New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

MuleSoft-Platform-Architect-I Questions and Answers

Question # 6

An Anypoint Platform organization has been configured with an external identity provider (IdP) for identity management and client management. What credentials or token must be provided to Anypoint CLI to execute commands against the Anypoint Platform APIs?

A.

The credentials provided by the IdP for identity management

B.

The credentials provided by the IdP for client management

C.

An OAuth 2.0 token generated using the credentials provided by the IdP for client management

D.

An OAuth 2.0 token generated using the credentials provided by the IdP for identity management

Full Access
Question # 7

What API policy would be LEAST LIKELY used when designing an Experience API that is intended to work with a consumer mobile phone or tablet application?

A.

OAuth 2.0 access token enforcement

B.

Client ID enforcement

C.

JSON threat protection

D.

IPwhitellst

Full Access
Question # 8

What is a key requirement when using an external Identity Provider for Client Management in Anypoint Platform?

A.

Single sign-on is required to sign in to Anypoint Platform

B.

The application network must include System APIs that interact with the Identity Provider

C.

To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider

D.

APIs managed by Anypoint Platform must be protected by SAML 2.0 policies

Full Access
Question # 9

An API implementation is updated. When must the RAML definition of the API also be updated?

A.

When the API implementation changes the structure of the request or response messages

B.

When the API implementation changes from interacting with a legacy backend system deployed on-premises to a modern, cloud-based (SaaS) system

C.

When the API implementation is migrated from an older to a newer version of the Mule runtime

D.

When the API implementation is optimized to improve its average response time

Full Access
Question # 10

A company has started to create an application network and is now planning to implement a Center for Enablement (C4E) organizational model. What key factor would lead the company to decide upon a federated rather than a centralized C4E?

A.

When there are a large number of existing common assets shared by development teams

B.

When various teams responsible for creating APIs are new to integration and hence need extensive training

C.

When development is already organized into several independent initiatives or groups

D.

When the majority of the applications in the application network are cloud based

Full Access
Question # 11

Traffic is routed through an API proxy to an API implementation. The API proxy is managed by API Manager and the API implementation is deployed to a CloudHub VPC using Runtime Manager. API policies have been applied to this API. In this deployment scenario, at what point are the API policies enforced on incoming API client requests?

A.

At the API proxy

B.

At the API implementation

C.

At both the API proxy and the API implementation

D.

At a MuleSoft-hosted load balancer

Full Access
Question # 12

Select the correct Owner-Layer combinations from below options

A.

1. App Developers owns and focuses on Experience Layer APIs

2. Central IT owns and focuses on Process Layer APIs

3. LOB IT owns and focuses on System Layer APIs

B.

1. Central IT owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. App Developers owns and focuses on System Layer APIs

C.

1. App Developers owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. Central IT owns and focuses on System Layer APIs

Full Access
Question # 13

A company uses a hybrid Anypoint Platform deployment model that combines the EU control plane with customer-hosted Mule runtimes. After successfully testing a Mule API implementation in the Staging environment, the Mule API implementation is set with environment-specific properties and must be promoted to the Production environment. What is a way that MuleSoft recommends to configure the Mule API implementation and automate its promotion to the Production environment?

A.

Bundle properties files for each environment into the Mule API implementation's deployable archive, then promote the Mule API implementation to the Production environment using Anypoint CLI or the Anypoint Platform REST APIsB.

B.

Modify the Mule API implementation's properties in the API Manager Properties tab, then promote the Mule API implementation to the Production environment using API Manager

C.

Modify the Mule API implementation's properties in Anypoint Exchange, then promote the Mule API implementation to the Production environment using Runtime Manager

D.

Use an API policy to change properties in the Mule API implementation deployed to the Staging environment and another API policy to deploy the Mule API implementation to the Production environment

Full Access
Question # 14

An API implementation is deployed on a single worker on CloudHub and invoked by external API clients (outside of CloudHub). How can an alert be set up that is guaranteed to trigger AS SOON AS that API implementation stops responding to API invocations?

A.

Implement a heartbeat/health check within the API and invoke it from outside the Anypoint Platform and alert when the heartbeat does not respond

B.

Configure a "worker not responding" alert in Anypoint Runtime Manager

C.

Handle API invocation exceptions within the calling API client and raise an alert from that API client when the API Is unavailable

D.

Create an alert for when the API receives no requests within a specified time period

Full Access
Question # 15

An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.

The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.

What out-of-the-box Anypoint Platform policy can address exposure to this threat?

A.

Shut out bad actors by using HTTPS mutual authentication for all API invocations

B.

Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors

C.

Apply a Header injection and removal policy that detects the malicious data before it is used

D.

Apply a JSON threat protection policy to all APIs to detect potential threat vectors

Full Access
Question # 16

What is a best practice when building System APIs?

A.

Document the API using an easily consumable asset like a RAML definition

B.

Model all API resources and methods to closely mimic the operations of the backend system

C.

Build an Enterprise Data Model (Canonical Data Model) for each backend system and apply it to System APIs

D.

Expose to API clients all technical details of the API implementation's interaction wifch the backend system

Full Access
Question # 17

What best explains the use of auto-discovery in API implementations?

A.

It makes API Manager aware of API implementations and hence enables it to enforce policies

B.

It enables Anypoint Studio to discover API definitions configured in Anypoint Platform

C.

It enables Anypoint Exchange to discover assets and makes them available for reuse

D.

It enables Anypoint Analytics to gain insight into the usage of APIs

Full Access
Question # 18

What correctly characterizes unit tests of Mule applications?

A.

They test the validity of input and output of source and target systems

B.

They must be run in a unit testing environment with dedicated Mule runtimes for the environment

C.

They must be triggered by an external client tool or event source

D.

They are typically written using MUnit to run in an embedded Mule runtime that does not require external connectivity

Full Access
Question # 19

An API client calls one method from an existing API implementation. The API implementation is later updated. What change to the API implementation would require the API client's invocation logic to also be updated?

A.

When the data type of the response is changed for the method called by the API client

B.

When a new method is added to the resource used by the API client

C.

When a new required field is added to the method called by the API client

D.

When a child method is added to the method called by the API client

Full Access
Question # 20

An API has been updated in Anypoint Exchange by its API producer from version 3.1.1 to 3.2.0 following accepted semantic versioning practices and the changes have been communicated via the API's public portal.

The API endpoint does NOT change in the new version.

How should the developer of an API client respond to this change?

A.

The update should be identified as a project risk and full regression testing of the functionality that uses this API should be run

B.

The API producer should be contacted to understand the change to existing functionality

C.

The API producer should be requested to run the old version in parallel with the new one

D.

The API client code ONLY needs to be changed if it needs to take advantage of new features

Full Access
Question # 21

What best describes the Fully Qualified Domain Names (FQDNs), also known as DNS entries, created when a Mule application is deployed to the CloudHub Shared Worker Cloud?

A.

A fixed number of FQDNs are created, IRRESPECTIVE of the environment and VPC design

B.

The FQDNs are determined by the application name chosen, IRRESPECTIVE of the region

C.

The FQDNs are determined by the application name, but can be modified by an administrator after deployment

D.

The FQDNs are determined by both the application name and the Anypoint Platform organization

Full Access
Question # 22

A Mule application exposes an HTTPS endpoint and is deployed to three CloudHub workers that do not use static IP addresses. The Mule application expects a high volume of client requests in short time periods. What is the most cost-effective infrastructure component that should be used to serve the high volume of client requests?

A.

A customer-hosted load balancer

B.

The CloudHub shared load balancer

C.

An API proxy

D.

Runtime Manager autoscaling

Full Access
Question # 23

Question 10: Skipped

An API implementation returns three X-RateLimit-* HTTP response headers to a requesting API client. What type of information do these response headers indicate to the API client?

A.

The error codes that result from throttling

B.

A correlation ID that should be sent in the next request

C.

The HTTP response size

D.

The remaining capacity allowed by the API implementation

Full Access
Question # 24

The application network is recomposable: it is built for change because it "bends but does not break"

A.

TRUE

B.

FALSE

Full Access
Question # 25

What is the main change to the IT operating model that MuleSoft recommends to organizations to improve innovation and clock speed?

A.

Drive consumption as much as production of assets; this enables developers to discover and reuse assets from other projects and encourages standardization

B.

Expose assets using a Master Data Management (MDM) system; this standardizes projects and enables developers to quickly discover and reuse assets from other projects

C.

Implement SOA for reusable APIs to focus on production over consumption; this standardizes on XML and WSDL formats to speed up decision making

D.

Create a lean and agile organization that makes many small decisions everyday; this speeds up decision making and enables each line of business to take ownership of its projects

Full Access
Question # 26

An organization has created an API-led architecture that uses various API layers to integrate mobile clients with a backend system. The backend system consists of a number of specialized components and can be accessed via a REST API. The process and experience APIs share the same bounded-context model that is different from the backend data model. What additional canonical models, bounded-context models, or anti-corruption layers are best added to this architecture to help process data consumed from the backend system?

A.

Create a bounded-context model for every layer and overlap them when the boundary contexts overlap, letting API developers know about the differences between upstream and downstream data models

B.

Create a canonical model that combines the backend and API-led models to simplify and unify data models, and minimize data transformations.

C.

Create a bounded-context model for the system layer to closely match the backend data model, and add an anti-corruption layer to let the different bounded contexts cooperate across the system and process layers

D.

Create an anti-corruption layer for every API to perform transformation for every data model to match each other, and let data simply travel between APIs to avoid the complexity and overhead of building canonical models

Full Access
Question # 27

What is true about the technology architecture of Anypoint VPCs?

A.

The private IP address range of an Anypoint VPC is automatically chosen by CloudHub

B.

Traffic between Mule applications deployed to an Anypoint VPC and on-premises systems can stay within a private network

C.

Each CloudHub environment requires a separate Anypoint VPC

D.

VPC peering can be used to link the underlying AWS VPC to an on-premises (non AWS) private network

Full Access
Question # 28

Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.

What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?

A.

Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users

B.

Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials

C.

Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist

D.

Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server

Full Access