CompTIA CASP+ CAS-004 – Question031

A developer is creating a new mobile application for a company. The application uses REST API and TLS 1.2 to communicate securely with the external back-end server. Due to this configuration, the company is concerned about HTTPS interception attacks.
Which of the following would be the BEST solution against this type of attack?

A.
Cookies
B. Wildcard certificates
C. HSTS
D. Certificate pinning

Correct Answer: C

Explanation: