Exam SY0-601 topic 1 question 440 discussion

C- Screen Lock time should be put in first. We dont even know if the smart phone is an android. The Remote wipe and GPS tagging are helpful its not the first line of defense

The additional control that should be put in place first is a screen lock timer. Even with biometrics and full device encryption, an unattended mobile device can be easily accessed by anyone. If the screen lock is not set with a timer, someone can easily pick up the phone and access the data. Therefore, the screen lock timer is the most important control to implement first to prevent unauthorized access to corporate data in case the mobile device is unattended. GPS tagging and remote wipe are useful controls, but they do not address the problem of unauthorized access to the device. SEAndroid (Security-Enhanced Android) is a security feature that helps to protect against malicious code and attacks targeting the Android operating system. It is not directly related to preventing unauthorized access to a mobile device.

GPS tagging: Primarily used for locating lost or stolen devices, it doesn't prevent unauthorized access to data. Remote wipe: Requires an internet connection to execute and is typically used as a last resort after a device is lost or stolen. SEAndroid: While it can protect sensitive data by enforcing access control policies, it's not typically the first line of defense. It may not directly address unauthorized access to corporate data on an unattended device. Also, we don't know if the phone is an android or iOS-based.

C. Screen lock timer

I cannot find information related to the Screen lock timer. However, A, B and D do not make sense. I have no way but to choose C. Screen lock timer

-B Remote wipe The additional control that should be put in place first in this scenario is B. Remote wipe. Remote wipe allows an authorized user to remotely erase all data from a lost or stolen mobile device, thereby preventing unauthorized access to corporate data. Even with security controls such as biometrics, context-aware authentication, and full device encryption in place, a lost or stolen device can be a significant risk if it contains sensitive corporate data. Therefore, remote wipe is a critical control to have in place to mitigate the risk of data breaches resulting from lost or stolen devices.