CAS-003 · Question #452
A technician is configuring security options on the mobile device manager for users who often utilize public Internet connections while travelling. After ensuring that full disk encryption is enabled,
The correct answer is C. Issue a remote wipe of corporate and personal partitions E. Implement an always-on VPN. When users travel and use public internet connections, always-on VPN encrypts all traffic to protect data in transit, while remote wipe capability ensures corporate data can be erased if a device is lost or compromised while away from the office.
Question
A technician is configuring security options on the mobile device manager for users who often utilize public Internet connections while travelling. After ensuring that full disk encryption is enabled, which of the following security measures should the technician take? (Choose two.)
Options
- ARequire all mobile device backups to be encrypted
- BEnsure all mobile devices back up using USB OTG
- CIssue a remote wipe of corporate and personal partitions
- DRestrict devices from making long-distance calls during business hours
- EImplement an always-on VPN
How the community answered
(18 responses)- B11% (2)
- C83% (15)
- D6% (1)
Why each option
When users travel and use public internet connections, always-on VPN encrypts all traffic to protect data in transit, while remote wipe capability ensures corporate data can be erased if a device is lost or compromised while away from the office.
Encrypting device backups protects data at rest in backup storage but does not address the threat of network interception or device theft while using public connections.
USB OTG (On-The-Go) is a cable connection standard for transferring data between mobile devices; it has no relevance to securing connections over public internet.
Configuring remote wipe ensures that if a device is lost or stolen while traveling - a heightened risk when using public networks - the security team can immediately erase all corporate and personal data, preventing unauthorized access to sensitive information.
Restricting long-distance calls is a cost-control measure unrelated to protecting data confidentiality or device security on public networks.
An always-on VPN ensures that all network traffic from the mobile device is tunneled through the corporate security stack regardless of what network the user connects to, protecting data in transit from interception on untrusted public Wi-Fi or cellular networks.
Concept tested: Mobile device security controls for public network usage
Source: https://csrc.nist.gov/publications/detail/sp/800-124/rev-2/final
Topics
Community Discussion
No community discussion yet for this question.