A new mobile banking application is being developed and uses SSL / TLS certificates but
penetration tests show that it is still vulnerable to man-in-the-middle attacks, such as DNS
hijacking. Which of the following would mitigate this attack?
A.
Certificate revocation
B.
Key escrow
C.
Public key infrastructure
D.
Certificate pinning
Explanation: