CompTIA SecurityX (CAS-005) — Question 157

During a gap assessment, an organization notes that BYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage. However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources. Which of the following solutions should the organization implement to best reduce the risk of BYOD devices? (Choose two.)

Answer options

• A. Cloud IAM, to enforce the use of token-based MFA
• B. Conditional access, to enforce user-to-device binding
• C. NAC, to enforce device configuration requirements
• D. PAM, to enforce local password policies
• E. SD-WAN, to enforce web content filtering through external proxies
• F. DLP, to enforce data protection capabilities

Correct answer: B, C

Explanation

The correct answers, B and C, focus on technical controls that ensure only authorized devices can access the organization's resources by validating user-device relationships and enforcing specific device configurations. Options A, D, E, and F do not directly address the enforcement of access controls for BYOD devices and therefore do not effectively mitigate the identified risk.