An organization has established a bring your own device (BYOD) program. Which of the following is the MOST important security consideration when allowing employees to use personal devices for corporate applications remotely?
A.
Mandatory controls for maintaining security policy
A. Mandatory controls for maintaining security policy
While all the options listed are important for BYOD security, ensuring that there are mandatory controls in place to maintain security policy is the most critical aspect. BYOD introduces significant security risks because personal devices may not meet the same security standards as corporate devices. Therefore, having strict policies and controls in place is essential to mitigate these risks. These controls can include enforcing encryption, requiring strong authentication methods, monitoring device compliance, and implementing remote wipe capabilities, among others.
A. Mandatory controls for maintaining security policy
While all the options listed are important for BYOD security, ensuring that there are mandatory controls in place to maintain security policy is the most critical aspect. BYOD introduces significant security risks because personal devices may not meet the same security standards as corporate devices. Therefore, having strict policies and controls in place is essential to mitigate these risks. These controls can include enforcing encryption, requiring strong authentication methods, monitoring device compliance, and implementing remote wipe capabilities, among others.
The correct answer is A.
Mandatory controls for maintaining security policy are the most important security consideration when allowing employees to use personal devices for corporate applications remotely. This is because these controls help to ensure that corporate data is protected even when it is accessed on personal devices. Some examples of mandatory controls include:
Requiring employees to use strong passwords and multi-factor authentication
Encrypting corporate data on personal devices
Restricting access to corporate data to authorized employees
Implementing a remote wipe feature that can be used to erase corporate data from personal devices if they are lost or stolen.
A. Mandatory controls for maintaining security policy is the MOST important security consideration when allowing employees to use personal devices for corporate applications remotely. This includes having policies in place for device management, network access, and data encryption, as well as ensuring that employees understand and comply with these policies. The other options (B, C, and D) are also important considerations, but without strong mandatory controls in place, the security of the organization's data and systems may be at risk.
Not true. The answer should be A
You should use containers and MDM to monitor company-controlled applications only. MDM allows policies and protections to be in place for only the applications used by the company. The rest of the phone is not monitored by the organization.
Security Awareness training is always the MOST important security consideration in a BYOD situation. Can't force a person relinquish control of their device. Answer should be C.
upvoted 3 times
...
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
GAAMMC
1 month, 2 weeks agooluchecpoint
9 months agooluchecpoint
1 year, 1 month agorichck102
1 year, 4 months agoGr3yGh0sT
1 year, 5 months agoAbhey
1 year, 5 months agodedfef
1 year, 7 months agoCarlPTY07
1 year, 7 months agoBroesweelies
1 year, 9 months agobaranikumar_v
1 year, 9 months agokortcl
1 year, 8 months agoaokisan
1 year, 10 months agoBlackitalian3
1 year, 10 months ago