Fatskills
Practice. Master. Repeat.
Study Guide: CompTIA A+ Core Certification: Software Troubleshooting - Troubleshoot Common Mobile OS and Application Security Issues
Source: https://www.fatskills.com/comptia-a-exam/chapter/comptia-a-core-certification-software-troubleshooting-troubleshoot-common-mobile-os-and-application-security-issues

CompTIA A+ Core Certification: Software Troubleshooting - Troubleshoot Common Mobile OS and Application Security Issues

By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.

⏱️ ~7 min read

220-1102: Objective 3.5: Given a scenario, troubleshoot common mobile OS and application security issues.
Because of their limited storage, memory, and reliance on wireless and cellular networking, mobile devices are subject to many issues that do not affect more robust devices. The following security issues, which can appear on the exam, reflect the challenges of day-to-day mobile use.

Security Concerns
As always, security practices are a key topic of the A+ exam. The concerns listed in the following sections are ways in which hackers might try to skirt security settings.

Android Package (APK) Source
As with any software for a device, a key security practice is to check the reliability of the source for a file before downloading. Android Package (APK) source files can be corrupted by hackers and distributed. Unwary users can unwittingly download APK files loaded with malware or Trojan horses that are ready to install in their Android system.

Developer Mode
Developer mode is available in Windows 10 and on the Android mobile OS. The purpose of Developer mode is to allow someone developing applications to test the applications. Developer mode in Windows is found in Settings Update & Security For Developers. On Android devices, it varies by release, but Developer mode is intentionally complicated to keep users from accidentally going into the environment on the phone. Exploring Developer mode is not necessarily dangerous, but the user experience is different in that environment and caution is necessary.

Root Access/Jailbreak
Jailbreaking an iPhone OS means acquiring access to the root files for the purpose of customizing the iOS, adding portability between cell providers, and possibly bypassing paywalls for apps.
Jailbreaking is mostly done by hacking hobbyists who like to customize phones.
Although jailbreaking is not illegal, it can provide access to illegal behavior. Still, jailbreaking involves serious risks. Bypassing the manufacturer’s secure design adds inherent risks for malware. Additionally, changing code and installing other software will likely cause iOS instability and often voids the manufacturer’s warranty.
Android devices are relatively easy to root (that is, to gain root access to) so that users can install different operating systems and continue to use their cellular and data connections. On the other hand, gaining the same sort of access to an iOS device requires jailbreaking it, which means that the device might henceforth be blocked from getting future updates.
Unauthorized root access can be dangerous, and it is a risk incurred when users download apps that do not come from Google Play. These apps do not properly follow the permissions rules and might elevate permissions without the user’s knowledge or consent. Running a device in Developer mode (used for software and service development and testing) disables most safeguards. On current versions of Android, several steps are required to enable Developer mode, so this is difficult to do accidentally.
Jailbreaking an iOS device or rooting an Android device puts the device and its information at much higher risk than with a normally functioning device.

Bootleg/Malicious Application Spoofing

Application spoofing occurs when a malicious application imitates a legitimate application and tricks users into revealing passwords or other sensitive information as they interact with the false app. This process is similar to a phishing attack. Application spoofing can be sophisticated and requires that users be ever aware of how they are sharing sensitive information.
Spoofing can also be used to generate extra ads and overrun a user’s experience with pop-ups.

Common Symptoms
The following symptoms should be familiar; many are similar to the PC issues covered in the first section of this guide. These symptoms indicate problems in PCs and mobile devices that can occur as a result of security issues. When the user experiences these symptoms, it is time to heighten the awareness of security habits, check for updates, and scan for viruses.

A few new troubleshooting steps and fixes follow this list:
- High network traffic
- Sluggish response time
- Data usage limit notification
- Limited Internet connectivity
- No Internet connectivity
- High number of ads
- Fake security warnings
- Unexpected application behavior
- Leaked personal files or data

Slow Data Speeds
Slow data speeds can be caused by a number of factors:

- No connection to a cellular network: Check the network indicator at the top of the smartphone or cellular-equipped tablet to determine the network connection type.
- A weak cellular or Wi-Fi signal: With Wi-Fi, switch to a stronger SSID signal, if possible. With 4G and 5G, use a cell tower scanner to locate a stronger cell tower.
- “Unlimited” data plan speed caps after reaching speed or data limits per billing period: Some providers that offer “unlimited” data plans drastically reduce speed after a certain level of data is transferred during a billing period. Check data usage, and set up a warning to display before you reach this goal. Alternatively, consider switching to a different plan.

Leaked Personal Files/Data
To prevent personal files or data from being discovered if your mobile device is lost, follow these steps:

Step 1. Enable encryption.
Step 2. Enable options to lock and wipe your device in case of loss.
Step 3. Avoid attaching to open Wi-Fi networks.
Step 4. Use a VPN for secure connections if you must use an open Wi-Fi network.
Step 5. Disable Wi-Fi tethering or connection sharing services if they are not in use.

Data Transmission Over Limit
Exceeding the amount of data included in your cellular plan can be expensive.
To avoid unexpected bills, periodically check data usage. On Android, go to Settings Connections Data Usage. Scroll down to see which apps are using the most data. Ensure that Set Data Limit is turned on to set a limit and give you a warning about exceeding the limit.
On iOS, go to Settings Cellular Cellular Data Usage. Use the sliders to disable any apps that should not be using cellular connections. Turn off cellular data if no data allowance is left in the current period.
If you see unusual amounts of data usage, the device could be infected with malware.

Tools
Mobile users and techs have a wide variety of software tools available to help boost performance and security, including the following:

- Anti-malware: Both Android and iOS devices can be protected with anti-malware apps—some free and some paid—from the same vendors who protect desktop and laptop systems. Every mobile device should be protected, if for no other reason than that a mobile device can be used as an infection vector for any other device it connects to. Check Google Play and the App Store for anti-malware apps from AVAST, AVG, Kaspersky Labs, Norton, McAfee, Bitdefender, AVIRA, ESET, and many others.
- App scanner: App scanners monitor the permissions and use of apps. During the installation process for an app, the user sees a long list of permissions the app is being granted. An app scanner can help determine whether an app is safe to use.

Factory Reset/Clean Install
Before retiring a device, or to eliminate apps that might put privacy at risk, perform a factory reset on the device. This can be followed by a clean install of desired apps, if necessary.
If the device is not yet encrypted, set up a PIN to automatically encrypt the device.

For Android:
Step 1. Make sure Back Up My Data and Automatic Restore are enabled.
Step 2. Go to Settings Personal Backup and Reset Factory Data Reset.
Step 3. Review the warnings and click Reset Device.
The device is returned to its factory configuration. All data and device updates are removed from the device. To restore the data to the device, using the data backed up to Google in step 1, follow the steps on the screen.

For iOS:
Step 1. Install the latest version of iTunes on your host PC or macOS computer.
Step 2. Start iTunes.
Step 3. Connect your device to the computer via the charge/sync cable. Trust the device or enter a passcode, if prompted.
Step 4. Select your device.
Step 5. Back up its contents. Be sure to select Transfer Purchases for content purchased from iTunes, back up the Health & Activity data stored on your device in encrypted form, and start your backup.
Step 6. To erase the device, go to Summary Restore.
Step 7. Tap Restore again to erase your device and reload it to its original factory condition.
Before you uninstall a misbehaving iOS app, try updating it.



ADVERTISEMENT