Multiple Choice
A company wants to secure a newly developed application that is used to access sensitive information and data from corporate resources. The application was developed by a third-party organization, and it is now being used heavily, despite lacking the following controls: Certificate pinning Tokenization Biometric authentication The company has already implemented the following controls: Full device encryption Screen lock Device password Remote wipe The company wants to defend against interception of data attacks. Which of the following compensating controls should the company implement NEXT?
A) Enforce the use of a VPN when using the newly developed application
B) Implement a geofencing solution that disables the application according to company requirements
C) Implement an out-of-band second factor to authenticate authorized users
D) Install the application in a secure container requiring additional authentication controls
Correct Answer:
Verified
Correct Answer:
Verified
Q357: Which of the following attacks can be
Q358: A manufacturing company's security engineer is concerned
Q359: An organization is reviewing endpoint security solutions.
Q360: A security administrator wants to allow external
Q361: A security analyst is inspecting pseudocode of
Q363: After several industry competitors suffered data loss
Q364: A security technician is incorporating the following
Q365: A security administrator is troubleshooting RADIUS authentication
Q366: Two new technical SMB security settings have
Q367: An organization is engaged in international business