A new mobile banking application is being developed and uses SSL / TLS certificates but penetration tests
show that it is still vulnerable to man-in-the-middle attacks, such as DNS hijacking. Which of the following would
mitigate this attack?

A.
Certificate revocation

B.
Key escrow

C.
Public key infrastructure

D.
Certificate pinning