CompTIA CASP+ (CAS-004) — Question 264

After installing an unapproved application on a personal device, a Chief Executive Officer reported an incident to a security analyst. This device is not controlled by the MDM solution, as stated in the BVOD policy. However, the device contained critical confidential information. The cyber incident response team performed the analysis on the device and found the following log:

Wed 12 Dec 2020 10:00:03 Unknown sources is now enabled on this device.

Which of the following is the MOST likely reason for the successful attack?

Answer options

• A. Lack of MDM controls
• B. Auto-join hotspots enabled
• C. Sideloading
• D. Lack of application segmentation

Correct answer: C

Explanation

The correct answer is C, as sideloading allows users to install applications from sources outside of the official app store, which can introduce vulnerabilities. The lack of MDM controls (A) contributed to the issue but did not directly cause the attack. Auto-join hotspots (B) could pose a risk but is not the primary reason, and lack of application segmentation (D) is also relevant but not the most immediate cause of the incident.