Several days after deploying an MDM for smartphone control, an organization began noticing anomalous behavior across the enterprise. Security analysts observed the following: Unauthorized certificate issuance Access to mutually authenticated resources utilizing valid but unauthorized certificates Granted access to internal resources via the SSL VPN To address the immediate problem, security analysts revoked the erroneous certificates. Which of the following describes the MOST likely root cause of the problem and offers a solution?
A) The VPN and web resources are configured with too weak a cipher suite and should be rekeyed to support AES 256 in GCM and ECC for digital signatures and key exchange.
B) A managed mobile device is rooted, exposing its keystore, and the MDM should be reconfigured to wipe these devices and disallow access to corporate resources.
C) SCEP is configured insecurely, which should be enabled for device onboarding against a PKI for mobile-exclusive use.
D) The CA is configured to sign any received CSR from mobile users and should be reconfigured to permit CSR signings only from domain administrators.
Correct Answer:
Verified
Q376: An organization is concerned that its hosted
Q377: Which of the following are the MOST
Q378: A technician is reviewing the following log:
Q379: A smart switch has the ability to
Q380: A company has made it a spending
Q382: A secure facility has a server room
Q383: A security engineer discovers a PC may
Q384: A security analyst receives an email from
Q385: A security administrator receives reports that several
Q386: A Chief Information Security Officer (CISO) has
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents