nerdexam
Cisco

350-401 · Question #1059

Which security option protects credentials from sniffer attacks in a basicAPI authentication?

The correct answer is B. TLS or SSL for communication. To protect credentials from sniffer attacks during basic API authentication, utilizing TLS or SSL encrypts the communication channel, making any intercepted data unreadable.

Submitted by renata2k· Mar 6, 2026Security

Question

Which security option protects credentials from sniffer attacks in a basicAPI authentication?

Options

  • Anext-generation firewall
  • BTLS or SSL for communication
  • CVPN connection between client and server
  • DAAA services to authenticate the API

How the community answered

(41 responses)
  • B
    95% (39)
  • C
    2% (1)
  • D
    2% (1)

Why each option

To protect credentials from sniffer attacks during basic API authentication, utilizing TLS or SSL encrypts the communication channel, making any intercepted data unreadable.

Anext-generation firewall

A next-generation firewall offers various security functions such as intrusion prevention and application control, but it does not inherently encrypt the data in transit between endpoints to protect credentials from sniffer attacks.

BTLS or SSL for communicationCorrect

TLS (Transport Layer Security) or its predecessor SSL (Secure Sockets Layer) encrypts the entire communication session between the API client and server. This ensures that even if network traffic containing authentication credentials is intercepted by a sniffer, the data remains encrypted and unreadable.

CVPN connection between client and server

While a VPN creates an encrypted tunnel for network traffic, using TLS/SSL directly on the API communication provides application-layer encryption, which is the most direct and universally applicable method for protecting credentials specifically sent with basic API authentication.

DAAA services to authenticate the API

AAA services are responsible for authenticating, authorizing, and accounting for user access, but they do not provide encryption for the credentials themselves during transmission across the network.

Concept tested: API security best practices (TLS/SSL for data in transit)

Source: https://developer.cisco.com/docs/api-security-guide/

Topics

#TLS#SSL#API security#credential protection

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice