A security administrator wants to implement controls to harden company-owned mobile devices. Company policy specifies the following requirements:
Mandatory access control must be enforced by the OS.
Devices must only use the mobile carrier data transport.
Which of the following controls should the security administrator implement? (Select three).
A. Enable DLP
B. Enable SEAndroid
C. Enable EDR
D. Enable secure boot
E. Enable remote wipe
F. Disable Bluetooth
G. Disable 802.11
H. Disable geotagging
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
B,F,G
F: Bluetooth Tethering should also be prevented
B. Enable SEAndroid
To meet requirement 1 (MAC on OS)
Sources:
https://source.android.com/security/selinux
https://en.wikipedia.org/wiki/Mandatory_access_control
D. Enable secure boot
To meet requirement 1 (MAC on OS), avoiding OS modification and MAC bypass.
G. Disable 802.11
To meet requirement 2 (only use mobile network, like a 4G ou 5G).
My friend, you’re making stuff up. No one is asking about “avoiding OS modification and MAC bypass”; you’re making up stuff. Also, MAC bypass is easily done. Use Wireshark for a minute and you’ll find MACs that you can spoof easily.
B. Enable SEAndroid
To meet requirement 1 (MAC on OS)
Sources: https://source.android.com/security/selinux & https://en.wikipedia.org/wiki/Mandatory_access_control
D. Enable secure boot
To meet requirement 1 (MAC on OS), avoiding OS modification and MAC bypass
G. Disable 802.11
To meet requirement 2 (only use mobile network, like a 4G ou 5G)