CompTIA CASP+ (CAS-004) — Question 42

A development team created a mobile application that contacts a company's back-end APIs housed in a PaaS environment. The APIs have been experiencing high processor utilization due to scraping activities. The security engineer needs to recommend a solution that will prevent and remedy the behavior.
Which of the following would BEST safeguard the APIs? (Choose two.)

Answer options

• A. Bot protection
• B. OAuth 2.0
• C. Input validation
• D. Autoscaling endpoints
• E. Rate limiting
• F. CSRF protection

Correct answer: A, E

Explanation

Bot protection (A) is effective in identifying and blocking automated scraping tools that can overload APIs. Rate limiting (E) helps control the number of requests from a single source, preventing excessive use and ensuring resources are available for legitimate users. The other options, while beneficial for security, do not directly address the issue of high processor utilization due to scraping.