A company implemented an MDM policy to mitigate risks after repeated instances of employees losing company-provided mobile phones. In several cases, the lost phones were used maliciously to perform social engineering attacks against other employees. Which of the following MDM features should be configured to best address this issue? (Choose two.)
To address the issue of lost company-provided mobile phones being used maliciously for social engineering attacks, configuring screen locks and remote wipe features in the MDM policy would be most effective. Screen locks prevent unauthorized access to the phone by requiring a passcode or biometric authentication, thus protecting the device's contents even if it is lost. Remote wipe allows the company to erase all data on the device remotely, ensuring that sensitive information cannot be accessed or misused if the phone falls into the wrong hands.
B. Remote wipe C. Full device encryption The above two options are better options to solve the issue mentioned in the question than other options there.
choose AB felt good about this answer 2024-20-2 On Test and passed with 802
Screen lock is more important than FDE. If the attacker has the code then FDE is irrelevant.
you can encrypt your device but it wont do much good if your phone doesn't lock lol
AB. Auto lock phones help prevent random apple picking. Always have the ability remote wipe FDE is nothing if the apple/android pin is known by snooping over a shoulder before picking them.
Gents, here's what ChatGP says: One thing to notice, Chat assumes that FDE means the phone is also locked, so A. Screen lock would be redundant. Correct Answers: B. Remote wipe C. Full device encryption
Don't use chatgpt, cite a source instead
After reading the comments. I have to go with A and B. Full disk encryption would be useless if you can access the device. Cant assume everyone puts a lock on their phone or mobile device.
BF - the issues isn't the social engineering attack; the issue is employees losing the phones. Geolocation will help them find them.
Exactly.....I agree. The scenario clearly says that "lost phones were used maliciously to perform social engineering attacks against other employees." To avoid "lost phones" implement geolocation. To avoid compromised data, implement remote wipe. B and F is the answer.
Its A and B. Full disk encryption will not prevent social engineering. Geolocation also has nothing to do with it as well. The question specifically says how to prevent social engineering attacks. So a lock screen and remote wipe are the only correct responses.
I have configured MDM policies myself and this is what I usually do to prevent this kind of scenarios.
Can “Screen Locks” prevent direct access to device storage such as "SSD" / "NAND flash memory". Can you explain guys?
AB with today standards. IOS/Androids are encrypted by default and that 99% of the market. I think A more likely than C.
I feel the answer must be screen locks and Remote wipe. The screen locks prevent the threat actors from performing social engineering on other employees. In the meantime providing admins enough time to take necessary actions such a remote wipe.
The question is talking bout company provided devices only, and they want to prevent two things: 1. the device being lost (because it cost money to replace), and 2. company data If it does get lost, Geolocation can help locate the device and Remote Wipe can erase all company data, if company device does get compromise. This will prevent "lost phones from performing social media attacks"....as it says in the scenario.
Also see Q#216 to help.
b and c of course
C = Doesn't matter if the bad actor has the unlock code. D = WTF E = Doesn't matter if the phone is offline. F = That only helps to locate it (maybe).