nerdexam
ExamsCAS-002Questions#133
CompTIA

CAS-002 · Question #133

CAS-002 Question #133: Real Exam Question with Answer & Explanation

The correct answer is B: Update the policy to disallow non-company end-point devices on the corporate network.. The documented BYOD failures - unpatched devices, malware incidents, and unencrypted lost devices - are best resolved by prohibiting non-company endpoint devices from the corporate network.

Question

The Chief Information Officer (CIO) of a technology company is likely to move away from a de- perimeterized model for employee owned devices. This is because there were too many issues with lack of patching, malware incidents, and data leakage due to lost/stolen devices which did not have full-disk encryption. The `bring your own computing' approach was originally introduced because different business units preferred different operating systems and application stacks. Based on the issues and user needs, which of the following is the BEST recommendation for the CIO to make?

Options

  • AThe de-perimeterized model should be kept as this is major industry trend and other
  • BUpdate the policy to disallow non-company end-point devices on the corporate network.
  • CThe de-perimeterized model should be kept but update company policies to state that non-
  • DUpdate the policy to disallow non-company end-point devices on the corporate network.

Explanation

The documented BYOD failures - unpatched devices, malware incidents, and unencrypted lost devices - are best resolved by prohibiting non-company endpoint devices from the corporate network.

Common mistakes.

  • A. Continuing the de-perimeterized model because it is an industry trend ignores documented security failures that are actively causing harm to the organization.
  • C. Updating policy without technical enforcement does not prevent users from connecting unpatched or unencrypted personal devices - the same underlying vulnerabilities remain present.
  • D. This option also references disallowing non-company devices but includes additional provisions that do not directly resolve the core endpoint security control gaps identified.

Concept tested. BYOD policy and managed endpoint security control enforcement

Reference. https://csrc.nist.gov/publications/detail/sp/800-124/rev-2/final

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-002 Practice