A company plans to deploy the Postman application as a tool to manage network devices. Which two security related best practices should be considered? (Choose two.)

IT Questions BankCategory: CCNPA company plans to deploy the Postman application as a tool to manage network devices. Which two security related best practices should be considered? (Choose two.)

A company plans to deploy the Postman application as a tool to manage network devices. Which two security related best practices should be considered? (Choose two.)

  • An SSH connection should be used to connect to the Postman application.
  • User accesses must be authenticated to make API calls.
  • A dedicated instance for development should be used to ensure that device configurations are valid.
  • AAA service should be deployed for user authorization.
  • ACLs should be used to verify and filter different types of RUSTFul API calls.

Explanation: RESTful APIs are software interfaces into an application or a controller. For security considerations, access to APIs should require authentication such that an API is considered just like any other device to which a user needs to authenticate to gain access to utilize the APIs. A developer who is authenticated has access to making changes using the API, changes that can affect that application. It is best practice to use a dedicated development instance of the application to test change codes to avoid accidental impact to a production environment.

Exam with this question: CCNPv8 ENCOR (Version 8.0) - CCNP ENCOR (350-401) Certification Practice Exam

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments