SY0-301 · Question #913
Which of the following controls can be implemented together to prevent data loss in the event of theft of a mobile device storing sensitive information? (Select TWO).
The correct answer is A. Full device encryption B. Screen locks. Full device encryption and screen locks work together to prevent unauthorized data access from a stolen mobile device - encryption protects data at rest while screen locks prevent direct device access.
Question
Which of the following controls can be implemented together to prevent data loss in the event of theft of a mobile device storing sensitive information? (Select TWO).
Options
- AFull device encryption
- BScreen locks
- CGPS
- DAsset tracking
- EInventory control
How the community answered
(62 responses)- A94% (58)
- C2% (1)
- D2% (1)
- E3% (2)
Why each option
Full device encryption and screen locks work together to prevent unauthorized data access from a stolen mobile device - encryption protects data at rest while screen locks prevent direct device access.
Full device encryption scrambles all data stored on the device using a cryptographic key, so even if the physical device is stolen and the storage media removed, the data remains unreadable without the correct decryption credentials.
Screen locks require authentication (PIN, password, biometric) before granting access to the device, preventing an unauthorized person who steals the device from directly accessing its contents or applications.
GPS enables the location of a stolen device to be tracked, which may help recover it, but does not prevent an attacker who already has physical possession from accessing or extracting the data.
Asset tracking is an inventory management practice that records device ownership and location; it does not provide any technical control that prevents data access on a stolen device.
Inventory control manages organizational assets and tracks hardware assignments but provides no technical enforcement that protects data on a physically stolen device.
Concept tested: Mobile device data loss prevention controls
Source: https://csrc.nist.gov/publications/detail/sp/800-124/rev-2/final
Topics
Community Discussion
No community discussion yet for this question.