CompTIA
PT0-001 · Question #238
PT0-001 Question #238: Real Exam Question with Answer & Explanation
The correct answer is B: Certificate pinning. Certificate pinning causes the mobile app to reject the proxy's certificate during the SSL/TLS handshake, producing connection failures and preventing full traffic interception.
Vulnerability discovery and analysis
Question
An attacker performed a MITM attack against a mobile application. The attacker is attempting to manipulate the application's network traffic via a proxy tool. The attacker only sees limited traffic as cleartext. The application log files indicate secure SSL/TLS connections are failing. Which of the following is MOST likely preventing proxying of all traffic?
Options
- AMisconfigured routes
- BCertificate pinning
- CStrong cipher suites
- DClosed ports
Explanation
Certificate pinning causes the mobile app to reject the proxy's certificate during the SSL/TLS handshake, producing connection failures and preventing full traffic interception.
Common mistakes.
- A. Misconfigured routes would prevent traffic from reaching the proxy entirely rather than causing selective SSL/TLS handshake failures for specific connections.
- C. Strong cipher suites affect encryption strength but do not prevent a proxy from intercepting and re-encrypting traffic or cause certificate-related rejection errors.
- D. Closed ports would block all connections to specific services entirely, not produce partial cleartext visibility alongside SSL/TLS failures.
Concept tested. Certificate pinning bypass in mobile application proxy testing
Reference. https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning
Topics
#certificate pinning#SSL/TLS#mobile application security#proxy bypass
Community Discussion
No community discussion yet for this question.