Exam CAS-004 topic 1 question 43 discussion

Quick google search: Can you use remote wipe on a byod ? Yes, you can use remote wipe on BYOD (Bring Your Own Device) devices12. For example, when an employee leaves the organization, IT can wipe any corporate data from the BYOD Android smartphone while leaving personal data intact1. You can enforce remote wipe policies for BYOD devices using software tools that allow you to locate, lock, and wipe the devices remotely

From the CompTIA CertMaster: Remote wipe means that if a handset is lost or stolen it can be reverted back to factory defaults and/or cleared of any sensitive data (sanitization). Some utilities may also be able to wipe plug-in memory cards too. The remote wipe could be triggered by several incorrect passcode attempts or by enterprise management software. Other features include backing up data from the phone to a server first and displaying a "Lost/stolen phone—return to XX" message on the handset. Now for the MOST LIKELY part of the question: A thief can prevent a remote wipe by ensuring the phone cannot connect to a communications network by placing the device in a faraday bag or enabling " airplane mode , " which shuts off all forms of wireless connectivity including mobile, Wi-Fi, Bluetooth, and NFC.

Where are the questions?

How can you wipe it if its lost? come on people its D

Remote wipe a BYOD, not sure if its a good idea.

We have to remember that MFA will not prevent someone from accessing the data unless the device is encrypted. So to best way to protect it would be to perform a remote wipe when reported stolen.

I thought A is the best answer since the Device is BYOD therefore a remote wipe will require the person's consent and Using a VPN to access the data will require authenticating to access the data once the phone is lost. Yet Answer C makes the most sense since the individual will most likely want that data wiped after the phone is lost. So I would say C is the best answer.

This question is extremely hard because it lacks context about how the BYOD is used. Based on a few assumptions like if company provided devices prior that means they have to handle work related data in their devices. If data is stored MOST of the companies uses MDP and requires the user to give up rights of the device to IT and Security. If this is the case then remote wipe is the correct answer. There is always option two where only use of the device is to access company emails, time card, and other simple apps this normally does not required MDM but they will will lean to MFA as a way to prevent access of the app but the data is not stored in the device is access through the web. The question leans me more to ANSWER C but D is also correct in some cases. Also in real word BOYD used in company will use both method MDM to secure data on the device and MFA to protect unauthorized access.

For common sense purposes I would choose C. The book I use, CompTIA® Advanced Security Practitioner (CASP+) CAS-004 Cert Guide McMillan, Troy. CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide (Certification Guide) (p. 2). Pearson Education. Kindle Edition. does not talk about MFA, only remote wipe.

You're protecting data on the device, so C.

The best option would be the remote wipe