CompTIA Security+ (SY0-601) — Question 295

A company recently enhanced mobile device configuration by implementing a set of security controls biometrics context-aware authentication and full device encryption. Even with these settings in place, an unattended phone was used by a malicious actor to access corporate data. Which of the following additional controls should be put in place first?

Answer options

• A. GPS tagging
• B. Remote wipe
• C. Screen lock timer
• D. SEAndroid

Correct answer: C

Explanation

Implementing a screen lock timer is crucial as it prevents unauthorized access to the device when left unattended. While GPS tagging, remote wipe, and SEAndroid are useful, they do not provide immediate protection against access through an unlocked device, which is why the screen lock timer is the most urgent control to establish.