A multinational consultancy firm recently conducted a mobile security awareness session after noticing repeated incidents...

The EC-Council Incident Handler (ECIH) curriculum stresses that mobile malware often enters enterprise environments through sideloaded applications obtained from untrusted sources. Android devices that allow installation from unknown sources significantly increase organizational risk.

Mobile Device Management (MDM) solutions are recommended to enforce application control policies, including restricting installations to digitally signed applications from approved app stores. By enforcing signed app installation policies, organizations prevent the execution of tampered or malicious APK files.

Option A (remote tracking) assists with lost device recovery but does not prevent malicious installations. Option B (Bluetooth/NFC restriction) addresses wireless communication risks, not app integrity. Option C (full-disk encryption) protects stored data but does not stop malware from executing.

ECIH guidance highlights enforcing mobile security baselines, restricting unknown sources, implementing application whitelisting, and applying MDM-enforced controls to prevent sideloaded malware infections. Therefore, enforcing MDM policies that allow only signed app installations is the most effective preventive control.