New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

MuleSoft MCPA-Level-1 MuleSoft Certified Platform Architect - Level 1 Exam Practice Test

Page: 1 / 15
Total 152 questions

MuleSoft Certified Platform Architect - Level 1 Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

Which layer in the API-led connectivity focuses on unlocking key systems, legacy systems, data sources etc and exposes the functionality?

Options:

A.

Experience Layer

B.

Process Layer

C.

System Layer

Question 2

What is true about API implementations when dealing with legal regulations that require all data processing to be performed within a certain jurisdiction (such as in the USA or the EU)?

Options:

A.

They must avoid using the Object Store as it depends on services deployed ONLY to the US East region

B.

They must use a Jurisdiction-local external messaging system such as Active MQ rather than Anypoint MQ

C.

They must te deployed to Anypoint Platform runtime planes that are managed by Anypoint Platform control planes, with both planes in the same Jurisdiction

D.

They must ensure ALL data is encrypted both in transit and at rest

Question 3

What Mule application can have API policies applied by

Anypoint Platform to the endpoint exposed by that Mule application?

A)A Mule application that accepts requests over HTTP/1.x

B)A Mule application that accepts JSON requests over TCP but is NOT required to provide a response

C)A Mute application that accepts JSON requests over WebSocket

D)A Mule application that accepts gRPC requests over HTTP/2

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 4

When using CloudHub with the Shared Load Balancer, what is managed EXCLUSIVELY by the API implementation (the Mule application) and NOT by Anypoint Platform?

Options:

A.

The assignment of each HTTP request to a particular CloudHub worker

B.

The logging configuration that enables log entries to be visible in Runtime Manager

C.

The SSL certificates used by the API implementation to expose HTTPS endpoints

D.

The number of DNS entries allocated to the API implementation

Question 5

What are 4 important Platform Capabilities offered by Anypoint Platform?

Options:

A.

API Versioning, API Runtime Execution and Hosting, API Invocation, API Consumer Engagement

B.

API Design and Development, API Runtime Execution and Hosting, API Versioning, API Deprecation

C.

API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement

D.

API Design and Development, API Deprecation, API Versioning, API Consumer Engagement

Question 6

A company has started to create an application network and is now planning to implement a Center for Enablement (C4E) organizational model. What key factor would lead the company to decide upon a federated rather than a centralized C4E?

Options:

A.

When there are a large number of existing common assets shared by development teams

B.

When various teams responsible for creating APIs are new to integration and hence need extensive training

C.

When development is already organized into several independent initiatives or groups

D.

When the majority of the applications in the application network are cloud based

Question 7

In an organization, the InfoSec team is investigating Anypoint Platform related data traffic.

From where does most of the data available to Anypoint Platform for monitoring and alerting originate?

Options:

A.

From the Mule runtime or the API implementation, depending on the deployment model

B.

From various components of Anypoint Platform, such as the Shared Load Balancer, VPC, and Mule runtimes

C.

From the Mule runtime or the API Manager, depending on the type of data

D.

From the Mule runtime irrespective of the deployment model

Question 8

The implementation of a Process API must change.

What is a valid approach that minimizes the impact of this change on API clients?

Options:

A.

Update the RAML definition of the current Process API and notify API client developers by sending them links to the updated RAML definition

B.

Postpone changes until API consumers acknowledge they are ready to migrate to a new Process API or API version

C.

Implement required changes to the Process API implementation so that whenever possible, the Process API's RAML definition remains unchanged

D.

Implement the Process API changes in a new API implementation, and have the old API implementation return an HTTP status code 301 - Moved Permanently to inform API clients they should be calling the new API implementation

Question 9

A retail company is using an Order API to accept new orders. The Order API uses a JMS queue to submit orders to a backend order management service. The normal load for orders is being handled using two (2) CloudHub workers, each configured with 0.2 vCore. The CPU load of each CloudHub worker normally runs well below 70%. However, several times during the year the Order API gets four times (4x) the average number of orders. This causes the CloudHub worker CPU load to exceed 90% and the order submission time to exceed 30 seconds. The cause, however, is NOT the backend order management service, which still responds fast enough to meet the response SLA for the Order API. What is the MOST resource-efficient way to configure the Mule application's CloudHub deployment to help the company cope with this performance challenge?

Options:

A.

Permanently increase the size of each of the two (2) CloudHub workers by at least four times (4x) to one (1) vCore

B.

Use a vertical CloudHub autoscaling policy that triggers on CPU utilization greater than 70%

C.

Permanently increase the number of CloudHub workers by four times (4x) to eight (8) CloudHub workers

D.

Use a horizontal CloudHub autoscaling policy that triggers on CPU utilization greater than 70%

Question 10

Say, there is a legacy CRM system called CRM-Z which is offering below functions:

1. Customer creation

2. Amend details of an existing customer

3. Retrieve details of a customer

4. Suspend a customer

Options:

A.

Implement a system API named customerManagement which has all the functionalities wrapped in it as various operations/resources

B.

Implement different system APIs named createCustomer, amendCustomer, retrieveCustomer and suspendCustomer as they are modular and has seperation of concerns

C.

Implement different system APIs named createCustomerInCRMZ, amendCustomerInCRMZ, retrieveCustomerFromCRMZ and suspendCustomerInCRMZ as they are modular and has seperation of concerns

Question 11

Mule applications that implement a number of REST APIs are deployed to their own subnet that is inaccessible from outside the organization.

External business-partners need to access these APIs, which are only allowed to be invoked from a separate subnet dedicated to partners - called Partner-subnet. This subnet is accessible from the public internet, which allows these external partners to reach it.

Anypoint Platform and Mule runtimes are already deployed in Partner-subnet. These Mule runtimes can already access the APIs.

What is the most resource-efficient solution to comply with these requirements, while having the least impact on other applications that are currently using the APIs?

Options:

A.

Implement (or generate) an API proxy Mule application for each of the APIs, then deploy the API proxies to the Mule runtimes

B.

Redeploy the API implementations to the same servers running the Mule runtimes

C.

Add an additional endpoint to each API for partner-enablement consumption

D.

Duplicate the APIs as Mule applications, then deploy them to the Mule runtimes

Question 12

Select the correct Owner-Layer combinations from below options

Options:

A.

1. App Developers owns and focuses on Experience Layer APIs

2. Central IT owns and focuses on Process Layer APIs

3. LOB IT owns and focuses on System Layer APIs

B.

1. Central IT owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. App Developers owns and focuses on System Layer APIs

C.

1. App Developers owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. Central IT owns and focuses on System Layer APIs

Question 13

Due to a limitation in the backend system, a system API can only handle up to 500 requests per second. What is the best type of API policy to apply to the system API to avoid overloading the backend system?

Options:

A.

Rate limiting

B.

HTTP caching

C.

Rate limiting - SLA based

D.

Spike control

Question 14

What is the most performant out-of-the-box solution in Anypoint Platform to track transaction state in an asynchronously executing long-running process implemented as a Mule application deployed to multiple CloudHub workers?

Options:

A.

Redis distributed cache

B.

java.util.WeakHashMap

C.

Persistent Object Store

D.

File-based storage

Question 15

A company has created a successful enterprise data model (EDM). The company is committed to building an application network by adopting modern APIs as a core enabler of the company's IT operating model. At what API tiers (experience, process, system) should the company require reusing the EDM when designing modern API data models?

Options:

A.

At the experience and process tiers

B.

At the experience and system tiers

C.

At the process and system tiers

D.

At the experience, process, and system tiers

Question 16

Refer to the exhibit.

What is a valid API in the sense of API-led connectivity and application networks?

A)Java RMI over TCP

B)Java RMI over TCP

C)CORBA over HOP

D)XML over UDP

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 17

What CANNOT be effectively enforced using an API policy in Anypoint Platform?

Options:

A.

Guarding against Denial of Service attacks

B.

Maintaining tamper-proof credentials between APIs

C.

Logging HTTP requests and responses

D.

Backend system overloading

Question 18

An organization uses various cloud-based SaaS systems and multiple on-premises systems. The on-premises systems are an important part of the organization's application network and can only be accessed from within the organization's intranet.

What is the best way to configure and use Anypoint Platform to support integrations with both the cloud-based SaaS systems and on-premises systems?

A) Use CloudHub-deployed Mule runtimes in an Anypoint VPC managed by Anypoint Platform Private Cloud Edition control plane

B)Use CloudHub-deployed Mule runtimes in the shared worker cloud managed by the MuleSoft-hosted Anypoint Platform control plane

C)Use an on-premises installation of Mule runtimes that are completely isolated with NO external network access, managed by the Anypoint Platform Private Cloud Edition control plane

D)Use a combination of Cloud Hub-deployed and manually provisioned on-premises Mule runtimes managed by the MuleSoft-hosted Anypoint Platform control plane

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 19

What should be ensured before sharing an API through a public Anypoint Exchange portal?

Options:

A.

The visibility level of the API instances of that API that need to be publicly accessible should be set to public visibility

B.

The users needing access to the API should be added to the appropriate role in Anypoint Platform

C.

The API should be functional with at least an initial implementation deployed and accessible for users to interact with

D.

The API should be secured using one of the supported authentication/authorization mechanisms to ensure that data is not compromised

Question 20

Question 10: Skipped

An API implementation returns three X-RateLimit-* HTTP response headers to a requesting API client. What type of information do these response headers indicate to the API client?

Options:

A.

The error codes that result from throttling

B.

A correlation ID that should be sent in the next request

C.

The HTTP response size

D.

The remaining capacity allowed by the API implementation

Question 21

Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.

What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?

Options:

A.

Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users

B.

Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials

C.

Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist

D.

Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server

Question 22

Traffic is routed through an API proxy to an API implementation. The API proxy is managed by API Manager and the API implementation is deployed to a CloudHub VPC using Runtime Manager. API policies have been applied to this API. In this deployment scenario, at what point are the API policies enforced on incoming API client requests?

Options:

A.

At the API proxy

B.

At the API implementation

C.

At both the API proxy and the API implementation

D.

At a MuleSoft-hosted load balancer

Question 23

An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.

The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.

What out-of-the-box Anypoint Platform policy can address exposure to this threat?

Options:

A.

Shut out bad actors by using HTTPS mutual authentication for all API invocations

B.

Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors

C.

Apply a Header injection and removal policy that detects the malicious data before it is used

D.

Apply a JSON threat protection policy to all APIs to detect potential threat vectors

Question 24

What is true about automating interactions with Anypoint Platform using tools such as Anypoint Platform REST APIs, Anypoint CU, or the Mule Maven plugin?

Options:

A.

Access to Anypoint Platform APIs and Anypoint CU can be controlled separately through the roles and permissions in Anypoint Platform, so that specific users can get access to Anypoint CLI white others get access to the platform APIs

B.

Anypoint Platform APIs can ONLY automate interactions with CloudHub, while the Mule Maven plugin is required for deployment to customer-hosted Mule runtimes

C.

By default, the Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications

D.

API policies can be applied to the Anypoint Platform APIs so that ONLY certain LOBs have access to specific functions

Question 25

An organization wants to make sure only known partners can invoke the organization's APIs. To achieve this security goal, the organization wants to enforce a Client ID Enforcement policyin API Manager so that only registered partner applications can invoke the organization's APIs. In what type of API implementation does MuleSoft recommend adding an API proxy to enforce the Client ID Enforcement policy, rather than embedding the policy directly in the application's JVM?

Options:

A.

A Mule 3 application using APIkit

B.

A Mule 3 or Mule 4 application modified with custom Java code

C.

A Mule 4 application with an API specification

D.

A Non-Mule application

Question 26

A company wants to move its Mule API implementations into production as quickly as possible. To protect access to all Mule application data and metadata, the company requires that all Mule applications be deployed to the company's customer-hosted infrastructure within the corporate firewall. What combination of runtime plane and control plane options meets these project lifecycle goals?

Options:

A.

Manually provisioned customer-hosted runtime plane and customer-hosted control plane

B.

MuleSoft-hosted runtime plane and customer-hosted control plane

C.

Manually provisioned customer-hosted runtime plane and MuleSoft-hosted control plane

D.

iPaaS provisioned customer-hosted runtime plane and MuleSoft-hosted control plane

Question 27

A system API has a guaranteed SLA of 100 ms per request. The system API is deployed to a primary environment as well as to a disaster recovery (DR) environment, with different DNS names in each environment. An upstream process API invokes the system API and the main goal of this process API is to respond to client requests in the least possible time. In what order should the system APIs be invoked, and what changes should be made in order to speed up the response time for requests from the process API?

Options:

A.

In parallel, invoke the system API deployed to the primary environment and the system API deployed to the DR environment, and ONLY use the first response

B.

In parallel, invoke the system API deployed to the primary environment and the system API deployed to the DR environment using a scatter-gather configured with a timeout, and then merge the responses

C.

Invoke the system API deployed to the primary environment, and if it fails, invoke the system API deployed to the DR environment

D.

Invoke ONLY the system API deployed to the primary environment, and add timeout and retry logic to avoid intermittent failures

Question 28

What Mule application deployment scenario requires using Anypoint Platform Private Cloud Edition or Anypoint Platform for Pivotal Cloud Foundry?

Options:

A.

When it Is required to make ALL applications highly available across multiple data centers

B.

When it is required that ALL APIs are private and NOT exposed to the public cloud

C.

When regulatory requirements mandate on-premises processing of EVERY data item, including meta-data

D.

When ALL backend systems in the application network are deployed in the organization's intranet

Page: 1 / 15
Total 152 questions