04-25-2022, 08:02 PM
(04-03-2022, 01:12 PM)malik Wrote: https://restfulapi.net/security-essentials/Please read the information carefully, double check all the answers or you will fail the exam. There are lot of tricky questions here, So many answers are wrong on this website.
Please verify and confirm.
Is it correct for exam and wrong for theory(and in real life). Then Cisco/Pearsonvue need to update before How2Pass and not the otherway round. Please see above link which ensures OAuth also used for security and fail safe default
Question is asking , What is one PRIMARY REST security design principle.
---
1. REST Security Design Principles
The paper [color=var(--accent)]“The Protection of Information in Computer Systems” by Jerome Saltzer and Michael Schroeder, put forth eight design principles for securing information in computer systems, as described in the following sections:[/color]
- Least Privilege: An entity should only have the required set of permissions to perform the actions for which they are authorized, and no more. Permissions can be added as needed and should be revoked when no longer in use.
- Fail-Safe Defaults: A user’s default access level to any resource in the system should be “denied” unless they’ve been granted a “permit” explicitly.