Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 715

Which security actions must be implemented to prevent an API injection attack?

Answer options

• A. Log and monitor failed attempts.
• B. Use password hash with biometric authentication.
• C. Validate, filter, and sanitize all incoming data.
• D. Use short-lived access tokens and authenticate the apps.

Correct answer: C

Explanation

Option C is correct because validating, filtering, and sanitizing incoming data directly addresses the risk of API injection attacks by ensuring that only safe and expected data is processed. Options A, B, and D, while useful for overall security, do not specifically mitigate the risks associated with injection vulnerabilities.