CompTIA SecurityX (CAS-005) — Question 313

A security engineer must ensure that sensitive corporate information is not exposed if a company laptop is stolen. Which of the following actions best addresses this requirement?

Answer options

• A. Utilizing desktop as a service for all company data and multifactor authentication
• B. Using explicit allow lists of specific IP addresses and deploying single sign-on
• C. Deploying mobile device management and requiring stronger passwords
• D. Updating security mobile reporting policies and monitoring data breaches

Correct answer: A

Explanation

Using desktop as a service along with multifactor authentication ensures that sensitive data is stored securely in the cloud, making it inaccessible from a stolen device. The other options may enhance security but do not directly address the issue of protecting sensitive data in the event of laptop theft.