Employees are permitted to bring personally owned portable Windows 10 Enterprise computers to the office.
They are permitted to install corporate applications by using the management infrastructure agent and access
corporate email by using the Mail app.
An employee’s personally owned portable computer is stolen.
You need to protect the corporate applications and email messages on the computer.
Which two actions should you perform? Each correct answer presents part of the solution.
A.
Prevent the computer from connecting to the corporate wireless network.
B.
Change the user’s password.
C.
Disconnect the computer from the management infrastructure.
D.
Initiate a remote wipe.
Explanation:
The personally owned portable Windows 10 Enterprise computers being managed by the management
infrastructure agent enables the use of remote wipe. By initiating a remote wipe, we can erase all company data
including email from the stolen device.
Microsoft Intune provides selective wipe, full wipe, remote lock, and passcode reset capabilities. Because
mobile devices can store sensitive corporate data and provide access to many corporate resources, you can
issue a remote device wipe command from the Microsoft Intune administrator console to wipe a lost or stolen
device.
Changing the user’s password should be the first step. If the stolen computer is accessed before the remote
wipe happens, the malicious user could be able to access company resources if the laptop has saved
passwords.
Incorrect Answers:
A: Preventing the computer from connecting to the corporate wireless network will not offer much protection.
The person in possession of the laptop would still be able to access all the data on the laptop and download
emails. Furthermore, it is likely that the corporate applications can access corporate servers over any Internet
connection.
C: Disconnecting the computer from the management infrastructure will not help. The person in possession of
the laptop would still be able to access all the data on the laptop and download emails. This step would also
remove the ability to perform a remote wipe. The computer will be disconnected from the management
infrastructure when the remote wipe happens.https://technet.microsoft.com/en-gb/library/jj676679.aspx
agree