Security professionals often advise against jailbreaking (iOS) or rooting (Android) a corporate-owned mobile device. Which of the following best explains why this practice is considered a significant security risk?
It disables built-in code-signing and sandbox protections, allowing unvetted apps to run with elevated privileges.
It ensures the device continues to receive manufacturer security patches sooner than stock devices.
It forces the device to install apps exclusively from the official app store, reducing exposure to malware.
It automatically enables full-disk encryption by default, making user data inaccessible to attackers.
Jailbreaking or rooting bypasses the manufacturer's code-signing and sandbox controls, granting the user and any installed application root-level privileges. Without these protections, unvetted software can run unrestricted, dramatically enlarging the attack surface and making malware infection, data theft, and further privilege escalation far more likely. By contrast, the other statements are incorrect: jailbreaking removes app-store restrictions instead of enforcing them, does not automatically enable encryption, and typically prevents or delays future security updates from the vendor.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are code-signing and sandbox protections?
Open an interactive chat with Bash
Why does jailbreaking or rooting stop manufacturers' security updates?
Open an interactive chat with Bash
What is the significance of root-level privileges in mobile security?