Risk, Assessment, and Security Planning

Flashcards covering mobile security, risk assessment, wireless networks, and OS security concepts from Android to iOS.

Risk Assessment

A review used to see what security risks exist and whether anything has changed since the last assessment, such as new threats, new technology, or new system requirements.

Security Audit

A security checkup that reviews whether systems, controls, and policies are working correctly.

Asset

Anything valuable that needs protection, such as data, phones, apps, servers, user accounts, or networks.

Threat

Anything that could harm a system or data, such as malware, hackers, stolen devices, or unsafe networks.

Vulnerability

A weakness that could be attacked or used to cause damage.

Mitigation

A way to reduce risk or limit damage, such as encryption, firewalls, strong passwords, or remote wiping.

Interception

When data traveling over a network is captured or listened to by someone else.

Availability

Making sure systems, apps, and services are working and available when people need them.

Service Level Agreement, or SLA

An agreement that says how reliable or available a service should be.

Access

The places or methods people use to connect to a network, especially remote users or users connecting to the outside internet.

Control

A security protection used to lower risk.

Fault-Tolerant Design

A system design that keeps working even if one part fails.

High-Availability Design

A design focused on keeping systems online with little downtime.

Single Point of Failure

One part of a system that can make the whole system fail if it breaks.

Firewall

A tool that controls what network traffic is allowed in or out.

Intrusion Prevention System, or IPS

A security tool that detects and blocks suspicious or harmful network activity.

SSL/VPN Concentrator

A device or system that handles secure VPN connections for remote users.

Demilitarized Zone, or DMZ

A separate network area used for public-facing systems so the private internal network stays safer.

Virtual Private Network, or VPN

An encrypted connection that lets someone securely access a private network over the internet.

Vulnerability Assessment

The process of finding, reviewing, and recording weaknesses in a system or network.

Vulnerability Scanner

A tool that automatically checks systems for known weaknesses, missing patches, open ports, or unsafe services.

Nessus

A vulnerability scanning tool used to find security weaknesses.

Saint

A tool used to scan systems and networks for vulnerabilities.

OpenVAS

An open-source tool used to scan for security problems.

Open Port

A network port that is accepting connections. It can be needed, but it can also be risky if exposed.

Missing Patch

A security update that has not been installed yet.

Version Analysis

A scanning method that checks software versions to see if they are outdated or vulnerable.

Behavior Analysis

A scanning method that looks at how a system responds to requests to find unusual or unsafe behavior.

Defense in Depth

Using many layers of security instead of relying on just one protection.

Screen Lock

A lock on a device that requires a password, PIN, pattern, face scan, or fingerprint.

Encrypted Drive

Storage that protects data so it cannot be read without the correct key or password.

Remote Wiping

Erasing data from a device remotely if it is lost or stolen.

Qualitative Risk Analysis

A risk review based on judgment, such as labeling risk as low, medium, or high.

Quantitative Risk Analysis

A risk review that uses money values and calculations.

Exposure Factor, or EF

The percentage of an asset that would be lost or damaged by a threat.

Single Loss Expectancy, or SLE

How much money one security incident is expected to cost.

Annual Rate of Occurrence, or ARO

How often a risk is expected to happen in one year.

Annualized Loss Expectancy, or ALE

How much money a risk is expected to cost per year.

ALE Formula

$$ALE = SLE \times ARO$$

Authenticator

The device that controls whether a client can join the network, usually the access point.

Beacon Frame

A signal sent by an access point so devices can find the Wi-Fi network.

Client Device

The phone, laptop, tablet, or other device trying to connect to the network.

Access Request

A request from a device asking to join a network.

Credentials

Proof of identity, such as a username, password, certificate, or key.

EAPoL, or Extensible Authentication Protocol over LAN

A protocol that carries login/authentication messages between a client and an access point.

RADIUS Protocol

A protocol that sends login/authentication requests from the access point to an authentication server.

Authentication Server

A server that checks whether a user or device is allowed to connect.

Temporal Keys

Temporary encryption keys given to an approved device to protect its wireless traffic.

Border Crossing Search Zone

A 100-mile zone near the U.S. border where device search rules may be different.

Fourth Amendment

Protects people from unreasonable searches and seizures, but protections can be weaker near borders.

Fifth Amendment

Protects people from self-incrimination. Passcodes can be safer legally than fingerprints or face unlock.

Passcode

A typed PIN or password used to unlock a device.

Biometric Unlock

Unlocking a device with a fingerprint, face scan, or other body-based method.

Burner Phone

A temporary phone used to protect privacy or reduce risk while traveling.

Routine Traffic Stop

A normal police stop while driving where users cannot be forced to unlock phones.

Mobile Malware

Malicious software made to harm or spy on mobile devices.

Operating System Attack, or OS Attack

An attack that targets the phone’s operating system, such as Android or iOS.

Side-Loaded Mobile Application

An app installed from outside the official app store.

Unauthorized Third-Party Site

A website that is not an official app store and may offer unsafe app downloads.

Communication Attack

An attack on data while it is being sent between devices, networks, or servers.

Lack of User Awareness

When users do not understand security risks, such as fake Wi-Fi, unsafe apps, or suspicious permissions.

Uninstalled System Updates

Updates that were not installed, leaving the device open to known security problems.

Mobile Browsing Vulnerability

A weakness from using a mobile browser, such as unsafe websites, tracking, or browser exploits.

USB Connection Risk

The risk from plugging a phone into unknown or unsafe USB ports or devices.

Bluetooth Connection Risk

The risk from Bluetooth connections, especially if the device pairs with unknown devices.

Android

A mobile operating system based on Linux that is often targeted by attackers due to its popularity.

Android Fragmentation

The problem of Android being used on many different devices with different hardware, updates, and OS versions.

Rooting

Giving yourself full control over an Android device, which gives more freedom but weakens security.

Root Access

The highest level of system permission.

Trojan

Malware that pretends to be a normal or useful app.

Peer-to-Peer, or P2P, Software Sharing Site

A file-sharing site where users trade files directly; often used to spread infected apps.

Android Software Development Kit, or Android SDK

The official set of tools used to create and analyze Android apps.

Compile

To turn source code into an app or program that can run.

Decompile

To turn an app back into readable code or a readable structure.

Android Security Model

Android’s security system that uses Linux permissions, app sandboxing, and controlled access to resources.

Linux Kernel

The core part of Android that manages memory, apps, hardware, and permissions.

Process Sandboxing

Running each app separately so it cannot easily affect other apps.

Dalvik Virtual Machine, or Dalvik VM

The older Android environment where apps ran in their own isolated space.

Virtual Machine, or VM

A software environment that runs code separately from other parts of the system.

Android Sandbox

The system that keeps each Android app separate with its own files, memory, user ID, and permissions.

Unique User ID

A separate ID given to each Android app so Android can keep apps isolated.

File-System Permissions

Rules that control which apps or users can access certain files.

API, or Application Programming Interface

A set of functions that apps use to communicate with the operating system or services.

Android Permission Model

The system where apps must ask permission before using protected resources like the camera, location, contacts, or storage.

Device Owner Permission

Approval from the phone’s owner to let an app use certain resources.

Stack Overflow

A memory problem where too much data goes into the stack and may allow attacks.

Kernel Address Leak

When secret memory location information from the kernel is exposed.

Integer Overflow

A bug where a number becomes too large for the space it is stored in.

Format String Protection

Protection against attacks that abuse badly handled text formatting in code.

No-eXecute, or NX

A security feature that stops code from running in memory areas where it should not run.

Stack

A memory area used for temporary information and function calls.

Heap

A memory area used for data that programs create while running.

Cryptographic APIs

Tools apps use to encrypt, decrypt, hash, or protect data.

Crypto Primitives

Basic building blocks of cryptography, like encryption, hashing, and digital signatures.

Boot Loader

The software that starts before the operating system and loads it.

Apple iOS Operating System Component-Layered Model

iOS security built in layers, including system architecture, encryption/data protection, and network security.

System Architecture

The iOS layer that protects the device using hardware, the OS platform, sandboxing, and app isolation.

Application Isolation

Keeping apps separate so one app cannot freely access another app’s data or the system.

Keychain Data Protection

Protection for sensitive saved data like passwords, tokens, and keys.

Transport Layer Security, or TLS

A newer and stronger protocol used to encrypt network traffic.