Your customer is deploying devices that will be used at a university. One of the requirements is to monitor traffic for unauthorized content. They wish to implement SSL inspection to fulfill this requirement. What would be your recommendation based on Google's best practices?
Choose an answer
Tap an option to check your answer.
Correct answer: The customer can configure SSL inspection, as long as traffic to Google services bypasses the proxy.
Why this is the answer
Google's best practices for Android Enterprise deployments recommend that SSL inspection solutions be configured to bypass traffic destined for Google services. This is crucial because Google services often use certificate pinning, which means they expect a specific certificate chain. If an SSL inspection proxy intercepts and re-signs this traffic with its own certificate, it will break the chain, causing connection errors and service disruptions for Android devices. While SSL inspection can be valuable for security, it must be implemented carefully to avoid interfering with essential device functionality and Google service access. Bypassing ports other than 443 (HTTP/S) or all traffic on port 443 would severely limit the effectiveness of the desired SSL inspection.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed