Exam CISSP topic 1 question 383 discussion

If the device is encrypted then they can't get at the data. The other answers don't work because what if its turned off or no signal. Remote wipe won't work. Geolocate won't work. Even if you could locate it, then what? The police won't do anything.

But A includes D. You can enable encryption in Management Tool + lot more.

LOL it is like chicken and eggs kind of scenario here. You need both A and D and Strong Password + auto-wipe after 3 failed attempts. I hate these types of questions :)

Going with A. Also, similar questions like this with lost/stolen device with MDM... most practice tests I see put remote wiping as the correct answer.

encryption is the best, in a remote wipe data can be recovered

Answer A) Mobile Device Management (MDM) with device wipe Keep in mind that all new phones should already have hardware encryption...so D is already covered. MDM solutions offer tons of features such as application level encryption, remote wipe and other policies to secure the phone.

A. Mobile Device Management (MDM) with device wipe Mobile Device Management (MDM) with the ability to remotely wipe the device is the most effective feature for mitigating against data theft on a corporate mobile device that has been stolen. When a device is stolen, it's critical to ensure that sensitive corporate data doesn't fall into the wrong hands. MDM allows administrators to remotely wipe all data from the stolen device, rendering it useless to the thief and protecting the data.

A is the answer

From the Official Study Guide 9th edition - page 438 Personal electronic device security features can often be managed using a mobile device management (MDM) or unified endpoint management (UEM) solutions. These include device authentiation, full device encryption, communication protection, remote wiping, device lockout, screen locks, GPS and location service management, content management, application control, push notification management .........

Could've been stolen while he was talking on it so it was obviously unlocked. Many videos of people getting phones stolen while talking on them. Tough question. Gpt-3.5 and 4 say MDM

D. Whole device encryption with key escrow

Metigate = contain it doesnt meant prevent here, though MDM with remote wipe feature is the best for me

A is the best option since D has a flaw. Key escrow along with the encryption not a good idea....

From the Official Study Guide 9th edition - page 410 Some mobile devices, including portable computers, tablets, and mobile phones, may offer full-device encryption (FDE). Many mobile devices either are pre-encrypted or can be encrypted by the user/owner. Once a mobile device is encrypted, the user’s data is protected whenever the screen is locked, which causes the physical data port on the device to be disabled. This prevents unauthorized access to data on the device through a physical cable connection as long as the screen remains locked. Most if not all of the storage media of a device can be encrypted, this is usually a worthwhile feature to enable. However, encryption isn’t a guarantee of protection for data, especially if the device is stolen while unlocked or if the system itself has a known backdoor attack vulnerability. MDM is also at end of life and about to get deprecated to be replaced by UEM, which combines MDM and EMM (enterprise mobility management)

This is def.... "A"

A or D ? If mobile devices are stolen and the thieves open it in their Underground bunker, does it get internet connectivity to wipe the device using MDM? Is it an effective solution to protect? . Maybe you will come to know about this theft 1 week after the incident . Best ans-D