CompTIA CySA+ (CS0-002) — Question 280

An analyst is responding to an incident involving an attack on a company-owned mobile device that was being used by an employee to collect data from clients in the field. Malware was loaded on the device via the installation of a third-party software package. The analyst has baselined the device. Which of the following should the analyst do to BEST mitigate future attacks?

Answer options

• A. Implement MDM.
• B. Update the malware catalog.
• C. Patch the mobile device's OS.
• D. Block third-party applications.

Correct answer: A

Explanation

Implementing Mobile Device Management (MDM) is the best solution as it allows for centralized control over mobile devices, enabling policies to restrict the installation of unauthorized apps and manage security settings. While updating the malware catalog and patching the OS are important, they do not address the root cause of the vulnerability as effectively as MDM. Blocking third-party applications may limit functionality and user experience, which can be counterproductive in a mobile workforce environment.