VMware Exam 2V0-62.23 Topic 9 Question 32 Discussion

Actual exam question for VMware's 2V0-62.23 exam

Question #: 32
Topic #: 9

A Workspace ONE UEM administrator is concerned about the security of their organization's mobile devices. The concern is with jail-broken or rooted devices accessing company resources or navigating within the company network. The company's CIO wants a no-tolerance policy for devices in this state, requesting that they be removed immediately if detected.

How can the administrator enforce the policy using Workspace ONE UEM?

AConfigure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to send an email to the user asking them to unenroll.

BConfigure an application blacklist policy for one of the apps that is used to jail-break or root devices.

CConfigure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to enterprise wipe the device immediately.

DConfigure a daily report checking for compromised devices. Manually send enterprise wipe commands to each device based on the devices listed in the report.

Show Suggested Answer

Suggested Answer: C

To enforce a no-tolerance policy for jailbroken or rooted devices, an administrator should configure a compliance policy in Workspace ONE UEM that checks for a compromised status. If a device is compromised, the configured action should be to enterprise wipe the device immediately. Reference: VMware Workspace ONE UEM documentation on compliance policies.

by Desirae at Jan 26, 2025, 03:32 PM

Limited Time Offer

25%

Off

Get Premium 2V0-62.23 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Samira

2 months ago

Hmm, I wonder if the CIO knows that 'no-tolerance' means 'no mercy' in the IT world. Time to break out the big wipes!

upvoted 0 times

Beth

1 months ago

D) It's important to take quick action when it comes to security threats. The CIO is right to want a no-tolerance policy.

upvoted 0 times

...

Cheryll

2 months ago

C) Configure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to enterprise wipe the device immediately.

upvoted 0 times

...

Pamela

2 months ago

B) That sounds like a good way to handle it. Better safe than sorry!

upvoted 0 times

...

Emeline

2 months ago

A) Configure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to send an email to the user asking them to unenroll.

upvoted 0 times

...

Benton

3 months ago

I like that idea, Rosendo. It adds an extra layer of caution before taking drastic actions.

upvoted 0 times

...

Janna

3 months ago

Seriously, we're talking about jail-broken devices here. I say we go with the nuclear option - enterprise wipe 'em all and let the IT gods sort it out!

upvoted 0 times

Rolande

1 months ago

D) I agree, we need to take a strong stance on this issue to protect our company's data.

upvoted 0 times

...

Luisa

1 months ago

C) Configure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to enterprise wipe the device immediately.

upvoted 0 times

...

Marget

2 months ago

B) That might work for some cases, but what if the user ignores the email and keeps using the device?

upvoted 0 times

...

Eden

2 months ago

A) Configure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to send an email to the user asking them to unenroll.

upvoted 0 times

...

Rosendo

3 months ago

That's a valid concern, Rory. Maybe we can combine options A and C to first send a warning email before wiping the device.

upvoted 0 times

...

Mariko

3 months ago

Whoa, daily reports and manual wipes? That's a lot of work! I'd go with the compliance policy to automatically handle the compromised devices. Efficiency is key!

upvoted 0 times

...

Sherman

3 months ago

Enterprise wipe, huh? That's one way to send a message, but I'd be worried about the user experience. Maybe we could try a blacklist policy instead?

upvoted 0 times

Beckie

2 months ago

B: I see your point about user experience. Maybe configuring an application blacklist policy could be a less drastic approach.

upvoted 0 times

...

Lucina

2 months ago

A: Configure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to send an email to the user asking them to unenroll.

upvoted 0 times

...

Rory

3 months ago

I'm not sure about option C. What if we accidentally wipe a device that is not actually compromised?

upvoted 0 times

...

Benton

3 months ago

I agree with Rosendo. Option C is the most efficient way to enforce the policy and prevent any security breaches.

upvoted 0 times

...

Rosendo

3 months ago

I think option C is the best choice. We need to wipe compromised devices immediately to protect our company's security.

upvoted 0 times

...

Felicidad

3 months ago

C'mon, we can't just enterprise wipe devices on the spot! That's a bit too extreme. Let's go with something more user-friendly, like sending an email first.

upvoted 0 times

Nobuko

2 months ago

B) Maybe we can also consider configuring an application blacklist policy for apps used to jail-break or root devices as an additional measure.

upvoted 0 times

...

Aretha

2 months ago

C) I agree, sending an email first is a more user-friendly approach.

upvoted 0 times

...

Luis

3 months ago

A) Configure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to send an email to the user asking them to unenroll.

upvoted 0 times

...

Jani

3 months ago

C) I agree, enterprise wiping immediately seems harsh. Sending an email first is a more user-friendly approach.

upvoted 0 times

...

Veronique

3 months ago

A) Configure a compliance policy to check for Compromised Status = Compromised. Configure the compliance action to send an email to the user asking them to unenroll.

upvoted 0 times

...