A company wants to secure a newly developed application that is used to access sensitive information and data from corporate resources. The application was developed by a third-party organization, and it is now being used heavily, despite lacking the following controls: Certificate pinning Tokenization Biometric authentication The company has already implemented the following controls: Full device encryption Screen lock Device password Remote wipe The company wants to defend against interception of data attacks. Which of the following compensating controls should the company implement NEXT?
A) Enforce the use of a VPN when using the newly developed application
B) Implement a geofencing solution that disables the application according to company requirements
C) Implement an out-of-band second factor to authenticate authorized users
D) Install the application in a secure container requiring additional authentication controls
Correct Answer:
Verified
Q396: The Chief Executive Officer (CEO) of a
Q397: A small firm's newly created website has
Q398: Users have reported that an internally developed
Q399: A large, multinational company currently has two
Q400: An organization based in the United States
Q402: Due to a recent acquisition, the security
Q403: A hospital is using a functional magnetic
Q404: A company contracts a security consultant to
Q405: An online bank has contracted with a
Q406: A government entity is developing requirements for
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents