Cisco Exam 300-735 Topic 3 Question 52 Discussion

Actual exam question for Cisco's 300-735 exam

Question #: 52
Topic #: 3

[All 300-735 Questions]

Which two methods are API security best practices? (Choose two.)

AUse tokens after the identity of a client has been established.

BUse the same operating system throughout the infrastructure.

CUse encryption and signatures to secure data.

DUse basic auth credentials over all internal API interactions.

EUse cloud hosting services to manage security configuration.

Show Suggested Answer

Suggested Answer: A, C

by Johnna at Dec 25, 2023, 12:30 AM

Limited Time Offer

25%

Off

Get Premium 300-735 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Joanne

6 months ago

Yeah, B and D definitely don't seem right. Basic auth over internal APIs? That's a big no-no. And using cloud hosting to manage security? That's more of a deployment consideration, not a security best practice.

upvoted 0 times

Oliva

5 months ago

C) Use encryption and signatures to secure data.

upvoted 0 times

...

Lizette

5 months ago

A) Use tokens after the identity of a client has been established.

upvoted 0 times

...

Nelida

6 months ago

Haha, using the same OS? That's a strange one. I can't imagine that would have anything to do with API security. Maybe the exam writer was just trying to throw in a red herring there.

upvoted 0 times

...

Lino

6 months ago

I agree with Carman on A and C. Those are essential for keeping APIs secure. But I'm not sure about the other options - B, D, and E don't seem directly related to API security best practices.

upvoted 0 times

...

Carman

6 months ago

Hmm, this question seems a bit tricky. I think options A and C are the correct answers here. Using tokens after authentication and encrypting/signing data are definitely best practices for API security.

upvoted 0 times

...