Ann, the Chief Technology Officer (CTO), has agreed to allow users to bring their own device (BYOD) in
order to leverage mobile technology without providing every user with a company owned device. She is
concerned that users may not understand the company’s rules, and she wants to limit potential legal
concerns. Which of the following is the CTO concerned with?

A.
Data ownership

B.
Device access control

C.
Support ownership

D.
Acceptable use

Explanation:
Issues of limiting potential legal concerns regarding company rules where users are allowed to bring their
own devices is the premise of data ownership. When a third party (in this case the user’s own device) is
involves in a data exchange when clear rules and restrictions should be applied regarding data ownership.
Incorrect Answers:
B: Device access control is not an issue here since users are allowed to bring their own devices.
C: Support ownership issues is part of BYOD policies that occurs when and how the company will support
the user’s mobile device in the event of it becoming damaged, developing a fault or experience a failure.
D: Acceptable use policies (AUPs) describe how the employees in an organization can use company
systems and resources, both software and hardware.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 24, 420
http://en.wikipedia.org/wiki/Acceptable_use_policy