CompTIA CySA+ (CS0-002) — Question 43

A financial organization has offices located globally. Per the organization's policies and procedures, all executives who conduct business overseas must have their mobile devices checked for malicious software or evidence of tampering upon their return. The information security department oversees this process, and no executive has had a device compromised. The Chief Information Security Officer wants to implement an additional safeguard to protect the organization's data.
Which of the following controls would work BEST to protect the privacy of the data if a device is stolen?

Answer options

• A. Implement a mobile device wiping solution for use once the device returns home.
• B. Install a DLP solution to track data flow.
• C. Install an encryption solution on all mobile devices.
• D. Train employees to report a lost or stolen laptop to the security department immediately.

Correct answer: C

Explanation

Option C is the best choice because encryption ensures that the data on a mobile device is unreadable without the correct decryption key, significantly protecting the data if the device is stolen. While option A provides a wiping mechanism, it may not prevent data exposure before the wipe occurs. Options B and D, while helpful, do not directly secure the data on the device itself.