3.5 Given a scenario, troubleshoot mobile OS and application security issues.

  • Security Concerns
    • Android Package (APK) Source
    • Developer Mode
    • Root Access / Jailbreak
    • Bootleg / Malicious Application
      • Application Spoofing
  • Common Symptoms
    • High Network Traffic
    • Sluggish Response Time
    • Data-Usage Limit Notification
    • Limited Internet Connectivity
    • No Internet Connectivity
    • High Number of Ads
    • Fake Security Warnings
    • Unexpected Application Behavior
    • Leaked Personal Files / Data

Symptoms, Causes, and Resolution

What are some common mobile OS security concerns?

Android Package (APK) Source.  You should only download applications from the official Google Play, Amazon, or Apple store.  Do not download or install APKs from the internet.

Developer Mode.  A user can enable developer mode in their iPhone or Android device.  Developer mode allows a user to debug applications, change advanced network settings, adjust hardware settings, and monitor app performance.  Developer mode does not pose any security risks.

Root Access / Jailbreak.  Jailbreaking or rooting a phone provides the user or an application with administrator access to the operating system files and the device hardware.  Jailbreaking poses a security risk.

Bootleg / Malicious Application.  A malicious application may be one that poses as a legitimate application but is phony.  You can reduce the risk of installing malicious applications by downloading them from the app store.

High Network TrafficAn application is consuming an excessive amount of network traffic.Check which applications are using network traffic and disable them.  
Sluggish Response TimeToo many applications are running on the phone.Reboot the phone   Uninstall applications as required  
Data Usage Limit NotificationThe phone thinks that you used up too much data.  Verify that the data monitor on the phone corresponds with the data plan that is set by your service provider.   Set application features that consume excessive data (such as automated back ups) to run only when connected to Wi-Fi.

Limited Internet Connectivity
No Internet Connectivity
Your phone is connected to a network, but not able to reach the internet.Verify that your phone has permission to connect to the Wi-Fi network.   Verify that your Wi-Fi network is functioning, and that DHCP is functioning.   Verify that the cellular network is functioning.  Verify that you have an active cellular data plan.   Reboot the phone.

High Number of Ads
Fake Security Warnings
Adware is present on the phoneUninstall any adware or malware   Install a pop-up blocker

Ignore fake warnings that appear in an advertisement  
Unexpected Application BehaviorApplication is corrupted or misconfiguredClear the application cache and data   Update the application   Uninstall and reinstall the application   The mobile device does not meet the system requirements for the application.  
Leaked DataUser accidentally leaked data via e-mail or other methodEducate user about proper security   Consider implementing data leak prevention software   Notify affected users/customers about leak
Malicious ApplicationDelete malicious applications   Consider implementing mobile device management software to prevent further issues   Consider wiping phone and reloading   Notify affected users/customers about leak  
User Account HackedChange passwords   Educate user about choosing more difficult password   Implement 2FA if possible Notify affected users/customers about leak