🔥 3-day streak
CompTIA CySA+ (CS0-003)64 / 147
Question 64 of 147
A security analyst is reviewing telemetry from an enterprise mobile device management (MDM) console after users reported unexpected battery drain on company-issued phones. The logs show that a recently sideloaded internal utility app requests and actively uses the following runtime permissions: READ_SMS, ACCESS_FINE_LOCATION, RECORD_AUDIO, and READ_CONTACTS. The app's stated purpose is to display the corporate cafeteria menu. Which conclusion is MOST supported by this application-layer indicator?
Reviewed for accuracy · Report an issueNext question