CompTIA CASP+ (CAS-004) — Question 459

A mobile gaming company wants to secure the newest version of a game against an on-path attack. The company hires a security architect to perform a threat modeling exercise. Which of the following is the best solution for the architect to recommend?

Answer options

• A. Requiring certificate pinning in the mobile application
• B. Setting up obfuscation techniques to make reverse engineering more difficult.
• C. Configuring client authentication using certificates within the mobile application.
• D. Developing checks within the application for rooted devices.

Correct answer: A

Explanation

Requiring certificate pinning in the mobile application is the best solution as it ensures that the app only accepts trusted certificates, thereby preventing on-path attacks. While obfuscation can make reverse engineering harder, it does not specifically address on-path threats. Configuring client authentication with certificates and developing checks for rooted devices are also important but do not directly mitigate on-path attacks.