GMOB試験無料問題集（152題）「GIAC Mobile Device Security Analyst 認定」

出題：1

Which mobile operating system feature is designed to detect and prevent the installation of malware-infected applications?
Response:

A. Sandbox

B. Google Play Protect

C. VPN

D. iCloud Backup

正解：B 解答を投票する

出題：2

What security implications should be considered when unlocking or rooting a mobile device?
(Choose two)
Response:

A. Updates to security patches are faster

B. The device becomes more vulnerable to malware

C. Device encryption may be bypassed

D. The operating system's integrity is enhanced

正解：B,C 解答を投票する

出題：3

Which MASVS verification tier is most suitable for an application that faces a wide range of users and handles varied data types, requiring comprehensive security but not tailored to highly sensitive data?
Response:

A. Level 2

B. Level 1

C. Level 3

D. Level 4

正解：A 解答を投票する

出題：4

In reverse engineering of mobile applications, what does obfuscation aim to prevent?
Response:

A. Clarity of the source code

B. Increase in file size

C. Decrease in runtime efficiency

D. Unauthorized access to source code

正解：D 解答を投票する

出題：5

Which file system feature should be evaluated to understand data storage security on Android devices?
Response:

A. NTFS permissions

B. HFS+ compression

C. EXT4 journaling

D. File-based Encryption (FBE)

正解：D 解答を投票する

出題：6

Which of the following are considered best practices for securing mobile devices against malware?
(Choose Three)
Response:

A. Installing apps from verified publishers only

B. Encrypting device data

C. Disabling unnecessary app permissions

D. Keeping Bluetooth and Wi-Fi on at all times

正解：A,B,C 解答を投票する

出題：7

What techniques can be used to bypass SSL/TLS encryption in a mobile app during penetration testing?
(Choose two)
Response:

A. Proxying network traffic through Burp Suite

B. Disabling SSL Pinning

C. Enabling root privileges on the mobile device

D. Using SSH tunneling

正解：A,B 解答を投票する

出題：8

Which tool is commonly used for reverse engineering Android applications?
Response:

A. Nessus

B. Wireshark

C. Burp Suite

D. APKTool

正解：D 解答を投票する

出題：9

Which vulnerability allows attackers to intercept mobile app traffic despite the use of SSL/TLS encryption?
Response:

A. Heartbleed

B. Padding Oracle

C. Cross-site Scripting (XSS)

D. SSL/TLS Misconfiguration

正解：D 解答を投票する

GMOB試験無料問題集「GIAC Mobile Device Security Analyst 認定」