CompTIA
CAS-003 · Question #9
CAS-003 Question #9: Real Exam Question with Answer & Explanation
The correct answer is D: The device is rooted. A rooted Android device bypasses the OS security model, causing MDM solutions to reject enrollment because the device cannot be trusted to enforce corporate security policies.
Question
A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to access corporate resources. However, the MDM enrollment process continually fails. The administrator asks a security team member to look into the issue. Which of the following is the MOST likely reason the MDM is not allowing enrollment?
Options
- AThe OS version is not compatible
- BThe OEM is prohibited
- CThe device does not support FDE
- DThe device is rooted
Explanation
A rooted Android device bypasses the OS security model, causing MDM solutions to reject enrollment because the device cannot be trusted to enforce corporate security policies.
Common mistakes.
- A. The question states the device is fully updated, making an incompatible OS version an unlikely cause.
- B. OEM restrictions are possible but are a less common MDM policy compared to the near-universal enforcement against rooted devices.
- C. Modern Android devices support full-disk encryption natively, and a customized but updated device would still include this capability.
Concept tested. MDM enrollment blocking rooted Android devices
Reference. https://developers.google.com/android/work/requirements
Community Discussion
No community discussion yet for this question.