CompTIA CASP+ (CAS-004) — Question 401

A security engineer investigates an incident and determines that a rogue device is on the network. Further investigation finds that an employee's personal device has been set up to access company resources and does not comply with standard security controls. Which of the following should the security engineer recommend to reduce the risk of future reoccurrence?

Answer options

• A. Require device certificates to access company resources.
• B. Enable MFA at the organization's SSO portal.
• C. Encrypt all workstation hard drives.
• D. Hide the company wireless SSID.

Correct answer: A

Explanation

Requiring device certificates ensures that only compliant devices can connect to the network, directly addressing the issue of unauthorized access. Enabling MFA at the SSO portal enhances security but does not prevent unauthorized device connections. Encrypting workstation hard drives protects data at rest but does not relate to network access control. Hiding the company wireless SSID offers minimal security and does not address the root cause of the rogue device issue.