CompTIA SecurityX (CAS-005) — Question 276

A security engineer must integrate device attestation into user authentication and authorization workflows for mobile devices. Which of the following best meets the requirements?

Answer options

• A. Enforcing a security boundary for all devices outside the perimeter network
• B. Enabling multifactor authentication using biometrics on access attempts
• C. Implementing single sign-on to centralize access control enforcement
• D. Configuring device profiling for patch level and jailbreak status

Correct answer: D

Explanation

The correct answer is D because configuring device profiling allows for checking the security status of devices, ensuring they are not compromised or outdated. Options A, B, and C focus on broader security measures that do not specifically address the need for device attestation in the context of user authentication and authorization workflows.