A customer tells you they are concerned their custom app could be tricked to use a fraudulent certificate that gets installed on their Android devices. What technology would you discuss with them?

(A) Certificate Binding

(B) File-Based Encryption

(C) DNS over TLS

(D) Certificate Pinning


Apps developers can protect apps further from certificates that have been issued fraudulently by a technique known as Certificate pinning.

This restricts an app’s trusted CAs to a small set known to be used by the app’s servers. This prevents the compromise of one of the other 100+ CAs in the system from resulting in a breach of the app’s secure channel.


This question is from the Android Enterprise Professional (Updated) Post-exam. You can find answers to all the questions asked in this exam on our Android Enterprise Professional (Updated) Post-exam Answers page.

Leave a Comment

Share via
Copy link
Powered by Social Snap