nerdexam
Cisco

350-401 · Question #277

What is used to validate the authenticity of client and is sent in HTTP requests as a JSON object?

The correct answer is C. JWT. JWT for Client Authentication JWT (JSON Web Token) is correct because it is specifically designed to validate client authenticity by transmitting claims as a JSON object encoded in a compact, URL-safe format. JWTs are sent within HTTP request headers (typically as a Bearer token)

Submitted by satoshi_tk· Mar 6, 2026Security

Question

What is used to validate the authenticity of client and is sent in HTTP requests as a JSON object?

Options

  • ASSH
  • BHTTPS
  • CJWT
  • DTLS

How the community answered

(39 responses)
  • A
    3% (1)
  • B
    5% (2)
  • C
    90% (35)
  • D
    3% (1)

Explanation

JWT for Client Authentication

JWT (JSON Web Token) is correct because it is specifically designed to validate client authenticity by transmitting claims as a JSON object encoded in a compact, URL-safe format. JWTs are sent within HTTP request headers (typically as a Bearer token) and contain digitally signed data that servers can verify without storing session state.

Why the distractors are wrong:

  • SSH (A) is a network protocol for secure remote access/command execution - it doesn't operate within HTTP requests
  • HTTPS (B) is a secure communication protocol for encrypting HTTP traffic, not a token format for client authentication
  • TLS (D) is the underlying encryption protocol that powers HTTPS - it secures the transport layer but doesn't itself carry JSON authentication data

Memory Tip: Think of the acronym - JWT = "JSON Web Token" - the word JSON is literally in the definition, matching the question's clue about "JSON object." If a question mentions JSON + HTTP + authentication, JWT is almost always the answer.

Topics

#JWT#Authentication#API Security#HTTP Security

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice