Sales representatives use company-managed smartphones for email, CRM, and document access. If a phone is lost, IT must remove only the corporate apps and work data without erasing the employee's personal photos and contacts. Which control should be used?

Perform a full factory reset remotely as soon as any device is reported lost.

A factory reset removes personal data too, which is too disruptive for a BYOD-style separation requirement.

Disable password complexity so the user can regain access more easily after replacement.

Weakening authentication does not address loss response or data separation on the device.

Install a VPN profile and assume corporate data is safe if the network traffic is encrypted.

VPN encryption protects traffic in transit, but it does not remove data already stored on a lost device.

What does this SY0-701 question test?

Read the scenario before looking for a memorised answer.

What is the correct answer to this question?

The correct answer is: Use selective wipe through a mobile device management platform. — Selective wipe is the correct control because it allows administrators to remove only the managed corporate container, mail, and documents while leaving personal content intact. That is especially important in mixed-use or BYOD environments where the organization must respond to loss without overreaching into private data. MDM platforms typically provide this capability along with policy enforcement, making them ideal for balancing privacy and corporate data protection. Why others are wrong: A factory reset is too broad and destroys personal data. Weakening password settings makes the device less secure and does not help with lost-device response. VPNs protect traffic, not information already stored on the handset, so they are not a replacement for remote data removal.

What should I do if I get this SY0-701 question wrong?

Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.