CompTIA CASP+ (CAS-003) — Question 231

An organization's mobile device inventory recently provided notification that a zero-day vulnerability was identified in the code used to control the baseband of the devices. The device manufacturer is expediting a patch, but the rollout will take several months.
Additionally, several mobile users recently returned from an overseas trip and report their phones now contain unknown applications, slowing device performance.
Users have been unable to uninstall these applications, which persist after wiping the devices. Which of the following MOST likely occurred and provides mitigation until the patches are released?

Answer options

• A. Unauthentic firmware was installed; disable OTA updates and carrier roaming via MDM
• B. Users opened a spear-phishing email; disable third-party application stores and validate all signed code prior to execution
• C. An attacker downloaded monitoring applications; perform a full factory reset of the affected devices
• D. Users received an improperly encoded emergency broadcast message, leading to an integrity loss condition; disable emergency broadcast messages

Correct answer: A

Explanation

The correct answer is A because the presence of unknown applications and the inability to uninstall them suggest that unauthorized firmware may have been installed on the devices. Disabling OTA updates and carrier roaming via MDM can help prevent further issues while waiting for the official patch. The other options do not address the core issue of unauthorized firmware installation.