CompTIA
CAS-003 · Question #589
CAS-003 Question #589: Real Exam Question with Answer & Explanation
The correct answer is B: Disable location services.. Disabling location services via MDM prevents foreign intelligence services from tracking employees' physical movements and locations while in a hostile country.
Question
A government contracting company issues smartphones to employees to enable access to corporate resources. Several employees will need to travel to a foreign country for business purposes and will require access to their phones. However, the company recently received intelligence that its intellectual property is highly desired by the same country's government. Which of the following MDM configurations would BEST reduce the risk of compromise while on foreign soil?
Options
- ADisable firmware OTA updates.
- BDisable location services.
- CDisable push notification services.
- DDisable wipe
Explanation
Disabling location services via MDM prevents foreign intelligence services from tracking employees' physical movements and locations while in a hostile country.
Common mistakes.
- A. Disabling OTA firmware updates prevents security patches from being applied, which increases the device's vulnerability to known exploits rather than reducing risk.
- C. Disabling push notifications marginally reduces information leakage but does not address the primary threat of physical tracking and surveillance by a foreign government actor.
- D. Disabling wipe removes the ability to remotely erase the device if it is lost or confiscated, which substantially increases the risk of data compromise.
Concept tested. MDM policy configuration for international travel risk reduction
Reference. https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started
Community Discussion
No community discussion yet for this question.