A is the Answer.
Here's the list of best practices in securing RESTful API.
1. Always Use HTTPS - Traffic must be encrypted
2. Never expose information on URLs - as this can be captured in web server logs, which makes them easily exploitable.
3. Consider Oauth
4. Adding Timestamp in Request - This will prevent very basic replay attacks from people who are trying to brute force your system
5. Input Parameter Validation - Put strong validation checks and reject the request immediately if validation fails.
6. Use Auditing and Logging - Any subject or entity can be audited
Answer A: Adding Timestamp in Request
Along with other request parameters, you may add a request timestamp as an custom header in API requests.
The server will compare the current timestamp to the request timestamp and only accepts the request if it is within a reasonable timeframe (30 seconds, perhaps).
This will prevent very basic replay attacks from people who are trying to brute force your system without changing this timestamp.
This section is not available anymore. Please use the main Exam Page.350-401 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
kebkim
Highly Voted 2 years, 2 months agomarkymark874
Highly Voted 1 year, 11 months ago[Removed]
Most Recent 6 months agoslacker_at_work
9 months, 3 weeks agoeearmani
11 months, 1 week ago