ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
A healthcare provider allows doctors to use personal tablets for accessing patient charts via a custom electronic health record (EHR) app. Compliance rules require that hospital data be encrypted at rest, prevent copy-and-paste into personal apps, and support selective wipe if a device is lost-without erasing the doctor's personal photos or messages. Which mobile security control BEST satisfies all of these requirements while minimizing impact on the user's personal data?
Mandate all EHR access through a device-level always-on VPN to the hospital network.
Use the MDM to blacklist non-approved apps and enable the operating system's native remote-lock feature.
Require users to enable full-device encryption and rely on remote wipe if the tablet is reported lost.
Deploy an MDM solution that enforces containerization, placing the EHR app and hospital data inside an encrypted corporate workspace with data leakage controls and selective wipe capability.
Containerization, implemented through an MDM or mobile application management platform, creates a logically segregated, encrypted workspace on the device. Corporate applications and data run inside this secure container, which enforces data-at-rest encryption and prevents data sharing with personal apps. Because corporate information remains within the container, administrators can perform a selective (enterprise) wipe that deletes only the container and its contents if the device is lost, leaving the user's personal data untouched. Full-device encryption protects data at rest but cannot stop data leakage between apps and requires a full wipe to remove corporate data. VPN-only solutions secure data in transit but not at rest or between apps. Application blacklisting or remote lock features alone do not provide encryption, data separation, or selective wipe capabilities.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is containerization in mobile security?
Open an interactive chat with Bash
How does selective wipe work in MDM solutions?
Open an interactive chat with Bash
Why isn't full-device encryption sufficient for BYOD security?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .