Mobile Device Policy Builder

Build an MDM policy for three different organizations, each with distinct security requirements and workforce constraints. Select deployment models, authentication methods, network controls, data protection settings, and additional hardening — then handle a lost device incident using the policy you just built.

What You’ll Practice

• Selecting the right mobile deployment model (BYOD, COPE, CYOD, corporate-owned) based on organizational context
• Configuring containerization, authentication, network, and data controls that balance security against usability
• Choosing appropriate additional hardening controls (jailbreak detection, clipboard isolation, app allowlisting)
• Executing the correct incident response sequence for a lost/stolen device based on the policy you configured

How the Exam Tests This

Objective 4.1 covers mobile device management as a core security technique for computing resources. CompTIA expects you to know deployment models (BYOD vs COPE vs CYOD vs corporate-owned), understand containerization and work profiles, and select appropriate controls like remote wipe, geofencing, and certificate-based authentication. Scenario questions will describe an organization’s requirements and ask which deployment model or MDM policy fits — wrong answers typically confuse BYOD limitations (you can’t full-wipe a personal device) or over-engineer controls that destroy usability.

Scoring

Each scenario scores your policy configuration (6 categories) and your incident response decision separately. Policy choices are evaluated for correctness given the organization’s constraints — too permissive creates risk, too restrictive breaks workflows. The incident response score tests whether your wipe/response decision is consistent with the deployment model you selected. Final results include per-scenario breakdowns and key takeaways about deployment model tradeoffs.