CompTIA Security+ (SY0-601) — Question 477

A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices, the following requirements must be met:

• Mobile device OSs must be patched up to the latest release.
• A screen lock must be enabled (passcode or biometric).
• Corporate data must be removed if the device is reported lost or stolen.

Which of the following controls should the security engineer configure? (Choose two.)

Answer options

• A. Containerization
• B. Storage segmentation
• C. Posturing
• D. Remote wipe
• E. Full-device encryption
• F. Geofencing

Correct answer: C, D

Explanation

The correct answers are C and D because posturing ensures that devices comply with security policies, such as being patched and having a screen lock. Remote wipe is critical for removing corporate data from a device that is reported lost or stolen. The other options, while useful in different contexts, do not directly address the requirements stated in the policy.