An administrator is tasked with remotely wiping the Chief Information Officer’s (CIO’s) device after it is reported stolen. Which of the following should be reviewed to determine if authentication attempts have failed after the device was stolen?
A. Logon attempts on the MDM server
B. Review cellular logs
C. Location services on the device
D. Accounts lockout on the network ID
