nerdexam
Isaca

CDPSE · Question #334

Which of the following is the BEST way to mitigate privacy risk associated with application programming interfaces (APIs)?

The correct answer is D. Ensure APIs are included in the scope of the vulnerability management program. APIs are a common attack surface for unauthorized data access and personal data exposure. Including APIs in the vulnerability management program ensures they are regularly scanned, assessed, patched, and monitored for security weaknesses on an ongoing basis - addressing both know

Privacy Architecture

Question

Which of the following is the BEST way to mitigate privacy risk associated with application programming interfaces (APIs)?

Options

  • AActive monitoring of API schema changes
  • BUse only APIs that are developed internally by the organization
  • CDocument dependency usage of all APIs.
  • DEnsure APIs are included in the scope of the vulnerability management program

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    8% (2)
  • C
    4% (1)
  • D
    85% (22)

Explanation

APIs are a common attack surface for unauthorized data access and personal data exposure. Including APIs in the vulnerability management program ensures they are regularly scanned, assessed, patched, and monitored for security weaknesses on an ongoing basis - addressing both known and emerging threats. Monitoring schema changes (A) is useful but narrow. Using only internal APIs (B) is impractical and still does not protect against vulnerabilities. Documenting dependency usage (C) is a good governance practice but does not actively reduce risk.

Topics

#API Security#Privacy Risk Mitigation#Vulnerability Management#Application Security

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice