CAS-004 Exam QuestionsBrowse all questions from this exam
Go to Exam

CAS-004 Exam - Question 368

After installing an unapproved application on a personal device, a Chief Executive Officer reported an incident to a security analyst. This device is not controlled by the MDM solution, as stated in the BVOD policy. However, the device contained critical confidential information. The cyber incident response team performed the analysis on the device and found the following log:

Wed 12 Dec 2020 10:00:03 Unknown sources is now enabled on this device.

Which of the following is the MOST likely reason for the successful attack?

Show Answer
Correct Answer: AC

The most likely reason for the successful attack is sideloading. Enabling 'Unknown sources' on a device allows the installation of applications from outside the official app store, which introduces significant security risks. This procedure, known as sideloading, can easily lead to the installation of malicious applications if the sources are not trusted. Despite the lack of MDM controls being a contributing factor, the specific action that directly facilitated the attack was the enabling of unknown sources and subsequent sideloading of an unapproved application.

Discussion

9 comments
Sign in to comment
JackZOption: C
Oct 20, 2023

Sideloading

ElDirecOption: A
Feb 4, 2024

Sideloading is a consequence of the lack of MDM controls. The lack of Mobile Device Management (MDM) controls on the personal device could have allowed sideloading of applications. MDM solutions can enforce security policies on devices, including preventing the installation of applications from unknown sources. So, in this case, the lack of MDM controls could have indirectly contributed to the sideloading issue and the subsequent security incident.

weaponxcelOption: C
Oct 22, 2023

C. Sideloading The enabling of "Unknown sources" suggests that an application was installed from outside the official app store, which can introduce significant security risks, especially if the source of the application isn't trusted. This process is known as sideloading.

Potato42Option: A
Dec 19, 2023

This is a tricky question - it's asking what is the most likely REASON for the successful attack. Sideloading is not the reason - it simply means manually installing an application not via an approved app store. The actualy REASON for this is that the device was not being managed by an MDM and, therefore, lacked security controls. All MDMs can enforce a payload or a feature control that prevents users from sideloading apps. I'm going for A.

HappyGOption: A
Mar 16, 2024

Lack of MDM controls led to sideloading being allowed.

b49eb27Option: C
Apr 7, 2024

i would like to say A, however the device probably had default protections to prevent sideloading and it is clear that the CEO purposefully ignored them and is negligent. If mdm was in place then yes, it would have likely been prevented but ultimately this is on the CEO for disregarding safety

saucehozzOption: A
Apr 14, 2024

Finding: Wed 12 Dec 2020 10:00:03 Unknown sources is now enabled on this device Question: What is the most likely REASON for the attack? Answer: The lack of MDM controls allowed unknown sources is the REASON.

EAlonsoOption: B
Jul 15, 2024

it is B. as the source is unknow is not A, as BYOD the MDM is not installed, lack on BYOD policies.

23169fdOption: C
Jul 15, 2024

Definition: Sideloading refers to the installation of applications from unofficial sources, bypassing the app store's security controls. Implication: Enabling unknown sources allows potentially malicious applications to be installed on the device. These applications can have malware or other harmful components that can compromise the device's security and the confidentiality of the information stored on i