SOFTWARE ENGINEERING

SOFTWARE ENGINEERING TOOLS AND ENVIRONMENTS

AUTOMATED TESTING TOOLS

Please wait while the activity loads.
If this activity does not load, try refreshing your browser. Also, this page requires javascript. Please visit using a browser with javascript enabled.

If loading fails, click here to try again

Question [CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]

How can an API gateway be used to improve the security of an API?

A	By serving as a single point of entry for all API requests, allowing for centralized security measures such as authentication and authorization
B	By randomly generating new security measures for each API request
C	By disabling all security measures to improve performance
D	API gateway should not be used for improving security. This responsibility should be under the backends that API proxies to.

Explanation:

Detailed explanation-1: -At a high level, an API gateway: Authorizes and authenticates: Ensures secure access to APIs and who (authorize) can call APIs. Controls traffic: Throttling API traffic to avoid denial of service attacks-for example, order status API can be called a maximum of 10 times in a minute.

Detailed explanation-2: -API Gateway supports multiple authentication methods that are suited to different applications and use cases. API Gateway uses the authentication method that you specify in your service configuration to validate incoming requests before passing them to your API backend.

Detailed explanation-3: -Always use TLS Every web API should use TLS (Transport Layer Security). TLS protects the information your API sends (and the information that users send to your API) by encrypting your messages while they’re in transit. You might know TLS by its predecessor’s name, SSL.

There is 1 question to complete.