Which of the following describes the MOST likely root cause of the problem and offers a solution?

Several days after deploying an MDM for smartphone control, an organization began noticing anomalous behavior across the enterprise Security analysts observed the following:

• Unauthorized certificate issuance

• Access to mutually authenticated resources utilizing valid but unauthorized certificates

• Granted access to internal resources via the SSL VPN

To address the immediate problem security analysts revoked the erroneous certificates .

Which of the following describes the MOST likely root cause of the problem and offers a solution?
A . The VPN and web resources are configured with too weak a cipher suite and should be rekeyed to support AES 256 in GCM and ECC for digital signatures and key exchange
B . A managed mobile device is rooted, exposing its keystore and the MDM should be reconfigured to wipe these devices and disallow access to corporate resources
C . SCEP is configured insecurely which should be enabled for device onboarding against a PKI for mobile-exclusive use
D . The CA is configured to sign any received CSR from mobile users and should be reconfigured to permit CSR signings only from domain administrators.

View Answer

Answer: B