Multiple Choice
An organization, which handles large volumes of PII, allows mobile devices that can process, store, and transmit PII and other sensitive data to be issued to employees. Security assessors can demonstrate recovery and decryption of remnant sensitive data from device storage after MDM issues a successful wipe command. Assuming availability of the controls, which of the following would BEST protect against the loss of sensitive data in the future?
A) Implement a container that wraps PII data and stores keying material directly in the container's encrypted application space.
B) Use encryption keys for sensitive data stored in an eFuse-backed memory space that is blown during remote wipe.
C) Issue devices that employ a stronger algorithm for the authentication of sensitive data stored on them.
D) Procure devices that remove the bootloader binaries upon receipt of an MDM-issued remote wipe command.
Correct Answer:
Verified
Correct Answer:
Verified
Q255: While an employee is on vacation, suspicion
Q256: A server (10.0.0.2) on the corporate network
Q257: A threat advisory alert was just emailed
Q258: A Chief Information Security Officer (CISO) is
Q259: Following a recent network intrusion, a company
Q261: A forensics analyst suspects that a breach
Q262: A company has hired an external security
Q263: With which of the following departments should
Q264: A security analyst receives an email from
Q265: A security engineer is analyzing an application