Susan provides a public RESTful API for her organization's data but wants to limit its use to trusted partners. She intends to use API keys. What other recommendation would you give Susan to limit the potential abuse of the service?
Limit request rates
Force HTTP-only requests
Avoid tokens due to bandwidth constraints
Blacklist HTTP methods such as GET, ...
Get (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.