Examice

Exam CAS-004 All QuestionsBrowse all questions from this exam

Question 368

After installing an unapproved application on a personal device, a Chief Executive Officer reported an incident to a security analyst. This device is not controlled by the MDM solution, as stated in the BVOD policy. However, the device contained critical confidential information. The cyber incident response team performed the analysis on the device and found the following log:

Wed 12 Dec 2020 10:00:03 Unknown sources is now enabled on this device.

Which of the following is the MOST likely reason for the successful attack?

Lack of MDM controls

Auto-join hotspots enabled

Sideloading

Lack of application segmentation

Correct Answer: C

The most likely reason for the successful attack is sideloading. Enabling 'Unknown sources' on a device allows the installation of applications from outside the official app store, which introduces significant security risks. This procedure, known as sideloading, can easily lead to the installation of malicious applications if the sources are not trusted. Despite the lack of MDM controls being a contributing factor, the specific action that directly facilitated the attack was the enabling of unknown sources and subsequent sideloading of an unapproved application.

Discussion

ElDirecOption: A

Sideloading is a consequence of the lack of MDM controls. The lack of Mobile Device Management (MDM) controls on the personal device could have allowed sideloading of applications. MDM solutions can enforce security policies on devices, including preventing the installation of applications from unknown sources. So, in this case, the lack of MDM controls could have indirectly contributed to the sideloading issue and the subsequent security incident.

JackZOption: C

Sideloading

weaponxcelOption: C

C. Sideloading The enabling of "Unknown sources" suggests that an application was installed from outside the official app store, which can introduce significant security risks, especially if the source of the application isn't trusted. This process is known as sideloading.

HappyGOption: A

Lack of MDM controls led to sideloading being allowed.

Potato42Option: A

This is a tricky question - it's asking what is the most likely REASON for the successful attack. Sideloading is not the reason - it simply means manually installing an application not via an approved app store. The actualy REASON for this is that the device was not being managed by an MDM and, therefore, lacked security controls. All MDMs can enforce a payload or a feature control that prevents users from sideloading apps. I'm going for A.

b49eb27Option: C

i would like to say A, however the device probably had default protections to prevent sideloading and it is clear that the CEO purposefully ignored them and is negligent. If mdm was in place then yes, it would have likely been prevented but ultimately this is on the CEO for disregarding safety

23169fdOption: C

Definition: Sideloading refers to the installation of applications from unofficial sources, bypassing the app store's security controls. Implication: Enabling unknown sources allows potentially malicious applications to be installed on the device. These applications can have malware or other harmful components that can compromise the device's security and the confidentiality of the information stored on i

EAlonsoOption: B

it is B. as the source is unknow is not A, as BYOD the MDM is not installed, lack on BYOD policies.

saucehozzOption: A

Finding: Wed 12 Dec 2020 10:00:03 Unknown sources is now enabled on this device Question: What is the most likely REASON for the attack? Answer: The lack of MDM controls allowed unknown sources is the REASON.