Independence Day Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

MCPA-Level-1 Exam Dumps - MuleSoft Certified Platform Architect - Level 1

Question # 4

True or False. We should always make sure that the APIs being designed and developed are self-servable even if it needs more man-day effort and resources.

A.

FALSE

B.

TRUE

Full Access
Question # 5

Question 10: Skipped

An API implementation returns three X-RateLimit-* HTTP response headers to a requesting API client. What type of information do these response headers indicate to the API client?

A.

The error codes that result from throttling

B.

A correlation ID that should be sent in the next request

C.

The HTTP response size

D.

The remaining capacity allowed by the API implementation

Full Access
Question # 6

An organization is deploying their new implementation of the OrderStatus System API to multiple workers in CloudHub. This API fronts the organization's on-premises Order Management System, which is accessed by the API implementation over an IPsec tunnel.

What type of error typically does NOT result in a service outage of the OrderStatus System API?

A.

A CloudHub worker fails with an out-of-memory exception

B.

API Manager has an extended outage during the initial deployment of the API implementation

C.

The AWS region goes offline with a major network failure to the relevant AWS data centers

D.

The Order Management System is Inaccessible due to a network outage in the organization's on-premises data center

Full Access
Question # 7

A company uses a hybrid Anypoint Platform deployment model that combines the EU control plane with customer-hosted Mule runtimes. After successfully testing a Mule API implementation in the Staging environment, the Mule API implementation is set with environment-specific properties and must be promoted to the Production environment. What is a way that MuleSoft recommends to configure the Mule API implementation and automate its promotion to the Production environment?

A.

Bundle properties files for each environment into the Mule API implementation's deployable archive, then promote the Mule API implementation to the Production environment using Anypoint CLI or the Anypoint Platform REST APIsB.

B.

Modify the Mule API implementation's properties in the API Manager Properties tab, then promote the Mule API implementation to the Production environment using API Manager

C.

Modify the Mule API implementation's properties in Anypoint Exchange, then promote the Mule API implementation to the Production environment using Runtime Manager

D.

Use an API policy to change properties in the Mule API implementation deployed to the Staging environment and another API policy to deploy the Mule API implementation to the Production environment

Full Access
Question # 8

Once an API Implementation is ready and the API is registered on API Manager, who should request the access to the API on Anypoint Exchange?

A.

None

B.

Both

C.

API Client

D.

API Consumer

Full Access
Question # 9

What Anypoint Connectors support transactions?

A.

Database, JMS, VM

B.

Database, 3MS, HTTP

C.

Database, JMS, VM, SFTP

D.

Database, VM, File

Full Access
Question # 10

An API experiences a high rate of client requests (TPS) vwth small message paytoads. How can usage limits be imposed on the API based on the type of client application?

A.

Use an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type

B.

Use a spike control policy that limits the number of requests for each client application type

C.

Use a cross-origin resource sharing (CORS) policy to limit resource sharing between client applications, configured by the client application type

D.

Use a rate limiting policy and a client ID enforcement policy, each configured by the client application type

Full Access
Question # 11

Say, there is a legacy CRM system called CRM-Z which is offering below functions:

1. Customer creation

2. Amend details of an existing customer

3. Retrieve details of a customer

4. Suspend a customer

A.

Implement a system API named customerManagement which has all the functionalities wrapped in it as various operations/resources

B.

Implement different system APIs named createCustomer, amendCustomer, retrieveCustomer and suspendCustomer as they are modular and has seperation of concerns

C.

Implement different system APIs named createCustomerInCRMZ, amendCustomerInCRMZ, retrieveCustomerFromCRMZ and suspendCustomerInCRMZ as they are modular and has seperation of concerns

Full Access
Question # 12

An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.

The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.

What out-of-the-box Anypoint Platform policy can address exposure to this threat?

A.

Shut out bad actors by using HTTPS mutual authentication for all API invocations

B.

Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors

C.

Apply a Header injection and removal policy that detects the malicious data before it is used

D.

Apply a JSON threat protection policy to all APIs to detect potential threat vectors

Full Access
Question # 13

What is most likely NOT a characteristic of an integration test for a REST API implementation?

A.

The test needs all source and/or target systems configured and accessible

B.

The test runs immediately after the Mule application has been compiled and packaged

C.

The test is triggered by an external HTTP request

D.

The test prepares a known request payload and validates the response payload

Full Access
Question # 14

An Anypoint Platform organization has been configured with an external identity provider (IdP) for identity management and client management. What credentials or token must be provided to Anypoint CLI to execute commands against the Anypoint Platform APIs?

A.

The credentials provided by the IdP for identity management

B.

The credentials provided by the IdP for client management

C.

An OAuth 2.0 token generated using the credentials provided by the IdP for client management

D.

An OAuth 2.0 token generated using the credentials provided by the IdP for identity management

Full Access
Question # 15

An organization is implementing a Quote of the Day API that caches today's quote.

What scenario can use the GoudHub Object Store via the Object Store connector to persist the cache's state?

A.

When there are three CloudHub deployments of the API implementation to three separate CloudHub regions that must share the cache state

B.

When there are two CloudHub deployments of the API implementation by two Anypoint Platform business groups to the same CloudHub region that must share the cache state

C.

When there is one deployment of the API implementation to CloudHub and anottV deployment to a customer-hosted Mule runtime that must share the cache state

D.

When there is one CloudHub deployment of the API implementation to three CloudHub workers that must share the cache state

Full Access
Question # 16

An Order API must be designed that contains significant amounts of integration logic and involves the invocation of the Product API.

The power relationship between Order API and Product API is one of "Customer/Supplier", because the Product API is used heavily throughout the organization and is developed by a dedicated development team located in the office of the CTO.

What strategy should be used to deal with the API data model of the Product API within the Order API?

A.

Convince the development team of the Product API to adopt the API data model of the Order API such that the integration logic of the Order API can work with one consistent internal data model

B.

Work with the API data types of the Product API directly when implementing the integration logic of the Order API such that the Order API uses the same (unchanged) data types as the Product API

C.

Implement an anti-corruption layer in the Order API that transforms the Product API data model into internal data types of the Order API

D.

Start an organization-wide data modeling initiative that will result in an Enterprise Data Model that will then be used in both the Product API and the Order API

Full Access
Question # 17

What condition requires using a CloudHub Dedicated Load Balancer?

A.

When cross-region load balancing is required between separate deployments of the same Mule application

B.

When custom DNS names are required for API implementations deployed to customer-hosted Mule runtimes

C.

When API invocations across multiple CloudHub workers must be load balanced

D.

When server-side load-balanced TLS mutual authentication is required between API implementations and API clients

Full Access
Question # 18

A company requires Mule applications deployed to CloudHub to be isolated between non-production and production environments. This is so Mule applications deployed to non-production environments can only access backend systems running in their customer-hosted non-production environment, and so Mule applications deployed to production environments can only access backend systems running in their customer-hosted production environment. How does MuleSoft recommend modifying Mule applications, configuring environments, or changing infrastructure to support this type of per-environment isolation between Mule applications and backend systems?

A.

Modify properties of Mule applications deployed to the production Anypoint Platform environments to prevent access from non-production Mule applications

B.

Configure firewall rules in the infrastructure inside each customer-hosted environment so that only IP addresses from the corresponding Anypoint Platform environments are allowed to communicate with corresponding backend systems

C.

Create non-production and production environments in different Anypoint Platform business groups

D.

Create separate Anypoint VPCs for non-production and production environments, then configure connections to the backend systems in the corresponding customer-hosted environments

Full Access
Question # 19

A System API is designed to retrieve data from a backend system that has scalability challenges. What API policy can best safeguard the backend system?

A.

IPwhitelist

B.

SLA-based rate limiting

C.

Auth 2 token enforcement

D.

Client ID enforcement

Full Access
Question # 20

Refer to the exhibit. An organization needs to enable access to their customer data from both a mobile app and a web application, which each need access to common fields as well as certain unique fields.

The data is available partially in a database and partially in a 3rd-party CRM system.

What APIs should be created to best fit these design requirements?

A)A Process API that contains the data required by both the web and mobile apps, allowing these applications to invoke it directly and access the data they need thereby providing the flexibility to add more fields in the future without needing API changes

B)One set of APIs (Experience API, Process API, and System API) for the web app, and another set for the mobile app

C)Separate Experience APIs for the mobile and web app, but a common Process API that invokes separate System APIs created for the database and CRM system

D)A common Experience API used by both the web and mobile apps, but separate Process APIs for the web and mobile apps that interact with the database and the CRM System

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 21

What is true about the technology architecture of Anypoint VPCs?

A.

The private IP address range of an Anypoint VPC is automatically chosen by CloudHub

B.

Traffic between Mule applications deployed to an Anypoint VPC and on-premises systems can stay within a private network

C.

Each CloudHub environment requires a separate Anypoint VPC

D.

VPC peering can be used to link the underlying AWS VPC to an on-premises (non AWS) private network

Full Access
Question # 22

When designing an upstream API and its implementation, the development team has been advised to NOT set timeouts when invoking a downstream API, because that downstream API has no SLA that can be relied upon. This is the only downstream API dependency of that upstream API.

Assume the downstream API runs uninterrupted without crashing. What is the impact of this advice?

A.

An SLA for the upstream API CANNOT be provided

B.

The invocation of the downstream API will run to completion without timing out

C.

A default timeout of 500 ms will automatically be applied by the Mule runtime in which the upstream API implementation executes

D.

A toad-dependent timeout of less than 1000 ms will be applied by the Mule runtime in which the downstream API implementation executes

Full Access
Question # 23

A company has started to create an application network and is now planning to implement a Center for Enablement (C4E) organizational model. What key factor would lead the company to decide upon a federated rather than a centralized C4E?

A.

When there are a large number of existing common assets shared by development teams

B.

When various teams responsible for creating APIs are new to integration and hence need extensive training

C.

When development is already organized into several independent initiatives or groups

D.

When the majority of the applications in the application network are cloud based

Full Access
Question # 24

Refer to the exhibit.

What is a valid API in the sense of API-led connectivity and application networks?

A)Java RMI over TCP

B)Java RMI over TCP

C)CORBA over HOP

D)XML over UDP

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 25

An API client calls one method from an existing API implementation. The API implementation is later updated. What change to the API implementation would require the API client's invocation logic to also be updated?

A.

When the data type of the response is changed for the method called by the API client

B.

When a new method is added to the resource used by the API client

C.

When a new required field is added to the method called by the API client

D.

When a child method is added to the method called by the API client

Full Access
Question # 26

In an organization, the InfoSec team is investigating Anypoint Platform related data traffic.

From where does most of the data available to Anypoint Platform for monitoring and alerting originate?

A.

From the Mule runtime or the API implementation, depending on the deployment model

B.

From various components of Anypoint Platform, such as the Shared Load Balancer, VPC, and Mule runtimes

C.

From the Mule runtime or the API Manager, depending on the type of data

D.

From the Mule runtime irrespective of the deployment model

Full Access
Question # 27

A new upstream API Is being designed to offer an SLA of 500 ms median and 800 ms maximum (99th percentile) response time. The corresponding API implementation needs to sequentially invoke 3 downstream APIs of very similar complexity.

The first of these downstream APIs offers the following SLA for its response time: median: 100 ms, 80th percentile: 500 ms, 95th percentile: 1000 ms.

If possible, how can a timeout be set in the upstream API for the invocation of the first downstream API to meet the new upstream API's desired SLA?

A.

Set a timeout of 50 ms; this times out more invocations of that API but gives additional room for retries

B.

Set a timeout of 100 ms; that leaves 400 ms for the other two downstream APIs to complete

C.

No timeout is possible to meet the upstream API's desired SLA; a different SLA must be negotiated with the first downstream API or invoke an alternative API

D.

Do not set a timeout; the Invocation of this API Is mandatory and so we must wait until it responds

Full Access
Question # 28

What best explains the use of auto-discovery in API implementations?

A.

It makes API Manager aware of API implementations and hence enables it to enforce policies

B.

It enables Anypoint Studio to discover API definitions configured in Anypoint Platform

C.

It enables Anypoint Exchange to discover assets and makes them available for reuse

D.

It enables Anypoint Analytics to gain insight into the usage of APIs

Full Access