ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 139 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 139
Topic #: 1
[All 312-50v12 Questions]

You are a cybersecurity consultant for a global organization. The organization has adopted a Bring Your Own Device (BYOD)policy, but they have recently experienced a phishing incident where an employee's device was compromised. In the investigation, you discovered that the phishing attack occurred through a third-party email app that the employee had installed. Given the need to balance security and user autonomy under the BYOD policy, how should the organization mitigate the risk of such incidents? Moreover, consider a measure that would prevent similar attacks without overly restricting the use of personal devices.

  • A. Provide employees with corporate-owned devices for work-related tasks.
  • B. Require all employee devices to use a company-provided VPN for internet access.
  • C. Implement a mobile device management solution that restricts the installation of non-approved applications.
  • D. Conduct regular cybersecurity awareness training, focusing on phishing attacks.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
e020fdc
3 months ago
Selected Answer: C
From Chat GPT: Mobile Device Management (MDM) strikes this balance: MDM allows IT administrators to enforce security policies on personal devices without owning them. With the right configuration, MDM can: Restrict or block the use of unauthorized or unapproved apps, like third-party email clients that bypass secure gateways. Enforce encryption, remote wipe, and separate work/personal data (through containerization). Allow continued use of the personal device while segregating or protecting corporate resources. This directly addresses the attack vector (unauthorized apps) while preserving BYOD flexibility.
upvoted 1 times
...
Naif2030
5 months, 3 weeks ago
Selected Answer: D
they don't have the rights to restrict me from downloading anything on my own device, otherwise they should buy me one. so the only valid answer here is D
upvoted 3 times
...
Rami1996
7 months ago
Selected Answer: C
I think that MDM is the most suitable choice
upvoted 1 times
...
7a0977f
9 months, 3 weeks ago
I have to go with C. If in fact MDM can be applied to BYOD, then C is the correct answer. D mitigates nothing.
upvoted 2 times
...
tyw82
10 months, 2 weeks ago
Selected Answer: D
While MDM should be implemented, the restriction of installation of non-approved applications does not solve this particular issue, because the problem is not with the app itself. No matter which email app you install on your phone, if the staff is not trained on phishing, he can still fall prey to email scams, including those on approved email apps.
upvoted 2 times
...
noyon2002
1 year ago
C The correct answer From CEH v12, p.2712 : Mobile Device management MDM is gaining considerable importance with the adoption of policies such as BYOD across organization ............................................ Moreover in the BYOD scenario two separates session one for business and one personal and the MDM will control only the business portion and not the personal
upvoted 2 times
e541084
5 months, 2 weeks ago
your last line shows that the correct answer is D not C, because using mobile is personal not business mobile
upvoted 1 times
...
...
49f4430
1 year, 2 months ago
Selected Answer: D
D, it has to be D
upvoted 2 times
...
0ea2cf3
1 year, 3 months ago
D. Bring Your Own Device (BYOD), the device is the user's personal property if the owners of the device wants to put TikTok, Facebook, X, etc. it is the owner's personal property.
upvoted 2 times
...
Bas375
1 year, 4 months ago
BYOD is a personal device, MDM fails in real life as users don't support the idea. C would be preferred but D is more practical.
upvoted 3 times
...
0af6dbd
1 year, 4 months ago
Selected Answer: D
when it comes to phishing, the same option is to make employees aware.
upvoted 1 times
...
qtygbapjpesdayazko
1 year, 5 months ago
Selected Answer: D
D. i think
upvoted 1 times
...
Spam_Protection
1 year, 5 months ago
Selected Answer: C
Module 17, page 1720: Develop a blacklist of all the restricted applications on BYOD device
upvoted 2 times
...
ahmedalkibsy
1 year, 5 months ago
Selected Answer: D
Because it is BYOD so, can't restrict the user.
upvoted 3 times
...
lmourikis
1 year, 5 months ago
According to the book, as stated by insaniunt (Module 17 Page 2713) it is C. However, in outside the context of the exam, for BYOD MDM is not recommended and companies prefer MAM (Mobile App Management) instead for such a scenario.
upvoted 1 times
...
8utterFree
1 year, 5 months ago
Selected Answer: D
Phishing attack is the main problem not the third-party email app in this scene.
upvoted 1 times
...
athicalacker
1 year, 5 months ago
Selected Answer: D
Mobile device management solution (Option C )could be seen as overly restrictive in a BYOD environment. So I think its D.
upvoted 2 times
...
Mabrow
1 year, 5 months ago
D. i think C. MDM is good but make restrict use personal devices
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel