CompTIA CASP+ (CAS-003) — Question 11

A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them. After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. The security analyst is now recommending that developers and testers have a separate device profile allowing this, and that the rest of the organization's users do not have the ability to manually download and install untrusted applications. Which of the following settings should be toggled to achieve the goal? (Choose two.)

Answer options

• A. OTA updates
• B. Remote wiping
• C. Side loading
• D. Sandboxing
• E. Containerization
• F. Signed applications

Correct answer: E, F

Explanation

The correct answers are E (Containerization) and F (Signed applications) because containerization helps isolate applications and data, allowing developers to test without compromising security for other users. Signed applications ensure that only verified apps can be installed by general users, preventing the manual installation of untrusted applications.