Certified Information Systems Auditor (CISA) — Question 1395

An employee loses a mobile device resulting in loss of sensitive corporate data. Which of the following would have BEST prevented data leakage?

Answer options

• A. Data encryption on the mobile device
• B. The triggering of remote data wipe capabilities
• C. Awareness training for mobile device users
• D. Complex password policy for mobile devices

Correct answer: A

Explanation

Data encryption on the mobile device is the best preventive measure because it protects sensitive information by making it unreadable without the correct decryption key. While remote data wipe capabilities can remove data after a device is lost, they do not prevent initial data exposure. Awareness training and a complex password policy are important but do not provide the same level of protection against data being accessed by unauthorized users if the device is lost.