Yeah, B and D definitely don't seem right. Basic auth over internal APIs? That's a big no-no. And using cloud hosting to manage security? That's more of a deployment consideration, not a security best practice.
Haha, using the same OS? That's a strange one. I can't imagine that would have anything to do with API security. Maybe the exam writer was just trying to throw in a red herring there.
I agree with Carman on A and C. Those are essential for keeping APIs secure. But I'm not sure about the other options - B, D, and E don't seem directly related to API security best practices.
Hmm, this question seems a bit tricky. I think options A and C are the correct answers here. Using tokens after authentication and encrypting/signing data are definitely best practices for API security.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Joanne
8 months agoOliva
8 months agoLizette
8 months agoNelida
8 months agoLino
8 months agoCarman
8 months ago