Register
An organization's mobile device inventory recently provided notification that a zero-day vulnerability was identified in the code used to control the baseband of the devices. The device manufacturer is
9.8k views
5 votes
An organization's mobile device inventory recently provided notification that a zero-day vulnerability was identified in the code used to control the baseband of the devices. The device manufacturer is expediting a patch, but the rollout will take several months. Additionally, several mobile users recently returned from an overseas trip and report their phones now contain unknown applications, slowing device performance. Users have been unable to uninstall these applications, which persist after wiping the devices.

Which of the following MOST likely occurred and provides mitigation until the patches are released?

A. Unauthentic firmware was installed; disable OTA updates and carrier roaming via MDM
B. Users opened a spear-phishing email; disable third-party application stores and validate all signed code prior to execution
C. An attacker downloaded monitoring applications; perform a full factory reset of the affected devices
D. Users received an improperly encoded emergency broadcast message, leading to an integrity loss condition; disable emergency broadcast messages

User Halostack
by
7.9k points

1 Answer

3 votes

Final answer:

The most likely scenario is that users opened a spear-phishing email. To mitigate the situation until patches are released, it is recommended to disable third-party application stores and validate all signed code before execution.

Step-by-step explanation:

The MOST likely scenario that occurred in this situation is option B: Users opened a spear-phishing email; disable third-party application stores and validate all signed code prior to execution.

A spear-phishing email is a targeted email attack where the attacker poses as a trusted source to trick the recipient into opening a malicious email attachment or clicking on a malicious link. In this case, the unknown applications and device performance issues are indicators of a potential compromise from a spear-phishing attack.

To mitigate this situation until the patches are released, it is recommended to disable third-party application stores and validate all signed code prior to execution. This would help prevent the installation of unknown applications and reduce the risk of further compromise.

User Curiousengineer
by
7.3k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.3m questions

10.9m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Disadvantages of using animation in advertising? advantages and disadvantages of using animation for education? advantages and disadvantages of using animation in entertainment?
Link Copied!