Exam SY0-501 topic 1 question 943 discussion

"Virtualization can provide an additional deployment model. Virtual Desktop Infrastructure (VDI) means provisioning a workstation OS instance to interchangeable hardware. The hardware only has to be capable of running a VDI client viewer. The instance is provided "as new" for each session and can be accessed remotely. The same technology can be accessed via a mobile device such as a smartphone or tablet. This removes some of the security concerns about BYOD as the corporate apps and data are segmented from the other apps on the device. "

I think it's correct because of the last part. "to prevent sensitive data from being stored on mobile devices"

Think provided answer is correct. They have already implemented a BYOB with MDM policy for there mobile phones(Smartphones). Now they need to implement a preventive system for mobile device (Tablets, laptops) which would be VDI (Virtual desktop infrastructure), NOT VMI (VMI is for mobile infrastructure). They really like to trip you up on wordage. After this exam, I'm going to be an English teacher... Reference Chapter 2 pages: 200 & 210 Technologies and Tools 2.5 Given a Scenario, deploy mobile devices securely. CompTIA Security Plus Review Guide

Storage segmentation can be used to store info externally from the mobile device (which lets face it will be a phone or tablet). VDI not really a goer. Answer is Storage Segmentation

I think the given answer is correct. A. VDI https://www.northridgegroup.com/blog/working-home-using-desktop-virtualization-byod/#:~:text=By%20using%20Desktop%20Virtualization%2C%20or,and%20from%20virtually%20any%20device.

Can you use VDI on a smart phone? VDI offers a secure environment to access certain IT services. An app for tablet computers and smart phones for both Android and iOS devices (iPad, iPhone, etc.) makes using VDI easy while on-the-go. VDI can be accessed by downloading the VMWare View client or by using a web-based version.

Answer is correct. They ask "prevent sensitive data from being stored on mobile devices"

If date will store that time you can select Containerization If date will not store : VDI

correct answer is B, storage segmentation. it allows personal data to be stored in one location and encrypted corporate to be store else where

I first thought "containerization", but then the data is still stored on the device. When using a VDI (a virtual desktop), then no data is ever stored on the device. => VDI I think

No, the answer is E. This is exactly what Geofencing does - "Geofencing is a proactive security feature which secures your organization's sensitive business data on Android and iOS devices. If your organization's security policy prevents users from accessing corporate data outside the organization premises, you can configure a geofence policy to identify non-compliant devices and subsequently define an action to be taken on them i.e. Geofencing provides IT administrators the ability to create virtual fences, ensuring usage of corporate devices are restricted to the configured boundaries. Mobile Device Manager Plus (MDM) lets you achieve this by creating geographical location based fences, defining a compliance rule and specifying an action to be taken on non-compliant devices. https://www.manageengine.com/mobile-device-management/mdm-geofencing.html

VDI on apple/android? you wish xD Geoforcing should force users to uise mobile only when in work

Containerization is to Apps as Storage Segmentation is to Storage. => B

Shouldn't it be B. Storage Segmentation? How do you put a VDI on phone?

Isn't this containerization?