A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the Mobile Device Management (MDM), which of the following is a key security implication of this heterogeneous device approach?
A. The most common set of MDM configurations will become an effective set of enterprise mobile security controls.
B. All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to
adversaries.
C. Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.
D. MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured.
CompTIA Advanced Security Practitioner (CASP) Question 39
A newly hired systems administrator is trying to connect a new and fully updated, but very customized, Android device to access corporate resources. However, the MDM enrollment process continually fails. The administrator asks a security team member to look into the issue.
Which of the following is the MOST likely reason the MDM is not allowing enrollment?
A. The OS version is not compatible
B. The OEM is prohibited
C. The device does not support FDE
D. The device is rooted