CompTIA CASP+ Practice Test

What likely control is in place if man-in-the-middle attempts on a mobile banking application are failing with SSL errors?

• A. Two-factor authentication
• B. SSL certificate pinning
• C. Regular security audits
• D. Firewall protections

The correct answer is: SSL certificate pinning

The control likely in place to cause man-in-the-middle (MitM) attempts to fail with SSL errors is SSL certificate pinning. This technique enhances the security of mobile applications by ensuring that the app accepts only a specific, pre-defined SSL certificate or public key when establishing a secure connection. When SSL certificate pinning is implemented, if an attacker attempts to intercept the connection by presenting a fraudulent certificate, the mobile banking application will detect that the presented certificate does not match the pinned version. As a result, the connection will be terminated, leading to SSL errors. This prevents unauthorized access to sensitive data during transmission and significantly reduces the risk of MitM attacks. SSL certificate pinning is especially relevant in mobile banking applications, where the protection of financial data is critical. By using this method, developers can ensure that even if an attacker has access to network traffic or is trying to perform MitM attacks, the application will maintain its integrity and security by failing to establish a connection with a fraudulent certifying authority. In contrast, two-factor authentication primarily secures user authentication rather than the data transmission layer. Regular security audits are about identifying vulnerabilities over time but do not provide real-time defense against MitM attacks. Firewall protections help to block unwanted traffic but do not