Which of the following is a method to protect sensitive integration operations in NetSuite?

Creating a web services-only user account is a method to protect sensitive integration operations in NetSuite. This approach ensures that integration processes can be executed securely without exposing broader user permissions. By utilizing a dedicated user account specifically for web services, you can control access strictly to the API functions and integrations required, reducing the risk associated with using a more general user account that might have elevated privileges.

This method enhances security because it allows for more granular control over the integrations. You can assign specific roles and permissions tailored to the needs of the integration, ensuring that only authorized actions can be performed under that account. Additionally, the usage of tokens for authentication instead of sharing standard login credentials promotes a better security posture.

In contrast, some of the other options present significant security risks. For example, utilizing the guest role for all transactions would potentially expose the system to unauthorized actions, as this role typically has very limited permissions and is not suited for sensitive operations. Sharing credentials with all users is inherently insecure, as it increases the risk of accounts being compromised. Disabling HTTP access to the service might prevent some access, but it doesn't inherently secure the integration; rather, it may limit functionality by restricting access protocols without addressing the underlying security requirements directly.