Pre-Winter Sale Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ex2p65

Exact2Pass Menu

Question # 4

What best describes the Fully Qualified Domain Names (FQDNs), also known as DNS entries, created when a Mule application is deployed to the CloudHub Shared Worker Cloud?

A.

A fixed number of FQDNs are created, IRRESPECTIVE of the environment and VPC design

B.

The FQDNs are determined by the application name chosen, IRRESPECTIVE of the region

C.

The FQDNs are determined by the application name, but can be modified by an administrator after deployment

D.

The FQDNs are determined by both the application name and the Anypoint Platform organization

Full Access
Question # 5

An organization has created an API-led architecture that uses various API layers to integrate mobile clients with a backend system. The backend system consists of a number of specialized components and can be accessed via a REST API. The process and experience APIs share the same bounded-context model that is different from the backend data model. What additional canonical models, bounded-context models, or anti-corruption layers are best added to this architecture to help process data consumed from the backend system?

A.

Create a bounded-context model for every layer and overlap them when the boundary contexts overlap, letting API developers know about the differences between upstream and downstream data models

B.

Create a canonical model that combines the backend and API-led models to simplify and unify data models, and minimize data transformations.

C.

Create a bounded-context model for the system layer to closely match the backend data model, and add an anti-corruption layer to let the different bounded contexts cooperate across the system and process layers

D.

Create an anti-corruption layer for every API to perform transformation for every data model to match each other, and let data simply travel between APIs to avoid the complexity and overhead of building canonical models

Full Access
Question # 6

Which of the following best fits the definition of API-led connectivity?

A.

API-led connectivity is not just an architecture or technology but also a way to organize people and processes for efficient IT delivery in the organization

B.

API-led connectivity is a 3-layered architecture covering Experience, Process and System layers

C.

API-led connectivity is a technology which enabled us to implement Experience, Process and System layer based APIs

Full Access
Question # 7

Once an API Implementation is ready and the API is registered on API Manager, who should request the access to the API on Anypoint Exchange?

A.

None

B.

Both

C.

API Client

D.

API Consumer

Full Access
Question # 8

What is a key requirement when using an external Identity Provider for Client Management in Anypoint Platform?

A.

Single sign-on is required to sign in to Anypoint Platform

B.

The application network must include System APIs that interact with the Identity Provider

C.

To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider

D.

APIs managed by Anypoint Platform must be protected by SAML 2.0 policies

Full Access
Question # 9

What Mule application can have API policies applied by

Anypoint Platform to the endpoint exposed by that Mule application?

A) A Mule application that accepts requests over HTTP/1.x

B) A Mule application that accepts JSON requests over TCP but is NOT required to provide a response

C) A Mute application that accepts JSON requests over WebSocket

D) A Mule application that accepts gRPC requests over HTTP/2

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 10

A REST API is being designed to implement a Mule application.

What standard interface definition language can be used to define REST APIs?

A.

Web Service Definition Language(WSDL)

B.

OpenAPI Specification (OAS)

C.

YAML

D.

AsyncAPI Specification

Full Access
Question # 11

How are an API implementation, API client, and API consumer combined to invoke and process an API?

A.

The API consumer creates an API implementation, which receives API invocations from an API such that they are processed for an API client

B.

The API client creates an API consumer, which receives API invocations from an API such that they are processed for an API implementation

C.

The ApI consumer creates an API client, which sends API invocations to an API such that they are processed by an API implementation

D.

The ApI client creates an API consumer, which sends API invocations to an API such that they are processed by an API implementation

Full Access
Question # 12

A retail company is using an Order API to accept new orders. The Order API uses a JMS queue to submit orders to a backend order management service. The normal load for orders is being handled using two (2) CloudHub workers, each configured with 0.2 vCore. The CPU load of each CloudHub worker normally runs well below 70%. However, several times during the year the Order API gets four times (4x) the average number of orders. This causes the CloudHub worker CPU load to exceed 90% and the order submission time to exceed 30 seconds. The cause, however, is NOT the backend order management service, which still responds fast enough to meet the response SLA for the Order API. What is the MOST resource-efficient way to configure the Mule application's CloudHub deployment to help the company cope with this performance challenge?

A.

Permanently increase the size of each of the two (2) CloudHub workers by at least four times (4x) to one (1) vCore

B.

Use a vertical CloudHub autoscaling policy that triggers on CPU utilization greater than 70%

C.

Permanently increase the number of CloudHub workers by four times (4x) to eight (8) CloudHub workers

D.

Use a horizontal CloudHub autoscaling policy that triggers on CPU utilization greater than 70%

Full Access
Question # 13

A System API is designed to retrieve data from a backend system that has scalability challenges. What API policy can best safeguard the backend system?

A.

IPwhitelist

B.

SLA-based rate limiting

C.

Auth 2 token enforcement

D.

Client ID enforcement

Full Access
Question # 14

Refer to the exhibit.

what is true when using customer-hosted Mule runtimes with the MuleSoft-hosted Anypoint Platform control plane (hybrid deployment)?

A.

Anypoint Runtime Manager initiates a network connection to a Mule runtime in order to deploy Mule applications

B.

The MuleSoft-hosted Shared Load Balancer can be used to load balance API invocations to the Mule runtimes

C.

API implementations can run successfully in customer-hosted Mule runtimes, even when they are unable to communicate with the control plane

D.

Anypoint Runtime Manager automatically ensures HA in the control plane by creating a new Mule runtime instance in case of a node failure

Full Access
Question # 15

An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.

The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.

What out-of-the-box Anypoint Platform policy can address exposure to this threat?

A.

Shut out bad actors by using HTTPS mutual authentication for all API invocations

B.

Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors

C.

Apply a Header injection and removal policy that detects the malicious data before it is used

D.

Apply a JSON threat protection policy to all APIs to detect potential threat vectors

Full Access
Question # 16

How can the application of a rate limiting API policy be accurately reflected in the RAML definition of an API?

A.

By refining the resource definitions by adding a description of the rate limiting policy behavior

B.

By refining the request definitions by adding a remaining Requests query parameter with description, type, and example

C.

By refining the response definitions by adding the out-of-the-box Anypoint Platform rate-limit-enforcement securityScheme with description, type, and example

D.

By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example

Full Access
Question # 17

What are 4 important Platform Capabilities offered by Anypoint Platform?

A.

API Versioning, API Runtime Execution and Hosting, API Invocation, API Consumer Engagement

B.

API Design and Development, API Runtime Execution and Hosting, API Versioning, API Deprecation

C.

API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement

D.

API Design and Development, API Deprecation, API Versioning, API Consumer Engagement

Full Access
Question # 18

What Anypoint Platform Capabilities listed below fall under APIs and API Invocations/Consumers category? Select TWO.

A.

API Operations and Management

B.

API Runtime Execution and Hosting

C.

API Consumer Engagement

D.

API Design and Development

Full Access
Question # 19

A set of tests must be performed prior to deploying API implementations to a staging environment. Due to data security and access restrictions, untested APIs cannot be granted access to the backend systems, so instead mocked data must be used for these tests. The amount of available mocked data and its contents is sufficient to entirely test the API implementations with no active connections to the backend systems. What type of tests should be used to incorporate this mocked data?

A.

Integration tests

B.

Performance tests

C.

Functional tests (Blackbox)

D.

Unit tests (Whitebox)

Full Access
Question # 20

A company has started to create an application network and is now planning to implement a Center for Enablement (C4E) organizational model. What key factor would lead the company to decide upon a federated rather than a centralized C4E?

A.

When there are a large number of existing common assets shared by development teams

B.

When various teams responsible for creating APIs are new to integration and hence need extensive training

C.

When development is already organized into several independent initiatives or groups

D.

When the majority of the applications in the application network are cloud based

Full Access
Question # 21

Question 10: Skipped

An API implementation returns three X-RateLimit-* HTTP response headers to a requesting API client. What type of information do these response headers indicate to the API client?

A.

The error codes that result from throttling

B.

A correlation ID that should be sent in the next request

C.

The HTTP response size

D.

The remaining capacity allowed by the API implementation

Full Access
Question # 22

What is a best practice when building System APIs?

A.

Document the API using an easily consumable asset like a RAML definition

B.

Model all API resources and methods to closely mimic the operations of the backend system

C.

Build an Enterprise Data Model (Canonical Data Model) for each backend system and apply it to System APIs

D.

Expose to API clients all technical details of the API implementation's interaction wifch the backend system

Full Access
Question # 23

Refer to the exhibit.

What is a valid API in the sense of API-led connectivity and application networks?

A) Java RMI over TCP

B) Java RMI over TCP

C) CORBA over HOP

D) XML over UDP

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 24

Select the correct Owner-Layer combinations from below options

A.

1. App Developers owns and focuses on Experience Layer APIs

2. Central IT owns and focuses on Process Layer APIs

3. LOB IT owns and focuses on System Layer APIs

B.

1. Central IT owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. App Developers owns and focuses on System Layer APIs

C.

1. App Developers owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. Central IT owns and focuses on System Layer APIs

Full Access
Question # 25

A company wants to move its Mule API implementations into production as quickly as possible. To protect access to all Mule application data and metadata, the company requires that all Mule applications be deployed to the company's customer-hosted infrastructure within the corporate firewall. What combination of runtime plane and control plane options meets these project lifecycle goals?

A.

Manually provisioned customer-hosted runtime plane and customer-hosted control plane

B.

MuleSoft-hosted runtime plane and customer-hosted control plane

C.

Manually provisioned customer-hosted runtime plane and MuleSoft-hosted control plane

D.

iPaaS provisioned customer-hosted runtime plane and MuleSoft-hosted control plane

Full Access
Question # 26

A company uses a hybrid Anypoint Platform deployment model that combines the EU control plane with customer-hosted Mule runtimes. After successfully testing a Mule API implementation in the Staging environment, the Mule API implementation is set with environment-specific properties and must be promoted to the Production environment. What is a way that MuleSoft recommends to configure the Mule API implementation and automate its promotion to the Production environment?

A.

Bundle properties files for each environment into the Mule API implementation's deployable archive, then promote the Mule API implementation to the Production environment using Anypoint CLI or the Anypoint Platform REST APIsB.

B.

Modify the Mule API implementation's properties in the API Manager Properties tab, then promote the Mule API implementation to the Production environment using API Manager

C.

Modify the Mule API implementation's properties in Anypoint Exchange, then promote the Mule API implementation to the Production environment using Runtime Manager

D.

Use an API policy to change properties in the Mule API implementation deployed to the Staging environment and another API policy to deploy the Mule API implementation to the Production environment

Full Access
Question # 27

Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.

What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?

A.

Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users

B.

Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials

C.

Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist

D.

Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server

Full Access
Question # 28

Which layer in the API-led connectivity focuses on unlocking key systems, legacy systems, data sources etc and exposes the functionality?

A.

Experience Layer

B.

Process Layer

C.

System Layer

Full Access