Several days after deploying an MDM for smartphone control, an organization began noticing anomalous behavior across the enterprise Security analysts observed the following:
• Unauthorized certificate issuance
• Access to mutually authenticated resources utilizing valid but unauthorized certificates
• Granted access to internal resources via the SSL VPN
To address the immediate problem security analysts revoked the erroneous certificates .
Which of the following describes the MOST likely root cause of the problem and offers a solution?
A . The VPN and web resources are configured with too weak a cipher suite and should be rekeyed to support AES 256 in GCM and ECC for digital signatures and key exchange
B . A managed mobile device is rooted, exposing its keystore and the MDM should be reconfigured to wipe these devices and disallow access to corporate resources
C . SCEP is configured insecurely which should be enabled for device onboarding against a PKI for mobile-exclusive use
D . The CA is configured to sign any received CSR from mobile users and should be reconfigured to permit CSR signings only from domain administrators.
Answer: B
Latest CAS-003 Dumps Valid Version with 509 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund