Certified Information Systems Security Professional (CISSP) — Question 128

An organization is implementing a bring your own device (BYOD) policy. What would be BEST for mitigating the risk of users managing their own devices and potentially bringing in malware?

Answer options

• A. Setting up access control lists (ACL) for these devices.
• B. Installing a firewall on the organization’s primary network.
• C. Setting up a separate network within the organization’s demilitarized zone (DMZ).
• D. Setting up a separate, external wired or wireless network dedicated to these devices.

Correct answer: D

Explanation

The correct answer is D because setting up a separate network for BYOD devices isolates them from the primary network, reducing the risk of malware spreading. Options A and B do not sufficiently isolate the devices, while option C does not provide a complete separation from the main network, which is essential for security in a BYOD environment.