Cisco Exam 300-735 Topic 7 Question 50 Discussion

Actual exam question for Cisco's 300-735 exam

Question #: 50
Topic #: 7

[All 300-735 Questions]

Which two methods are API security best practices? (Choose two.)

AUse tokens after the identity of a client has been established.

BUse the same operating system throughout the infrastructure.

CUse encryption and signatures to secure data.

DUse basic auth credentials over all internal API interactions.

EUse cloud hosting services to manage security configuration.

Show Suggested Answer

Suggested Answer: A, C

by Graciela at Nov 23, 2023, 05:52 AM

Limited Time Offer

25%

Off

Get Premium 300-735 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Goldie

11 days ago

I'm with you guys on the encryption and tokens. Those are like API Security 101. But the operating system thing, that's a new one to me. I wonder what the rationale is there. Maybe they're trying to trick us?

upvoted 0 times

...

Howard

12 days ago

Haha, yeah, basic auth for internal APIs? What is this, the 90s? Cloud hosting to manage security config is an interesting idea, but I think it really depends on the cloud provider and your specific use case. Gotta be careful with that one.

upvoted 0 times

...

Elouise

13 days ago

Yeah, I agree. Using encryption and signatures is a must for API security. And using tokens after authentication is also a really common best practice. Basic auth over internal APIs? That just sounds like a disaster waiting to happen.

upvoted 0 times

...

Deonna

14 days ago

Hmm, this is a tricky one. I'm not sure about using the same operating system throughout the infrastructure - that seems like it could be more of a deployment consideration than a security best practice. But using encryption and signatures to secure data, that's definitely a good one.

upvoted 0 times

...