An organization permits the storage and use of its critical and sensitive information on employee-owned smartphones. Which of the following is the BEST security control?
A.
Monitoring now often the smartphone is used
B.
Developing security awareness training
C.
Requiring the backup of the organization s data by the user
Remote wipe is only useful for certain use cases (e.g., if employee lost the smartphone). In contrast, user awareness training is more comprehensive to teach users on how to process and use data, including physical security measures to prevent the lost or theft of devices.
Does it make sense if you want to wipe other people's data on the same phone? Unless you install a separate enterprise OS. So user awareness is the best solution.
D. Establishing the authority to remote wipe
I'm going with D becuase, what if the threat is an insider threat. Maybe one of your employees decides to misuse company data deliberately. Training will not help in this situation. Remote Wipe is the best option in this scenario.
The best security control for what exactly ? I dont think training user is control , D is control but its very far fetched since you allow users to store and use data.
It doesn’t feel like a realistic question .
I believe B is the better of the two... educating the user on appropriate use cases and how to manage the data etc...
comparing this to option D which is the single control to wipe it once reported the phone is missing etc... user education provides that much more value
Developing security awareness training (option B) is beneficial, but it alone may not provide sufficient control over the data stored on employee-owned smartphones.
So the correct Option D
The correct solution would be (D) as the organization should be able to wipe the device in case it is stolen or misplaced.
A. Could cause potential legal issues
B. Developing security awareness training would do nothing to control the situation but only make users aware of the situation.
C. Requiring the backup of the organization s data by the user does not address the fact that a device may be stolen or misplaced.
upvoted 4 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
beever
Highly Voted 1 year, 11 months agoJosef4CISM
Most Recent 1 month agoEvedzy
4 months, 2 weeks ago03allen
7 months, 1 week agoPOWNED
1 year agoSoleandheel
1 year, 1 month agooluchecpoint
1 year, 4 months agoAaronS1990
1 year, 4 months agoGoseu
1 year, 6 months agoRowlandmarc
1 year, 6 months ago[Removed]
1 year, 5 months agorichck102
1 year, 6 months agoSaisharan
1 year, 7 months agodark_3k03r
1 year, 9 months ago