile Devices (4 of 8)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 22
Attacks on Mobile Devices (5 of 8)
• Smartphone
− Has all the tools of a features phone but includes an OS that
allows it to run apps and access the Internet
− Smartphones are essentially handheld personal computers
• Wearables
− Device that can be worn by the user
− Most popular wearable is a smartwatch
− Another popular wearable is a fitness tracker

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 23
Attacks on Mobile Devices (6 of 8)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 24
Attacks on Mobile Devices (7 of 8)
• Portable computers
− Laptops
− Notebooks
− Subnotebooks
− 2-in-1 computers (also called hybrid or convertible)
− Web-based computers

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 25
Attacks on Mobile Devices (8 of 8)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 26
Mobile Device Risks (1 of 6)
• Installing Unsecured Applications
− Many mobile apps do not include security features
− Apple devices can only download from the App store
− Users can circumvent the installed built-in limitations (called
jailbreaking on Apple devices or rooting on Android devices) to
download from an unofficial third-party app store (called
sideloading)
− Jailbreaking and rooting give access to the underlying OS and file
system, thus bypassing built-in security protections

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 27
Mobile Device Risks (2 of 6)
• Accessing Untrusted Content
− Mobile devices have the ability to access untrusted content
− Short message service (SMS)
 Text messages of a maximum of 160 characters
− Multimedia messaging service (MMS)
 Provides for pictures, videos, or audio within text messages
− Rich communication services (RCS)
 Can convert a texting app into a live chat platform

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 28
Mobile Device Risks (3 of 6)
• Another example is Quick Response (QR) Codes
− A matrix of two-dimensional barcodes that can store website
URLs, plain text, phone numbers, email addresses, or any
alphanumeric data
− Can be used to contain a malicious URL

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 29
Mobile Device Risks (4 of 6)
• Limited Physical Security
− Devices can easily be lost or stolen
• Constrained Updates
− Security patches and updates are distributed through over-the-air
(OTA) updates
− Apple commits to providing updates for up to 8 years after the OS
is released
− Google commits to providing updates for up to 3 years after the
device is released
− An older mobile device may no longer receive security updates

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 30
Mobile Device Risks (5 of 6)
• Connecting to Public Networks
− Attackers can eavesdrop on the data transmissions and view
sensitive information
− Attackers may set up an evil twin
 An AP or another computer designed to mimic an authorized Wi-Fi
device

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 31
Mobile Device Risks (6 of 6)
• Location Tracking
− Geolocation is the process of identifying the geographical location
of the device
− Mobile devices using location services are at increased risk of
targeted physical attacks
− GPS tagging (or geotagging) is adding geographical identification
data to media

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 32
Knowledge Check Activity 5-1
Which two statements are correct?

1. A wireless router serves as a base station for wireless devices,


sending and receiving wireless signals between all devices as
well as providing the access to the external Internet.
2. Bluetooth is a short-range wireless technology designed for the
interconnection of two devices.
3. Downloading apps from an unofficial third-party app store is
called jailbreaking.

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 33
Knowledge Check Activity 5-1: Answer
Which two statements are correct?

A wireless router serves as a base station for wireless


devices, sending and receiving wireless signals between
all devices as well as providing the access to the external
Internet.

Bluetooth is a short-range wireless technology designed


for the interconnection of two devices.

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 34
Mobile Defenses
• Defense strategies
− Defenses for wireless networks
− Defenses for protecting wireless devices

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 35
Wireless Network Security (1 of 11)
• Home Wi-Fi Security
− Secure the router
− Turn on Wi-Fi Protected Access Personal
• Lock down the Wireless Router
− Setting a strong password
− Applying security patches
− Disabling remote administration

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 36
Wireless Network Security (2 of 11)
• Set Strong Default Password
− The preconfigured default passwords are advertised online
− The default password should be changed to a stronger password
• Apply security patches
− Wireless routers may not regularly receive important patches
from their OEMs.
• Disable remote administration
− This adds a stronger degree of security

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 37
Wireless Network Security (3 of 11)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 38
Wireless Network Security (4 of 11)
• Turning on Wi-Fi Protected Access Personal
− Provides optimum level of wireless security
− Encrypts the signal
− Prevents unauthorized users from accessing the network
− There are two versions
 Wi-Fi Protected Access 2 (WPA2) Personal
 Wi-Fi Protected Access 3 (WPA3) Personal

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 39
Wireless Network Security (5 of 11)
• Wi-Fi Protected Access 2 (WPA2) Personal
− For all devices other than Wi-Fi 6E devices
− Process for turning on WPA2
 Enable it at the router
 Enter the key value on each authorized device (WPA2-PSK [AES],
WPA2 shared key, or passphrase)
 Key value needs to be entered only once per device
− Many wireless routers also support Wi-Fi Protected Setup (WPS) to
configure security

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 40
Wireless Network Security (6 of 11)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 41
Wireless Network Security (7 of 11)
• Wi-Fi Protected Access 3 (WPA3) Personal
− For all Wi-Fi 6E devices
− Process for turning on WPA3
 Enable it at the router
 “Sign up” through Wi-Fi Device Provisioning Protocol (DPP)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 42
Wireless Network Security (8 of 11)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 43
Wireless Network Security (9 of 11)
• Other security settings
− Change the SSID (Service Set Identifier)
 To an anonymous value that does not identify the owner or location
of the network
 MyWireNet599342 is better than Sullivan_House
− Turn on guest access
 Users who connect to the separate guest network can only access
the Internet directly and other devices in the guest network
 Isolates the main network from the guest network

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 44
Wireless Network Security (10 of 11)
• Using Public Wi-Fi
− Watch for an evil twin
 Attackers impersonate a legitimate Wi-Fi network
− Limit the type of work
 Use only for simple web surfing or watching online videos
 Do not access online banking sites or send confidential information
− Use a virtual private network (VPN)
 Uses an unsecured public Wi-Fi as if it were a secure private network

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 45
Wireless Network Security (11 of 11)
• Configuring Bluetooth
 Disable and enable only when necessary
 Alternative: set device as undiscoverable

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 46
Mobile Device Security (1 of 8)
• Securing mobile devices requires several steps:
− Setting the cybersecurity configurations of the device
− Following best practices
− Dealing with theft or loss of the device

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 47
Mobile Device Security (2 of 8)
• Device Configuration
− Disable unused features
 Can serve as a threat vector
− Enable lock screen
 Prevents mobile device from being used until user enters correct
passcode:
• PIN (least effective), password, facial recognition, swipe pattern,
fingerprint scan

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 48
Mobile Device Security (3 of 8)

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 49
Mobile Device Security (4 of 8)
Table 5-5 Most common
PINs
PIN Frequency of use
1234 10.71%
1111 6.01%
0000 1.88%
1212 1.19%
7777 0.74%

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 50
Mobile Device Security (5 of 8)
• A mobile device must be configured for additional security
protections
− Extend lockout period
 If an incorrect passcode is entered a specific number of times, the
lockout period will be extended
 For each successive incorrect entry, the lockout period will double
− Reset to factory settings
 If an incorrect passcode is entered a set number of times, the user
will be prompted to enter a special phrase to continue.
 If an incorrect passcode is entered again, the device will
automatically reset to factory settings and erase any data

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 51
Mobile Device Security (6 of 8)
• Best Practices
− Do not erase built-in limitations (called jailbreaking)
− Do not sideload unapproved apps
− Back up data stored on mobile device regularly
− Use appropriate sanitization and disposal procedures for mobile
devices
− Treat text messages the same as phishing emails
− Do not call phone numbers contained in unsolicited emails or text
messages

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 52
Mobile Device Security (7 of 8)
• Device Loss or Theft
− Keep mobile device out of sight when traveling in high-risk area
− Avoid becoming distracted by what is on the device
− When holding a device, use both hands
− Do not use the device on escalators or near transit train doors
− White or red headphone cords may indicate they are connected
to an expensive device
 Consider using wireless earbuds instead

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 53
Mobile Device Security (8 of 8)
If theft of a smartphone occurs:
1. Call the phone or use the carrier’s mobile app to send an alert.
2. Text the phone.
3. Use the phone’s built-in “find my phone” feature.
4. Remotely erase data from the phone.
5. Lock the phone and change passwords.
6. Contact the mobile carrier.
7. Alert the police.

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 54
Knowledge Check Activity 5-2
Which two statements are correct?

1. The first step in securing a wireless router is to create a strong


password to protect its internal configuration settings.
2. There is no known defense against connecting to an evil twin.
3. To prevent bluesnarfing, Bluetooth devices should be turned
off when not being used or when in a room with unknown
people.

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 55
Knowledge Check Activity 5-2: Answer
Which two statements are correct?

The first step in securing a wireless router is to create a


strong password to protect its internal configuration
settings.

To prevent bluesnarfing, Bluetooth devices should be


turned off when not being used or when in a room with
unknown people.

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 56
Summary
Click the link to review the objectives for this presentation.
Link to Objectives

Mark Ciampa, Security Awareness, 6th Edition. © 2024 Cengage. All Rights Reserved. May not be scanned, copied or
duplicated, or posted to a publicly accessible website, in whole or in part. 57

You might also like