CompTIA Security+ (SY0-501) — Question 574

A mobile application developer wants to secure an application that transmits sensitive information. Which of the following should the developer implement to prevent SSL MITM attacks?

Answer options

• A. Stapling
• B. Chaining
• C. Signing
• D. Pinning

Correct answer: D

Explanation

The correct choice is D, Pinning, as it ensures the application only trusts a specific certificate or public key, which mitigates the risk of MITM attacks. The other options, while related to SSL/TLS, do not specifically address the prevention of MITM attacks in the same way that pinning does.