A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?

Posted by: Pdfprep Category: CAS-002 Tags: CompTIA CASP, CAS-002 exam questions, CAS-002 practice exam Post Date: November 29, 2020

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?
A . SSL certificate revocation
B . SSL certificate pinning
C . Mobile device root-kit detection
D . Extended Validation certificates

Answer: B

A penetration tester is assessing a mobile banking application. Man-in-the-middle attempts via a HTTP intercepting proxy are failing with SSL errors. Which of the following controls has likely been implemented by the developers?

Author

Leave a Reply Cancel reply