Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 131

An API developer is improving an application code to prevent DDoS attacks. The solution needs to accommodate instances of a large number of API requests coming for legitimate purposes from trustworthy services. Which solution should be implemented?

Answer options

• A. Restrict the number of requests based on a calculation of daily averages. If the limit is exceeded, temporarily block access from the IP address and return a 402 HTTP error code.
• B. Implement REST API Security Essentials solution to automatically mitigate limit exhaustion. If the limit is exceeded, temporarily block access from the service and return a 409 HTTP error code.
• C. Increase a limit of replies in a given interval for each API. If the limit is exceeded, block access from the API key permanently and return a 450 HTTP error code.
• D. Apply a limit to the number of requests in a given time interval for each API. If the rate is exceeded, block access from the API key temporarily and return a 429 HTTP error code.

Correct answer: D

Explanation

Option D is correct because it allows for a controlled number of requests within a specified interval, which helps prevent DDoS attacks while accommodating legitimate traffic. The other options either block access permanently, return incorrect HTTP codes, or do not adequately implement rate limiting, which is essential for protecting the API from abuse.