CompTIA Security+ (SY0-601) — Question 568

A company implemented an MDM policy to mitigate risks after repeated instances of employees losing company-provided mobile phones. In several cases, the lost phones were used maliciously to perform social engineering attacks against other employees. Which of the following MDM features should be configured to best address this issue? (Choose two.)

Answer options

• A. Screen locks
• B. Remote wipe
• C. Full device encryption
• D. Push notifications
• E. Application management
• F. Geolocation

Correct answer: A, B

Explanation

Enabling screen locks helps prevent unauthorized access to the device when it is lost or left unattended, while remote wipe allows the company to erase all data from the device if it is lost, thus protecting sensitive information. Other options like full device encryption and geolocation do not directly prevent unauthorized use in the case of loss, and application management or push notifications do not address the immediate risk of the device being misused.