Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Arcitura Education Exam S90.18 Topic 5 Question 113 Discussion

Actual exam question for Arcitura Education's S90.18 exam
Question #: 113
Topic #: 5
[All S90.18 Questions]

Service A requires self-signed digital certificates from all of its service consumers. The service and its service consumers both belong to the same organization. You are presented with a new requirement to only allow access to those service consumers with certificates that have not expired. How can this requirement be addressed with minimal impacts on the current security architecture?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Ciara at Jul 07, 2025, 02:58 AM

Limited Time Offer

25%

Off

Get Premium S90.18 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Pura
13 days ago
Ah, the old 'self-signed certificates in the same organization' trick. It's like they're trying to make this question as confusing as possible. I'm just going to go with the CRL option and call it a day.
upvoted 0 times
Dierdre
4 days ago
I think the CRL option is the way to go.
upvoted 0 times
...
...
Haydee
20 days ago
I'm not sure about either option. Maybe we should consider other alternatives.
upvoted 0 times
...
India
29 days ago
I disagree, I believe option B is the way to go. We need to have access to the CRL to check expiry dates.
upvoted 0 times
...
Dana
1 months ago
Haha, 'None of the above'? Well, that's a convenient answer. I guess the exam writers ran out of ideas and just threw that in as a catch-all.
upvoted 0 times
Leontine
12 days ago
Haha, yeah, 'None of the above' does seem like a bit of a cop-out.
upvoted 0 times
...
Casey
16 days ago
A) The current security mechanism already addresses this requirement because the certificates contain a value that represents the validity period.
upvoted 0 times
...
...
Brynn
1 months ago
I think option A is the best choice because the certificates already have the validity period.
upvoted 0 times
...
Bobbie
1 months ago
Using certificates is not a valid option? What is this, the dark ages? Everything runs on certificates these days. That's a bit of a stretch, don't you think?
upvoted 0 times
...
Zona
1 months ago
Ah, I see. We need to go the external CA route to get access to the CRL. Seems like a bit of a hassle, but I guess it's the most secure option.
upvoted 0 times
Joni
13 days ago
Ah, I see. We need to go the external CA route to get access to the CRL. Seems like a bit of a hassle, but I guess it's the most secure option.
upvoted 0 times
...
Jose
1 months ago
B) The certificates need to be signed by an external certificate authority so that the certificate authority's Certificate Revocation List (CRL) can be accessed in order to check the expiry dates of the certificates.
upvoted 0 times
...
Timmy
1 months ago
A) The current security mechanism already addresses this requirement because the certificates contain a value that represents the validity period.
upvoted 0 times
...
...
Benedict
2 months ago
The current security mechanism already addresses this requirement? Really? How can that be if we need to check for expired certificates? Sounds like a stretch to me.
upvoted 0 times
Jerry
13 days ago
A) I agree, the current security mechanism should already have a way to check for expired certificates. It's important to ensure the validity of the certificates.
upvoted 0 times
...
Silvana
17 days ago
B) The certificates need to be signed by an external certificate authority so that the certificate authority's Certificate Revocation List (CRL) can be accessed in order to check the expiry dates of the certificates.
upvoted 0 times
...
Luis
22 days ago
A) The current security mechanism already addresses this requirement because the certificates contain a value that represents the validity period.
upvoted 0 times
...
...

Save Cancel