Download MuleSoft Certified Platform Architect - Level 1.MCPA-Level-1.VCEplus.2024-07-11.32q.tqb

Vendor: Mulesoft
Exam Code: MCPA-Level-1
Exam Name: MuleSoft Certified Platform Architect - Level 1
Date: Jul 11, 2024
File Size: 4 MB
Download Exam

How to open TQB files?

Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.

Download
Taurus Exam Studio

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
An organization makes a strategic decision to move towards an IT operating model that emphasizes consumption of reusable IT assets using modern APIs (as defined by MuleSoft).
What best describes each modern API in relation to this new IT operating model?
  1. Each modern API has its own software development lifecycle, which reduces the need for documentation and automation
  2. Each modem API must be treated like a product and designed for a particular target audience (for instance, mobile app developers)
  3. Each modern API must be easy to consume, so should avoid complex authentication mechanisms such as SAML or JWT D
  4. Each modern API must be REST and HTTP based
Correct answer: B
Explanation:
Answer:s:1. Each modern API must be treated like a product and designed for a particular target audience (for instance mobile app developers)  Bottom of FormTop of Form
Answer:s:1. Each modern API must be treated like a product and designed for a particular target audience (for instance mobile app developers)
  
Bottom of FormTop of Form
Question 2
When designing an upstream API and its implementation, the development team has been advised to NOT set timeouts when invoking a downstream API, because that downstream API has no SLA that can be relied upon.
This is the only downstream API dependency of that upstream API.
Assume the downstream API runs uninterrupted without crashing. What is the impact of this advice?
  1. An SLA for the upstream API CANNOT be provided
  2. The invocation of the downstream API will run to completion without timing out
  3. A default timeout of 500 ms will automatically be applied by the Mule runtime in which the upstream API implementation executes
  4. A toad-dependent timeout of less than 1000 ms will be applied by the Mule runtime in which the downstream API implementation executes
Correct answer: A
Explanation:
An SLA for the upstream API CANNOT be provided. >> First thing first, the default HTTP response timeout for HTTP connector is 10000 ms (10 seconds). NOT 500 ms.>> Mule runtime does NOT apply any such 'load-dependent' timeouts. There is no such behavior currently in Mule.>> As there is default 10000 ms time out for HTTP connector, we CANNOT always guarantee that the invocation of the downstream API will run to completion without timing out due to its unreliable SLA times. If the response time crosses 10 seconds then the request may time out.The main impact due to this is that a proper SLA for the upstream API CANNOT be provided.
An SLA for the upstream API CANNOT be provided. >> First thing first, the default HTTP response timeout for HTTP connector is 10000 ms (10 seconds). NOT 500 ms.>> Mule runtime does NOT apply any such 'load-dependent' timeouts. There is no such behavior currently in Mule.>> As there is default 10000 ms time out for HTTP connector, we CANNOT always guarantee that the invocation of the downstream API will run to completion without timing out due to its unreliable SLA times. If the response time crosses 10 seconds then the request may time out.The main impact due to this is that a proper SLA for the upstream API CANNOT be provided.
Question 3
What best explains the use of auto-discovery in API implementations?
  1. It makes API Manager aware of API implementations and hence enables it to enforce policies
  2. It enables Anypoint Studio to discover API definitions configured in Anypoint Platform
  3. It enables Anypoint Exchange to discover assets and makes them available for reuse
  4. It enables Anypoint Analytics to gain insight into the usage of APIs
Correct answer: A
Explanation:
It makes API Manager aware of API implementations and henceenables it to enforce policies. >> API Autodiscovery is a mechanism that manages an API from API Manager by pairing the deployed application to an API created on the platform.>> API Management includes tracking, enforcing policies if you apply any, and reporting API analytics.>> Critical to the Autodiscovery process is identifying the API by providing the API name and version.https://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concepthttps://docs.mulesoft.com/api-manager/1.x/api-auto-discoveryhttps://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concept
It makes API Manager aware of API implementations and henceenables it to enforce policies. >> API Autodiscovery is a mechanism that manages an API from API Manager by pairing the deployed application to an API created on the platform.>> API Management includes tracking, enforcing policies if you apply any, and reporting API analytics.>> Critical to the Autodiscovery process is identifying the API by providing the API name and version.
https://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concepthttps://docs.mulesoft.com/api-manager/1.x/api-auto-discoveryhttps://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concept
Question 4
What should be ensured before sharing an API through a public Anypoint Exchange portal?
  1. The visibility level of the API instances of that API that need to be publicly accessible should be set to public visibility
  2. The users needing access to the API should be added to the appropriate role in Anypoint Platform
  3. The API should be functional with at least an initial implementation deployed and accessible for users to interact with
  4. The API should be secured using one of the supported authentication/authorization mechanisms to ensure that data is not compromised
Correct answer: A
Explanation:
   The visibility level of the API instances of that API that need to bepublicly accessible should be set to public visibility. https://docs.mulesoft.com/exchange/to-share-api-asset-to-portal
  
 
The visibility level of the API instances of that API that need to bepublicly accessible should be set to public visibility. https://docs.mulesoft.com/exchange/to-share-api-asset-to-portal
Question 5
An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.
The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.
What out-of-the-box Anypoint Platform policy can address exposure to this threat?
  1. Shut out bad actors by using HTTPS mutual authentication for all API invocations
  2. Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors
  3. Apply a Header injection and removal policy that detects the malicious data before it is used
  4. Apply a JSON threat protection policy to all APIs to detect potential threat vectors
Correct answer: D
Explanation:
Apply a JSON threat protection policy to all APIs to detect potentialthreat vectors >> Usually, if the APIs are designed and developed for specific consumers (known consumers/customers) then we would IP Whitelist the same to ensure that traffic only comes from them.>> However, as this scenario states that the APIs are publicly available and being used by so many mobile and web applications, it is NOT possible to identify and blacklist all possible bad actors.>> So, JSON threat protection policy is the best chance to prevent any bad JSON payloads from such bad actors.
Apply a JSON threat protection policy to all APIs to detect potentialthreat vectors >> Usually, if the APIs are designed and developed for specific consumers (known consumers/customers) then we would IP Whitelist the same to ensure that traffic only comes from them.>> However, as this scenario states that the APIs are publicly available and being used by so many mobile and web applications, it is NOT possible to identify and blacklist all possible bad actors.>> So, JSON threat protection policy is the best chance to prevent any bad JSON payloads from such bad actors.
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!