Which security control should a bring-your-own-device (BYOD) policy require on all personally owned smartphones and laptops that access or store company data in order to mitigate the risk of data exposure if the device is lost or stolen?
Enforce geofencing so the device works only on-site
Require full-disk (device) encryption
Disable near-field communication (NFC) on the device
Full-disk (device) encryption protects data at rest by rendering the entire storage medium unreadable without proper authentication. If a device is lost or stolen, attackers cannot access corporate information without the decryption key. Disabling NFC, restricting device use to a geographic area, or lengthening the screen-lock timeout do not provide the same level of protection for locally stored data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is full-disk encryption, and how does it work?
Open an interactive chat with Bash
Why isn't disabling NFC sufficient for protecting data on BYOD devices?
Open an interactive chat with Bash
How does full-disk encryption compare to other forms of encryption like file-level encryption?