Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?

An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user’s accounts is sensitive, and therefore, the organization wants to comply with the following requirements:
▪ Active full-device encryption
▪ Enabled remote-device wipe
▪ Blocking unsigned applications
▪ Containerization of email, calendar, and contacts
Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?
A. Require frequent password changes and disable NFC.
B. Enforce device encryption and activate MAM.
C. Install a mobile antivirus application.
D. Configure and monitor devices with an MDM.

How to PASS CAS-004 in First Attempt?

FULL Printable PDF and Software. VALID exam to help you PASS.

comptia-exams

6 thoughts on “Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?

  1. I think B is correct. MAM supports all of the requirements, when using MAM all corporate data is containerized and remote wipe removes the corporate data only. These are BYOD devices, so the company doesn’t own the private data. remote wiping the entire device with an mdm would be a huge liability.

  2. I tended to agree with D until I read up on MAM. Basically, MAM does allow you to remote wipe corporate data. There is nothing in the question which states remote wipe the entire device. Since these are BYOD, would you give the corporation the ability to wipe your personal tablet? On the other hand, you would use MAM to wipe the corporate data. I believe the correct answer is B and I hate agreeing with the given answer.

    1. After reading this from the Abernathy and McMillan study guide I think MDM is right.

      “One of the issues with allowing the use of personal devices in a bring your own device (BYOD) initiative is the possible mixing of sensitive corporate data with the personal data of the user. Containerization is a newer feature of most mobile device management (MDM) software that creates an encrypted “container” to hold and quarantine corporate data separately from that of the users. This allows MDM policies to be applied only to that container and not the rest of the device.”

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.