Back to Host Security

Endpoint Security Management

5 minutes 5 Questions

Endpoint Security Management focuses on securing the devices (endpoints) in a network, such as workstations, laptops, and mobile devices, from malicious threats and unauthorized access. Key components of endpoint security management include centralizing the deployment and management of security too…

Test mode:
Start practice test
CompTIA Security+ - Endpoint Security Management Example Questions

Test your knowledge of Endpoint Security Management

Question 1

An organization has implemented data loss prevention (DLP) policies on its endpoints. An employee is experiencing difficulty in sending sensitive data to a personal email address. Which of the following is the most likely reason?

Correct Answer: DLP is blocking the transfer

Data loss prevention (DLP) policies are implemented to prevent unauthorized data transfers, especially sensitive data, outside the organization. If an employee cannot send sensitive data to their personal email address, the most likely reason is that DLP is blocking the transfer due to the violation of the organization's policies.

Question 2

A company is deploying a BYOD policy, and employees are required to install an antivirus application on their personal devices. An employee's device has been infected with a virus. What is the FIRST step the IT administrator should take to remediate the issue?

Correct Answer: Run a full antivirus scan

In this scenario, the first step to remediate the infected device is to run a full antivirus scan to detect and remove any threats. Other answers, such as quarantining the device, restricting access to company resources, or updating software, can be considered after the scan is completed and the necessary remediation actions have been taken.

Question 3

A company has issued a new policy stating that all employees must use their mobile devices for work-related tasks only. Employees have been provided with devices that are secured with an MDM solution. An employee suspects his device has been compromised. Which of the following actions should the system administrator take?

Correct Answer: Perform a remote wipe

If a device is suspected of being compromised, it's crucial to remove any sensitive data from it. A remote wipe, which will erase all data from the phone, is the best solution in this case. Since the device is managed via MDM, wiping can be done remotely. Other options like locking, revoking VPN access, or disabling Bluetooth don't ensure data security in this instance.

More Endpoint Security Management questions
2 questions (total)
Start 2 question test