CAS-001 · Question #504
CAS-001 Question #504: Real Exam Question with Answer & Explanation
The correct answer is B: Smartphones can export sensitive data or import harmful data with this application causing the. Allowing a consumer cloud storage application on a corporate device creates a bidirectional data risk where sensitive corporate data can be silently exfiltrated to an uncontrolled cloud environment and malicious files can be introduced into the device.
Question
Options
- AConsumer cloud storage systems retain local copies of each file on the smartphone, as well as in
- BSmartphones can export sensitive data or import harmful data with this application causing the
- CConsumer cloud storage systems could allow users to download applications to the smartphone.
- DSmartphones using consumer cloud storage are more likely to have sensitive data remnants on
Explanation
Allowing a consumer cloud storage application on a corporate device creates a bidirectional data risk where sensitive corporate data can be silently exfiltrated to an uncontrolled cloud environment and malicious files can be introduced into the device.
Common mistakes.
- A. Consumer cloud storage applications do not specifically retain extra local copies of files beyond what the OS manages; the primary concern is cloud-side storage of corporate data, not local duplication.
- C. Cloud storage applications provide file sync functionality, not an application installation channel; they cannot bypass the device whitelist to install unauthorized applications.
- D. Data remnants are a concern during device disposal or reuse, but the active, ongoing security implication of running a cloud storage app is the live export and import of data, not residual data artifacts.
Concept tested. Mobile data leakage risk from consumer cloud apps
Reference. https://csrc.nist.gov/publications/detail/sp/800-124/rev-2/final
Community Discussion
No community discussion yet for this question.