Managed configurations

 Application control

 Password

 MFA requirements

 Token-based access

 Patch repository

 Firmware Over-the-Air

 Remote wipe

 WiFi

  WiFi Protected Access (WPA2/3)

  Device certificates

 Profiles

 Bluetooth

 Near-field communication (NFC)

 Peripherals

 Geofencing

 VPN settings

 Geotagging

 Certificate management

 Full device encryption

 Tethering

 Airplane mode

 Location services

 DNS over HTTPS (DoH)

 Custom DNS

Deployment scenarios

 Bring your own device (BYOD)

 Corporate-owned

 Corporate owned, personally enabled (COPE)

 Choose your own device (CYOD)

Security considerations

 Unauthorized remote activation/deactivation of devices or features

 Encrypted and unencrypted communication concerns

 Physical reconnaissance

 Personal data theft

 Health privacy

 Implications of wearable devices

 Digital forensics of collected data

 Unauthorized application stores

 Jailbreaking/rooting

 Side loading

 Containerization

 Original equipment manufacturer (OEM) and carrier differences

 Supply chain issues

 eFuse