CompTIA Security+ (SY0-501) — Question 567

An organization is developing its mobile device management policies and procedures and is concerned about vulnerabilities that are associated with sensitive data being saved to a mobile device, as well as weak authentication when using a PIN. As part of some discussions on the topic, several solutions are proposed.
Which of the following controls, when required together, will address the protection of data-at-rest as well as strong authentication? (Choose two.)

Answer options

• A. Containerization
• B. FDE
• C. Remote wipe capability
• D. MDM
• E. MFA
• F. OTA updates

Correct answer: B, E

Explanation

FDE (Full Disk Encryption) protects sensitive data-at-rest by encrypting the entire disk, making it inaccessible without proper authentication. MFA (Multi-Factor Authentication) enhances security by requiring multiple forms of verification, thus addressing the concern of weak PIN authentication. The other options, while useful, do not provide both data-at-rest protection and strong authentication together.