Page 625 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 625
Protected Access 2 (WPA2) encrypted wireless networks by linking
with the wireless access point via NFC. Because NFC is a radio-
based technology, it isn’t without its vulnerabilities. NFC attacks
can include man-in-the-middle, eavesdropping, data
manipulation, and replay attacks.
GPS
Many mobile devices include a Global Positioning System (GPS) chip
to support and benefit from localized services, such as navigation, so
it’s possible to track those devices. The GPS chip itself is usually just a
receiver of signals from orbiting GPS satellites. However, applications
on the mobile device can record the GPS location of the device and
then report it to an online service. You can use GPS tracking to
monitor your own movements, track the movements of others (such as
minors or delivery personnel), or track down a stolen device. But for
GPS tracking to work, the mobile device must have internet or wireless
phone service over which to communicate its location information.
Application Control
Application control is a device-management solution that limits which
applications can be installed onto a device. It can also be used to force
specific applications to be installed or to enforce the settings of certain
applications, in order to support a security baseline or maintain other
forms of compliance. Using application control can often reduce
exposure to malicious applications by limiting the user’s ability to
install apps that come from unknown sources or that offer non-work-
related features.
Storage Segmentation
Storage segmentation is used to artificially compartmentalize various
types or values of data on a storage medium. On a mobile device, the
device manufacturer and/or the service provider may use storage
segmentation to isolate the device’s OS and preinstalled apps from
user-installed apps and user data. Some mobile device-management
systems further impose storage segmentation in order to separate
