CiscoCisco
350-401 · Question #1067
350-401 Question #1067: Real Exam Question with Answer & Explanation
The correct answer is B: Use a password hash. To protect REST APIs, security best practices include using password hashing for stored credentials and employing SSL/TLS for encrypting data in transit.
Submitted by kavita_s· Mar 6, 2026Security
Question
Which two actions are recommended as security best practices to protect REST API? (Choose two.)
Options
- AEnable dual authentication of the session
- BUse a password hash
- CUse SSL for encryption
- DUse TACACS+ authentication
- EEnable out-of-band authentication
Explanation
To protect REST APIs, security best practices include using password hashing for stored credentials and employing SSL/TLS for encrypting data in transit.
Common mistakes.
- A. While multi-factor authentication is a strong security measure, 'dual authentication of the session' is not a standard or specific API security best practice term, and hashing and encryption are more fundamental.
- D. TACACS+ is an AAA protocol primarily used for authenticating, authorizing, and accounting device administration access (e.g., to routers/switches), not typically for securing application-level REST API endpoints.
- E. Out-of-band authentication is a method of multi-factor authentication, but password hashing and SSL/TLS for transport encryption are more universally applicable and fundamental best practices for REST API security.
Concept tested. REST API security best practices
Topics
#REST API security#SSL/TLS encryption#Password hashing
Community Discussion
No community discussion yet for this question.