CompTIA A+ Core 1 (CA1-005) — Question 4

During a gap assessment, an organization notes that BYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage. However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources. Which of the following solutions should the organization implement to best reduce the risk of BYOD devices? (Choose two.)

Answer options

• A. Cloud IAM, to enforce the use of token-based MFA
• B. Conditional access, to enforce user-to-device binding
• C. NAC, to enforce device configuration requirements
• D. PAM, to enforce local password policies
• E. SD-WAN, to enforce web content filtering through external proxies
• F. DLP, to enforce data protection capabilities

Correct answer: B, C

Explanation

The correct answers, B and C, involve implementing technical controls that ensure only compliant devices can access organizational resources, thereby reducing BYOD risks. Conditional access (B) enforces user-to-device binding, ensuring that only authorized devices are used, while NAC (C) ensures devices meet specific configuration requirements. The other options, while valuable, do not directly address the risk of unauthorized BYOD access.