Ann, an attacker, has spoofed a mobile device serial number so she can connect to the MDM environment. Which of the following would an administrator check to uncover this attack?
A. Review the SIEM logs on a corporate network to determine authentication issues
B. Review certificate revocations by the MDM
C. Review connection attempts to the network from that phone’s serial number
D. Review recent connection locations, looking for an abnormal location
