CDPSE · Question #334
Which of the following is the BEST way to mitigate privacy risk associated with application programming interfaces (APIs)?
The correct answer is D. Ensure APIs are included in the scope of the vulnerability management program. APIs are a common attack surface for unauthorized data access and personal data exposure. Including APIs in the vulnerability management program ensures they are regularly scanned, assessed, patched, and monitored for security weaknesses on an ongoing basis - addressing both know
Question
Which of the following is the BEST way to mitigate privacy risk associated with application programming interfaces (APIs)?
Options
- AActive monitoring of API schema changes
- BUse only APIs that are developed internally by the organization
- CDocument dependency usage of all APIs.
- DEnsure APIs are included in the scope of the vulnerability management program
How the community answered
(26 responses)- A4% (1)
- B8% (2)
- C4% (1)
- D85% (22)
Explanation
APIs are a common attack surface for unauthorized data access and personal data exposure. Including APIs in the vulnerability management program ensures they are regularly scanned, assessed, patched, and monitored for security weaknesses on an ongoing basis - addressing both known and emerging threats. Monitoring schema changes (A) is useful but narrow. Using only internal APIs (B) is impractical and still does not protect against vulnerabilities. Documenting dependency usage (C) is a good governance practice but does not actively reduce risk.
Topics
Community Discussion
No community discussion yet for this question.