Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 925

How can an engineer prevent basic replay attacks from people who try to brute force a system via REST API?

Answer options

• A. Add a timestamp to the request in the API header.
• B. Use a password hash.
• C. Add OAuth to the request in the API header.
• D. Use HTTPS.

Correct answer: A

Explanation

The correct answer is A, as adding a timestamp to the request helps ensure that each request is unique and can be validated against replay attempts. Options B and C, while contributing to security, do not specifically address replay attacks. Option D secures the communication channel but does not prevent replay attacks by itself.