A developer is refining a service for user record retrieval across several departments. The team seeks to prevent unauthorized access and wants to make sure each request returns data only associated with the requester. Which measure is recommended to help avoid unapproved record exposure?
Enable calls from all domains without origin validation to accommodate flexible data sharing
Use tokens tied to each user that are validated on each request for data ownership checks
Adopt a design with no awareness of who is requesting data for next-level performance
Store every response in a shared cache for faster loading of subsequent user requests
User-specific tokens that are verified during each call establish proper ownership checks before returning any record. This aligns credential validation with each request to ensure a user only retrieves data related to that profile. Caching every response does not address different ownership splits and can inadvertently expose personal information across sessions. Relying on endpoints that do not consider user identity bypasses the security requirement. Accepting requests across any domain without restrictions ignores vital origin controls that can drastically broaden the attack surface.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are user-specific tokens, and how do they work?
Open an interactive chat with Bash
Why is caching responses a security risk in this scenario?
Open an interactive chat with Bash
What is origin validation, and why is it important?