CompTIA CASP+ (CAS-003) — Question 165

An organization enables BYOD but wants to allow users to access the corporate email, calendar, and contacts from their devices. The data associated with the user's accounts is sensitive, and therefore, the organization wants to comply with the following requirements:
✑ Active full-device encryption
✑ Enabled remote-device wipe
✑ Blocking unsigned applications
✑ Containerization of email, calendar, and contacts
Which of the following technical controls would BEST protect the data from attack or loss and meet the above requirements?

Answer options

• A. Require frequent password changes and disable NFC.
• B. Enforce device encryption and activate MAM.
• C. Install a mobile antivirus application.
• D. Configure and monitor devices with an MDM.

Correct answer: D

Explanation

The correct answer is D because Mobile Device Management (MDM) allows for comprehensive control over devices, enabling full-device encryption, remote wipe capabilities, and application management, thus meeting all outlined requirements. The other options do not provide the same level of control and security needed for sensitive corporate data.