To secure REST APIs, a network administrator should ensure that user sessions are authenticated and that the appropriate privilege level is provided for each user. This means that each API request should come with authentication credentials, and the server should validate these credentials for every request. This approach helps to maintain the stateless nature of REST APIs and ensures that only authorized users can access or modify resources. References: Best practices for securing REST APIs include using HTTPS, token-based authentication, and proper validation of input parameters to prevent common security vulnerabilities.