CAS-005 · Question #315
CAS-005 Question #315: Real Exam Question with Answer & Explanation
The correct answer is A: Geofencing. To meet the specified requirements, the MDM solution should enable geofencing to disable devices outside trusted zones and full disk encryption to prevent data access on lost devices.
Question
A security engineer wants to propose an MDM solution to mitigate certain risks. The MDM solution should meet the following requirements: - Mobile devices should be disabled if they leave the trusted zone. - If the mobile device is lost, data is not accessible. Which of the following options should the security engineer enable on the MDM solution? (Select two).
Options
- AGeofencing
- BPatch management
- CContainerization
- DFull disk encryption
- EAllow/blocklist
- FGeotagging
Explanation
To meet the specified requirements, the MDM solution should enable geofencing to disable devices outside trusted zones and full disk encryption to prevent data access on lost devices.
Common mistakes.
- B. Patch management keeps devices updated but does not directly address disabling devices based on location or preventing data access on lost devices.
- C. Containerization separates corporate data from personal data, which is good for data protection, but it doesn't disable the device based on location or encrypt the entire device to prevent all data access on a lost device.
- E. Allow/blocklists control which applications can be installed or run, which is a security control but does not address the location-based disabling or data inaccessibility on lost devices.
- F. Geotagging adds location information to data (like photos) but is not a security control for device access or data protection for lost devices.
Concept tested. MDM features for location-based security and data protection
Reference. https://learn.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune
Community Discussion
No community discussion yet for this question.