Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Certified Information Systems Security Professional (CISSP) Exam Guide

You're reading from   Certified Information Systems Security Professional (CISSP) Exam Guide Become a certified CISSP professional with practical exam-oriented knowledge of all eight domains

Arrow left icon
Product type Paperback
Published in Sep 2024
Publisher Packt
ISBN-13 9781800567610
Length 526 pages
Edition 1st Edition
Arrow right icon
Authors (3):
Arrow left icon
Ted Jordan Ted Jordan
Author Profile Icon Ted Jordan
Ted Jordan
Ric Daza Ric Daza
Author Profile Icon Ric Daza
Ric Daza
Hinne Hettema Hinne Hettema
Author Profile Icon Hinne Hettema
Hinne Hettema
Arrow right icon
View More author details
Toc

Table of Contents (28) Chapters Close

Preface 1. Intro I: Becoming a CISSP FREE CHAPTER 2. Intro II: Pre-Assessment Test 3. Chapter 1: Ethics, Security Concepts, and Governance Principles 4. Chapter 2: Compliance, Regulation, and Investigations 5. Chapter 3: Security Policies and Business Continuity 6. Chapter 4: Risk Management, Threat Modeling, SCRM, and SETA 7. Chapter 5: Asset and Privacy Protection 8. Chapter 6: Information and Asset Handling 9. Chapter 7: Secure Design Principles and Controls 10. Chapter 8: Architecture Vulnerabilities and Cryptography 11. Chapter 9: Facilities and Physical Security 12. Chapter 10: Network Architecture Security 13. Chapter 11: Securing Communication Channels 14. Chapter 12: Identity, Access Management, and Federation 15. Chapter 13: Identity Management Implementation 16. Chapter 14: Designing and Conducting Security Assessments 17. Chapter 15: Designing and Conducting Security Testing 18. Chapter 16: Planning for Security Operations 19. Chapter 17: Security Operations 20. Chapter 18: Disaster Recovery 21. Chapter 19: Business Continuity, Personnel, and Physical Security 22. Chapter 20: Software Development Life Cycle Security 23. Chapter 21: Software Development Security Controls 24. Chapter 22: Securing Software Development 25. Chapter 23: Secure Coding Guidelines, Third-Party Software, and Databases 26. Chapter 24: Accessing the Online Practice Resources 27. Other Books You May Enjoy

Security of APIs

Modern websites employ detailed controls, often interacting with multiple web services such as online payment processors, social media platforms, and shipping providers. To smooth these communications, allow apps to directly talk to each other via function calls.

Think of an API as a special phone line directly connected to a service’s “brain.” By using the right codes (called function calls), you can make the service do things such as post updates on social media or check product availability. For example, you might have a system automating orders from a third party. The third party will set up an API for their inventory system and provide the documentation telling you how to code requests, as well as a key or token to use when making the request. The following is an example. GET is the method used to make a request. 12345 is the product code and /availability is the request to check whether the product is in stock. YOUR_ACCESS_TOKEN is the...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image