CompTIA Security+ (SY0-501) — Question 234

A company is deploying smartphones for its mobile salesforce. These devices are for personal and business use but are owned by the company. Sales personnel will save new customer data via a custom application developed for the company. This application will integrate with the contact information stored in the smartphones and will populate new customer records onto it.
The customer application's data is encrypted at rest, and the application's connection to the back office system is considered secure. The Chief Information
Security Officer (CISO) has concerns that customer contact information may be accidentally leaked due to the limited security capabilities of the devices and the planned controls.
Which of the following will be the MOST efficient security control to implement to lower this risk?

Answer options

• A. Implement a mobile data loss agent on the devices to prevent any user manipulation with the contact information.
• B. Restrict screen capture features on the devices when using the custom application and the contact information.
• C. Restrict contact information storage dataflow so it is only shared with the customer application.
• D. Require complex passwords for authentication when accessing the contact information.

Correct answer: C

Explanation

The most efficient control is to restrict the dataflow of contact information so that it is only shared with the customer application, as this minimizes the risk of exposure to unauthorized applications. Option A, while useful, does not address the underlying issue of data sharing. Option B can help but does not completely prevent risks associated with data leaks. Option D enhances access security but does not directly address the potential for data leaks.