CompTIA PenTest+ (PT0-001) — Question 120

An attacker performed a MITM attack against a mobile application. The attacker is attempting to manipulate the application's network traffic via a proxy tool. The attacker only sees limited traffic as cleartext. The application log files indicate secure SSL/TLS connections are failing. Which of the following is MOST likely preventing proxying of all traffic?

Answer options

• A. Misconfigured routes
• B. Certificate pinning
• C. Strong cipher suites
• D. Closed ports

Correct answer: B

Explanation

The correct answer is B, as certificate pinning is a security measure that ensures the application only accepts specific certificates, preventing attackers from intercepting traffic even if they control the proxy. The other options, such as misconfigured routes, strong cipher suites, and closed ports, are less likely to directly impact the ability to proxy traffic in the context of SSL/TLS connections.