Cyber Security Assignment-1
Subject Name: Cyber Security
Subject Code: BCC401
Course/Branch: B.Tech / CSEAI-A, B
Semester: 4th
Date of Submission: 12/05/2025
Details :
Name : Anuj Yadav
Roll-No : 2302901520042
Section : AI(A)
1. How should organizations formulate security policies to protect their mobile
infrastructure? Discuss best practices in mobile security and management for
enterprises.
To protect mobile infrastructure, organizations should adopt a comprehensive mobile
security policy that includes:
- Risk Assessment: Identify and evaluate threats to mobile devices and apps.
- Device Management Policies: Use MDM (Mobile Device Management) or EMM (Enterprise
Mobility Management) tools.
- Authentication and Access Control: Enforce strong passwords, biometric authentication,
and multifactor authentication (MFA).
- Encryption: Ensure data at rest and in transit is encrypted.
- App Vetting and Whitelisting: Allow only approved apps; prohibit jailbroken/rooted
devices.
- Regular Updates and Patch Management: Automate OS and app updates to fix
vulnerabilities.
- Employee Training: Educate staff on phishing, social engineering, and secure practices.
Best Practices:
- Implement VPN for secure remote access.
- Segment enterprise network for mobile device traffic.
- Perform regular audits and compliance checks (e.g., with GDPR, HIPAA).
- Use remote wipe and lock features to secure lost/stolen devices.
2. Explain the role of registry settings in mobile devices. How do they contribute
to security and customization?
Registry settings in mobile devices (especially in Android or enterprise-configured
Windows devices) manage configuration data including system settings, app behavior, and
security protocols.
Role in Security:
- Control permissions (e.g., camera, location access).
- Enforce encryption and password policies.
- Lock down device features like USB debugging or app installation from unknown sources.
Role in Customization:
- Customize UI (themes, icons).
- Preconfigure Wi-Fi, VPN, or APN settings.
- Set enterprise-specific configurations using tools like Microsoft Intune, GPOs (for
Windows), or Android Enterprise APIs.
Conclusion: Properly managed registry settings enhance security posture while allowing
personalized and compliant mobile environments.
3. Research and explain various types of cyber attacks targeting mobile phones,
such as phishing, malware and SIM card cloning. How can users protect their
mobile devices from such attacks?
Types of Cyber Attacks:
- Phishing: Fraudulent emails or SMS ("smishing") trick users into sharing credentials.
- Malware: Malicious apps steal data, track activity, or hold devices ransom.
- SIM Card Cloning: Attackers duplicate SIM to intercept OTPs and calls.
- Man-in-the-Middle (MitM): Eavesdropping on data via insecure Wi-Fi.
- Spyware & Keyloggers: Monitor user activity and input.
Protection Measures:
- Avoid installing apps from unofficial sources.
- Enable biometric and two-factor authentication (2FA).
- Regularly update OS and apps.
- Use security software (antivirus, firewalls).
- Avoid public Wi-Fi or use a VPN.
- Monitor for suspicious activity like unknown SMS or excessive battery use.
4. Evaluate the current trends in mobility, including the impact of 5G, IoT, and
edge computing on mobile and wireless networks. How are these trends
shaping industries and consumer experiences?
Current Trends:
- 5G: Enables faster speeds, lower latency; supports AR/VR, smart cities.
- IoT (Internet of Things): Expands device interconnectivity; used in homes, healthcare, and
industry.
- Edge Computing: Processes data closer to source; reduces latency and enhances privacy.
Impact on Industries:
- Healthcare: Remote monitoring, real-time diagnostics.
- Manufacturing: Smart factories with predictive maintenance.
- Retail: Personalized shopping experiences via mobile apps.
- Transport: Autonomous vehicles and smart traffic systems.
Impact on Consumers:
- Seamless streaming and gaming with 5G.
- Smart home integration (IoT).
- Faster app performance (edge computing).
These trends drive innovation but also demand stricter mobile security to protect sensitive,
real-time data.
5. Analyze different types of credit card frauds that occur in mobile and wireless
transactions. What security measures can be implemented to mitigate such
fraud risks?
Types of Credit Card Frauds:
- Phishing Attacks: Fake websites or SMS trick users into entering card details.
- Man-in-the-Middle (MitM) Attacks: Intercept payment data over insecure Wi-Fi.
- Skimming Apps: Malicious apps steal stored card information.
- Account Takeover: Unauthorized access via credential stuffing or weak passwords.
Security Measures:
- Use tokenization and EMV standards.
- Enable biometric or 2FA for payment apps.
- Use secure connections (HTTPS, VPN).
- Monitor transactions with real-time alerts.
- Educate users about phishing and fraudulent apps.
- Encourage virtual credit cards for online/mobile transactions.
