Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Arcitura Education Exam S90.18 Topic 3 Question 110 Discussion

Actual exam question for Arcitura Education's S90.18 exam
Question #: 110
Topic #: 3
[All S90.18 Questions]

You are required to design an authorization mechanism for a REST service. The service provides functionality by providing access to different resources, some of which are local to the service while others are located on remote servers. You are required to restrict access to the service based on which resource is requested and which HTTP method has been specified by the service consumer. By doing so, which combination of action control rules needs to be used?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Johanna at Apr 06, 2025, 12:05 AM

Limited Time Offer

25%

Off

Get Premium S90.18 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Gregoria
1 months ago
I'm going with C. Resource and action. Keeps things simple and focused on the core of the authorization problem.
upvoted 0 times
Tammi
7 days ago
I see your point, but I still think C is more straightforward and effective in controlling access to the service.
upvoted 0 times
...
Dana
9 days ago
I disagree, I believe B is the best combination. Considering the environment along with the resource provides a more comprehensive approach to authorization.
upvoted 0 times
...
Dalene
10 days ago
I think C is the way to go too. It's important to focus on the specific resource and action being requested.
upvoted 0 times
...
...
Beula
1 months ago
Resource and action, for sure. Wouldn't want any unauthorized users messing with the remote servers, am I right?
upvoted 0 times
Yong
12 days ago
C) resource and action
upvoted 0 times
...
Marcelle
25 days ago
B) environment and resource
upvoted 0 times
...
Dong
27 days ago
A) identity and environment
upvoted 0 times
...
...
Susy
1 months ago
Haha, identity and environment? What is this, a spy thriller? C is the clear winner here, folks.
upvoted 0 times
...
Cordelia
2 months ago
I'm not sure, but I think D) action and identity could also be a valid combination to control access.
upvoted 0 times
...
Louvenia
2 months ago
I'd say B. Environment and resource seems like the logical choice here. The service needs to know the environment and what resources are available to properly restrict access.
upvoted 0 times
Brynn
1 months ago
I think C is also important. Knowing the resource and the action being requested is crucial for authorization.
upvoted 0 times
...
Cordell
1 months ago
I agree, B makes sense. The environment and resource are key factors in determining access control.
upvoted 0 times
...
...
Miesha
2 months ago
I agree with Beckie, because we need to restrict access based on the requested resource and HTTP method.
upvoted 0 times
...
Billye
2 months ago
Definitely C. Resource and action is the way to go for this authorization mechanism. Gotta control who can access what resources and how they can interact with them.
upvoted 0 times
...
Beckie
2 months ago
I think the answer is C) resource and action.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77