New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Arcitura Education S90.18 Exam - Topic 3 Question 110 Discussion

Actual exam question for Arcitura Education's S90.18 exam
Question #: 110
Topic #: 3
[All S90.18 Questions]

You are required to design an authorization mechanism for a REST service. The service provides functionality by providing access to different resources, some of which are local to the service while others are located on remote servers. You are required to restrict access to the service based on which resource is requested and which HTTP method has been specified by the service consumer. By doing so, which combination of action control rules needs to be used?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Johanna at Apr 06, 2025, 12:05 AM

Limited Time Offer

25%

Off

Get Premium S90.18 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Dalene
2 months ago
Action and identity could work too, but not as effective.
upvoted 0 times
...
Tommy
2 months ago
I agree with Maile, resource and action makes the most sense.
upvoted 0 times
...
Davida
3 months ago
I think it's environment and resource, actually.
upvoted 0 times
...
Maile
3 months ago
Definitely resource and action! That's the key combo.
upvoted 0 times
...
Dudley
3 months ago
Wait, can we really restrict access like that? Seems tricky!
upvoted 0 times
...
Mi
3 months ago
I’m leaning towards environment and resource, but I’m not confident. It’s tricky because the HTTP method seems important too.
upvoted 0 times
...
Marylou
3 months ago
This question feels similar to one we practiced on role-based access control. I wonder if identity plays a bigger role here than I initially thought.
upvoted 0 times
...
Rasheeda
4 months ago
I think it might be resource and action since we need to control access based on the resource requested and the HTTP method.
upvoted 0 times
...
Ryan
4 months ago
I remember studying about access control models, but I'm not entirely sure which combination applies here.
upvoted 0 times
...
Tammy
4 months ago
This seems straightforward to me. The question is specifically asking about restricting access based on the resource and the HTTP method, so option C is the clear choice.
upvoted 0 times
...
Caren
4 months ago
I'm not entirely sure about this one. The environment and resource seem important, but the action and identity could also be relevant. I might need to think this through a bit more.
upvoted 0 times
...
Ernest
4 months ago
Okay, I think I've got this. The question is asking about restricting access based on the resource and the HTTP method, so the combination of resource and action is the way to go. Option C is the answer.
upvoted 0 times
...
Lynelle
5 months ago
Hmm, I'm a bit confused. Do I need to consider the identity of the user as well as the resource and action? Maybe option D would be better.
upvoted 0 times
...
Veronika
5 months ago
This looks like a classic access control problem. I think the key is to focus on the combination of resource and action, so I'll go with option C.
upvoted 0 times
...
Gregoria
10 months ago
I'm going with C. Resource and action. Keeps things simple and focused on the core of the authorization problem.
upvoted 0 times
Tammi
9 months ago
I see your point, but I still think C is more straightforward and effective in controlling access to the service.
upvoted 0 times
...
Dana
9 months ago
I disagree, I believe B is the best combination. Considering the environment along with the resource provides a more comprehensive approach to authorization.
upvoted 0 times
...
Dalene
9 months ago
I think C is the way to go too. It's important to focus on the specific resource and action being requested.
upvoted 0 times
...
...
Beula
10 months ago
Resource and action, for sure. Wouldn't want any unauthorized users messing with the remote servers, am I right?
upvoted 0 times
Yong
9 months ago
C) resource and action
upvoted 0 times
...
Marcelle
9 months ago
B) environment and resource
upvoted 0 times
...
Dong
9 months ago
A) identity and environment
upvoted 0 times
...
...
Susy
10 months ago
Haha, identity and environment? What is this, a spy thriller? C is the clear winner here, folks.
upvoted 0 times
...
Cordelia
10 months ago
I'm not sure, but I think D) action and identity could also be a valid combination to control access.
upvoted 0 times
...
Louvenia
10 months ago
I'd say B. Environment and resource seems like the logical choice here. The service needs to know the environment and what resources are available to properly restrict access.
upvoted 0 times
Brynn
10 months ago
I think C is also important. Knowing the resource and the action being requested is crucial for authorization.
upvoted 0 times
...
Cordell
10 months ago
I agree, B makes sense. The environment and resource are key factors in determining access control.
upvoted 0 times
...
...
Miesha
11 months ago
I agree with Beckie, because we need to restrict access based on the requested resource and HTTP method.
upvoted 0 times
...
Billye
11 months ago
Definitely C. Resource and action is the way to go for this authorization mechanism. Gotta control who can access what resources and how they can interact with them.
upvoted 0 times
...
Beckie
11 months ago
I think the answer is C) resource and action.
upvoted 0 times
...

Save Cancel