Q: What are the OWASP Top 10 Mobile Risks for 2016?
A: Improper Platform Usage, Insecure Data Storage, Insecure Communication, Insecure Authentication, Insufficient Cryptography, Insecure Authorization, Client Code Quality, Code Tampering, Reverse Engineering, Extraneous Functionality.

Q: Name three types of device attacks in mobile security.
A: Browser-based attacks, phone/SMS-based attacks, application-based attacks.

Q: What is the Agent Smith attack?
A: An attack where malicious apps replace legitimate ones on a victim's device to display fraudulent ads and steal information.

Q: How do hackers profit from compromised mobile devices?
A: Through surveillance, financial exploitation, data theft, botnet activity, and impersonation.

Q: What is SMiShing?
A: SMS phishing, a type of attack where fraudulent SMS messages trick users into revealing personal information.

Q: What is app sandboxing?
A: A security mechanism that isolates apps to limit their access to system resources and other apps' data.

Q: What is Bluesnarfing?
A: Stealing information via Bluetooth from devices set to "discoverable" mode.

Q: What is the SS7 vulnerability?
A: A protocol vulnerability that allows attackers to eavesdrop on communications and intercept sensitive information.

https://quizlet.com/au/928581112/module-17-hacking-mobile-platforms-flash-cards/?i=2hfw1u&x=1jqt