Correct Answer: SLA-based rate limiting
*****************************************
>> Client Id enforement policy is a "Compliance" related NFR and does not help in maintaining the
"Quality of Service (QoS)". It CANNOT and NOT meant for protecting the backend systems from
scalability challenges.
>> IP Whitelisting and OAuth 2.0 token enforcement are "Security" related NFRs and again does not
help in maintaining the "Quality of Service (QoS)". They CANNOT and are NOT meant for protecting
the backend systems from scalability challenges.
Rate Limiting, Rate Limiting-SLA, Throttling, Spike Control are the policies that are "Quality of Service
(QOS)" related NFRs and are meant to help in protecting the backend systems from getting
overloaded.
https://dzone.com/articles/how-to-secure-apis
