Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium Salesforce MuleSoft-Platform-Architect-I Dumps Questions Answers

Salesforce Certified MuleSoft Platform Architect 1 Exam (WI25) Questions and Answers

Question 1

What CANNOT be effectively enforced using an API policy in Anypoint Platform?

Options:

A.

Guarding against Denial of Service attacks

B.

Maintaining tamper-proof credentials between APIs

C.

Logging HTTP requests and responses

D.

Backend system overloading

Buy Now
Question 2

What are 4 important Platform Capabilities offered by Anypoint Platform?

Options:

A.

API Versioning, API Runtime Execution and Hosting, API Invocation, API Consumer Engagement

B.

API Design and Development, API Runtime Execution and Hosting, API Versioning, API Deprecation

C.

API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement

D.

API Design and Development, API Deprecation, API Versioning, API Consumer Engagement

Question 3

When must an API implementation be deployed to an Anypoint VPC?

Options:

A.

When the API Implementation must invoke publicly exposed services that are deployed outside of CloudHub in a customer- managed AWS instance

B.

When the API implementation must be accessible within a subnet of a restricted customer-hosted network that does not allow public access

C.

When the API implementation must be deployed to a production AWS VPC using the Mule Maven plugin

D.

When the API Implementation must write to a persistent Object Store

Question 4

When should idempotency be taken into account?

Options:

A.

When making requests to update currently locked entities

B.

When storing the results of s previous request for use in response to subsequent requests

C.

When sending concurrent update requests for the same entity

D.

When preventing duplicate processing from multiple sent requests

Question 5

Which scenario is suited for MUnit tests instead of integration tests?

Options:

A.

For read-only interactions to any dependencies (such as other web APIs)

B.

When testing does not require knowledge of implementation details

C.

When no mocking is permissible

D.

For tests that are implemented using SoapUI

Question 6

An Anypoint Platform organization has been configured with an external identity provider (IdP) for identity management and client management. What credentials or token must be provided to Anypoint CLI to execute commands against the Anypoint Platform APIs?

Options:

A.

The credentials provided by the IdP for identity management

B.

The credentials provided by the IdP for client management

C.

An OAuth 2.0 token generated using the credentials provided by the IdP for client management

D.

An OAuth 2.0 token generated using the credentials provided by the IdP for identity management

Question 7

To minimize operation costs, a customer wants to use a CloudHub 1.0 solution. The customer's requirements are:

* Separate resources with two Business groups

* High-availability (HA) for all APIs

* Route traffic via Dedicated load balancer (DLBs)

* Separate environments into production and non-production

Which solution meets the customer's needs?

Options:

A.

One production and one non-production Virtual Private Cloud (VPC).

Use availability zones to differentiate between Business groups.

Allocate maximum CIDR per VPCs to ensure HA across availability zones

B.

One production and one non-production Virtual Private Cloud (VPC) per Business group.

Minimize CIDR aligning with projected application total.

Choose a MuleSoft CloudHub 1.0 region with multiple availability zones.

Deploy multiple workers for HA,

C.

One production and one non-production Virtual Private Cloud (VPC) per Business group.

Minimize CIDR aligning with projected application total.

Divide availability zones during deployment of APIs for HA.

D.

One production and one non-production Virtual Private Claud (VPC).

Configure subnet to differentiate between business groups.

Allocate maximum CIDR per VPCs to make it easier to add Child groups.

Span VPC to cover three availability zones.

Question 8

What Mule application can have API policies applied by

Anypoint Platform to the endpoint exposed by that Mule application?

A) A Mule application that accepts requests over HTTP/1.x

B) A Mule application that accepts JSON requests over TCP but is NOT required to provide a response

C) A Mute application that accepts JSON requests over WebSocket

D) A Mule application that accepts gRPC requests over HTTP/2

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 9

What should be ensured before sharing an API through a public Anypoint Exchange portal?

Options:

A.

The visibility level of the API instances of that API that need to be publicly accessible should be set to public visibility

B.

The users needing access to the API should be added to the appropriate role in Anypoint Platform

C.

The API should be functional with at least an initial implementation deployed and accessible for users to interact with

D.

The API should be secured using one of the supported authentication/authorization mechanisms to ensure that data is not compromised

Question 10

When designing an upstream API and its implementation, the development team has been advised to NOT set timeouts when invoking a downstream API, because that downstream API has no SLA that can be relied upon. This is the only downstream API dependency of that upstream API.

Assume the downstream API runs uninterrupted without crashing. What is the impact of this advice?

Options:

A.

An SLA for the upstream API CANNOT be provided

B.

The invocation of the downstream API will run to completion without timing out

C.

A default timeout of 500 ms will automatically be applied by the Mule runtime in which the upstream API implementation executes

D.

A toad-dependent timeout of less than 1000 ms will be applied by the Mule runtime in which the downstream API implementation executes

Question 11

4A developer for a transportation organization is implementing exactly one processing functionality in a Reservation Mule application to process and store passenger

records. This Reservation application will be deployed to multiple CloudHub workers/replicas. It is possible that several external systems could send duplicate passenger records

to the Reservation application.

An appropriate storage mechanism must be selected to help the Reservation application process each passenger record exactly once as much as possible. The selected storage

mechanism must be shared by all the CloudHub workers/replicas in order to synchronize the state information to assist attempting exactly once processing of each passenger

record by the deployed Reservation Mule application.

Which type of simple storage mechanism in Anypoint Platform allows the Reservation Mule application to update and share data between the CloudHub workers/replicas exactly

once, with minimal development effort?

Options:

A.

Persistent Object Store

B.

Runtime Fabric Object Store

C.

Non-persistent Object Store

D.

In-memory Mule Object Store

Question 12

What is true about API implementations when dealing with legal regulations that require all data processing to be performed within a certain jurisdiction (such as in the USA or the EU)?

Options:

A.

They must avoid using the Object Store as it depends on services deployed ONLY to the US East region

B.

They must use a Jurisdiction-local external messaging system such as Active MQ rather than Anypoint MQ

C.

They must te deployed to Anypoint Platform runtime planes that are managed by Anypoint Platform control planes, with both planes in the same Jurisdiction

D.

They must ensure ALL data is encrypted both in transit and at rest

Question 13

A company is using an on-prem cluster in the data center as a runtime plane and MuleSoft-hosted control plane.

How can the company monitor the detailed performance metrics on the Mule applications deployed to the cluster from the control plane?

Options:

A.

The settings of the Monitoring section in the control plane must be updated to enable detailed logging on the metrics to be captured

B.

Monitoring Agent must be installed on each node in the cluster

C.

Due to the potential performance impact on the runtime nodes, the Monitoring agent should be installed on a separate server

D.

There is no action needed as the on-prem runtime automatically sends the performance data to the control plane

Question 14

Select the correct Owner-Layer combinations from below options

Options:

A.

1. App Developers owns and focuses on Experience Layer APIs

2. Central IT owns and focuses on Process Layer APIs

3. LOB IT owns and focuses on System Layer APIs

B.

1. Central IT owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. App Developers owns and focuses on System Layer APIs

C.

1. App Developers owns and focuses on Experience Layer APIs

2. LOB IT owns and focuses on Process Layer APIs

3. Central IT owns and focuses on System Layer APIs

Question 15

What are the major benefits of MuleSoft proposed IT Operating Model?

Options:

A.

1. Decrease the IT delivery gap

2. Meet various business demands without increasing the IT capacity

3. Focus on creation of reusable assets first. Upon finishing creation of all the possible assets then inform the LOBs in the organization to start using them

B.

1. Decrease the IT delivery gap

2. Meet various business demands by increasing the IT capacity and forming various IT departments

3. Make consumption of assets at the rate of production

C.

1. Decrease the IT delivery gap

2. Meet various business demands without increasing the IT capacity

3. Make consumption of assets at the rate of production

Question 16

The application network is recomposable: it is built for change because it "bends but does not break"

Options:

A.

TRUE

B.

FALSE

Question 17

An Order API must be designed that contains significant amounts of integration logic and involves the invocation of the Product API.

The power relationship between Order API and Product API is one of "Customer/Supplier", because the Product API is used heavily throughout the organization and is developed by a dedicated development team located in the office of the CTO.

What strategy should be used to deal with the API data model of the Product API within the Order API?

Options:

A.

Convince the development team of the Product API to adopt the API data model of the Order API such that the integration logic of the Order API can work with one consistent internal data model

B.

Work with the API data types of the Product API directly when implementing the integration logic of the Order API such that the Order API uses the same (unchanged) data types as the Product API

C.

Implement an anti-corruption layer in the Order API that transforms the Product API data model into internal data types of the Order API

D.

Start an organization-wide data modeling initiative that will result in an Enterprise Data Model that will then be used in both the Product API and the Order API

Question 18

What is a key requirement when using an external Identity Provider for Client Management in Anypoint Platform?

Options:

A.

Single sign-on is required to sign in to Anypoint Platform

B.

The application network must include System APIs that interact with the Identity Provider

C.

To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider

D.

APIs managed by Anypoint Platform must be protected by SAML 2.0 policies

Question 19

Which layer in the API-led connectivity focuses on unlocking key systems, legacy systems, data sources etc and exposes the functionality?

Options:

A.

Experience Layer

B.

Process Layer

C.

System Layer

Question 20

An organization has implemented a Customer Address API to retrieve customer address information. This API has been deployed to multiple environments and has been configured to enforce client IDs everywhere.

A developer is writing a client application to allow a user to update their address. The developer has found the Customer Address API in Anypoint Exchange and wants to use it in their client application.

What step of gaining access to the API can be performed automatically by Anypoint Platform?

Options:

A.

Approve the client application request for the chosen SLA tier

B.

Request access to the appropriate API Instances deployed to multiple environments using the client application's credentials

C.

Modify the client application to call the API using the client application's credentials

D.

Create a new application in Anypoint Exchange for requesting access to the API

Question 21

A company requires Mule applications deployed to CloudHub to be isolated between non-production and production environments. This is so Mule applications deployed to non-production environments can only access backend systems running in their customer-hosted non-production environment, and so Mule applications deployed to production environments can only access backend systems running in their customer-hosted production environment. How does MuleSoft recommend modifying Mule applications, configuring environments, or changing infrastructure to support this type of per-environment isolation between Mule applications and backend systems?

Options:

A.

Modify properties of Mule applications deployed to the production Anypoint Platform environments to prevent access from non-production Mule applications

B.

Configure firewall rules in the infrastructure inside each customer-hosted environment so that only IP addresses from the corresponding Anypoint Platform environments are allowed to communicate with corresponding backend systems

C.

Create non-production and production environments in different Anypoint Platform business groups

D.

Create separate Anypoint VPCs for non-production and production environments, then configure connections to the backend systems in the corresponding customer-hosted environments

Question 22

When using CloudHub with the Shared Load Balancer, what is managed EXCLUSIVELY by the API implementation (the Mule application) and NOT by Anypoint Platform?

Options:

A.

The assignment of each HTTP request to a particular CloudHub worker

B.

The logging configuration that enables log entries to be visible in Runtime Manager

C.

The SSL certificates used by the API implementation to expose HTTPS endpoints

D.

The number of DNS entries allocated to the API implementation

Question 23

An organization has created an API-led architecture that uses various API layers to integrate mobile clients with a backend system. The backend system consists of a number of specialized components and can be accessed via a REST API. The process and experience APIs share the same bounded-context model that is different from the backend data model. What additional canonical models, bounded-context models, or anti-corruption layers are best added to this architecture to help process data consumed from the backend system?

Options:

A.

Create a bounded-context model for every layer and overlap them when the boundary contexts overlap, letting API developers know about the differences between upstream and downstream data models

B.

Create a canonical model that combines the backend and API-led models to simplify and unify data models, and minimize data transformations.

C.

Create a bounded-context model for the system layer to closely match the backend data model, and add an anti-corruption layer to let the different bounded contexts cooperate across the system and process layers

D.

Create an anti-corruption layer for every API to perform transformation for every data model to match each other, and let data simply travel between APIs to avoid the complexity and overhead of building canonical models

Question 24

What is a key performance indicator (KPI) that measures the success of a typical C4E that is immediately apparent in responses from the Anypoint Platform APIs?

Options:

A.

The number of production outage incidents reported in the last 24 hours

B.

The number of API implementations that have a publicly accessible HTTP endpoint and are being managed by Anypoint Platform

C.

The fraction of API implementations deployed manually relative to those deployed using a CI/CD tool

D.

The number of API specifications in RAML or OAS format published to Anypoint Exchange

Question 25

What do the API invocation metrics provided by Anypoint Platform provide?

Options:

A.

ROI metrics from APIs that can be directly shared with business users

B.

Measurements of the effectiveness of the application network based on the level of reuse

C.

Data on past API invocations to help identify anomalies and usage patterns across various APIs

D.

Proactive identification of likely future policy violations that exceed a given threat threshold

Question 26

A European company has customers all across Europe, and the IT department is migrating from an older platform to MuleSoft. The main requirements are that the

new platform should allow redeployments with zero downtime and deployment of applications to multiple runtime versions, provide security and speed, and utilize Anypoint MQ

as the message service.

Which runtime plane should the company select based on the requirements without additional network configuration?

Options:

A.

Runtime Fabric on VMs / Bare Metal for the runtime plane

B.

Customer-hosted runtime plane

C.

MuleSoft-hosted runtime plane (CloudHub)

D.

Anypoint Runtime Fabric on Self-Managed Kubernetes for the runtime plane

Question 27

When can CloudHub Object Store v2 be used?

Options:

A.

To store an unlimited number of key-value pairs

B.

To store payloads with an average size greater than 15MB

C.

To store information in Mule 4 Object Store v1

D.

To store key-value pairs with keys up to 300 characters

Question 28

The responses to some HTTP requests can be cached depending on the HTTP verb used in the request. According to the HTTP specification, for what HTTP verbs is this safe to do?

Options:

A.

PUT, POST, DELETE

B.

GET, HEAD, POST

C.

GET, PUT, OPTIONS

D.

GET, OPTIONS, HEAD

Question 29

A company deployed an API to a single worker/replica in the shared cloud in the U.S. West Region.

What happens when the Availability Zone experiences an outage?

Options:

A.

CloudHub will auto-redeploy the APL in the U.S. East Region

B.

The APT will be unavailable until the availability comes back online, at which time the worker/replica will be auto-restarted

C.

CloudHub will auto-redeploy the API in another Availability Zone in the U.S. West Region

D.

The Anypoint Platform admin is alerted when the AP] is experiencing an outage and needs the trigger the CI/CD pipeline to redeploy to the US. East Region

Question 30

A Mule 4 API has been deployed to CloudHub and a Basic Authentication - Simple policy has been applied to all API methods and resources. However, the API is still accessible

by clients without using authentication.

How is this possible?

Options:

A.

The APE Router component is pointing to the incorrect Exchange version of the APT

B.

The Autodiscovery element is not present, in the deployed Mule application

C.

No… for client applications have been created of this API

D.

One of the application’s CloudHub workers restarted

Question 31

What is true about automating interactions with Anypoint Platform using tools such as Anypoint Platform REST APIs, Anypoint CU, or the Mule Maven plugin?

Options:

A.

Access to Anypoint Platform APIs and Anypoint CU can be controlled separately through the roles and permissions in Anypoint Platform, so that specific users can get access to Anypoint CLI white others get access to the platform APIs

B.

Anypoint Platform APIs can ONLY automate interactions with CloudHub, while the Mule Maven plugin is required for deployment to customer-hosted Mule runtimes

C.

By default, the Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications

D.

API policies can be applied to the Anypoint Platform APIs so that ONLY certain LOBs have access to specific functions

Question 32

An organization makes a strategic decision to move towards an IT operating model that emphasizes consumption of reusable IT assets using modern APIs (as defined by MuleSoft).

What best describes each modern API in relation to this new IT operating model?

Options:

A.

Each modern API has its own software development lifecycle, which reduces the need for documentation and automation

B.

Each modem API must be treated like a product and designed for a particular target audience (for instance, mobile app developers)

C.

Each modern API must be easy to consume, so should avoid complex authentication mechanisms such as SAML or JWT D

D.

Each modern API must be REST and HTTP based

Question 33

An API is protected with a Client ID Enforcement policy and uses the default configuration. Access is requested for the client application to the API, and an approved

contract now exists between the client application and the API

How can a consumer of this API avoid a 401 error "Unauthorized or invalid client application credentials"?

Options:

A.

Send the obtained token as a header in every call

B.

Send the obtained: client_id and client_secret in the request body

C.

Send the obtained clent_id and clent_secret as URI parameters in every call

D.

Send the obtained clent_id and client_secret in the header of every API Request call

Question 34

A circuit breaker strategy is planned in order to meet the goal of improved response time and demand on a downstream API.

* Circuit Open: More than 10 errors per minute for three minutes

* Circuit Half-Open: One error per minute

* Circuit Closed: Less than one error per minute for five minutes

Out of several proposals from the engineering team, which option will meet this goal?

Options:

A.

Create a custom policy that implements the circuit breaker and includes policy template expressions for the required settings

B.

Create Anypoint Monitoring alerts for Circuit Open/Closed configurations, and then implement a retry strategy for Circuit Half-Open configuration

C.

Add the Circuit Breaker policy to the API instance, and configure the required settings

D.

Implement the strategy in a Mule application, and provide the settings in the YAML configuration

Question 35

Which out-of-the-box key performance indicator measures the success of a typical Center for Enablement and is immediately available in responses from Anypoint Platform APIs?

Options:

A.

Per business group, the ratio of the number of production APT implementations deployed using a C1/CD pipeline to the number of production API implementations deployed manually

B.

Per deployed API implementation, the amount of bandwidth consumed each day

C.

Per published API, the number of developers that downloaded s version of the API specification

D.

Per published API, the number of consumers that requested access to the API and have been approved in the Production environment

Question 36

An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.

The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.

What out-of-the-box Anypoint Platform policy can address exposure to this threat?

Options:

A.

Shut out bad actors by using HTTPS mutual authentication for all API invocations

B.

Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors

C.

Apply a Header injection and removal policy that detects the malicious data before it is used

D.

Apply a JSON threat protection policy to all APIs to detect potential threat vectors

Question 37

A company has started to create an application network and is now planning to implement a Center for Enablement (C4E) organizational model. What key factor would lead the company to decide upon a federated rather than a centralized C4E?

Options:

A.

When there are a large number of existing common assets shared by development teams

B.

When various teams responsible for creating APIs are new to integration and hence need extensive training

C.

When development is already organized into several independent initiatives or groups

D.

When the majority of the applications in the application network are cloud based

Question 38

What is a best practice when building System APIs?

Options:

A.

Document the API using an easily consumable asset like a RAML definition

B.

Model all API resources and methods to closely mimic the operations of the backend system

C.

Build an Enterprise Data Model (Canonical Data Model) for each backend system and apply it to System APIs

D.

Expose to API clients all technical details of the API implementation's interaction wifch the backend system

Question 39

An online store's marketing team has noticed an increase in customers leaving online baskets without checking out. They suspect a technology issue is at the root cause of the baskets being left behind. They approach the Center for Enablement to ask for help identifying the issue. Multiple APIs from across all the layers of their application network are involved in the shopping application.

Which feature of the Anypoint Platform can be used to view metrics from all involved APIs at the same time?

Options:

A.

Custom dashboards

B.

Built-in dashboards

C.

Functional monitoring

D.

API Manager

Question 40

When could the API data model of a System API reasonably mimic the data model exposed by the corresponding backend system, with minimal improvements over the backend system's data model?

Options:

A.

When there is an existing Enterprise Data Model widely used across the organization

B.

When the System API can be assigned to a bounded context with a corresponding data model

C.

When a pragmatic approach with only limited isolation from the backend system is deemed appropriate

D.

When the corresponding backend system is expected to be replaced in the near future

Question 41

An IT Security Compliance Auditor is assessing which nonfunctional requirements (NFRs) are already being implemented to meet security measures.

* The Web API has Rate-Limiting SLA

* Basic Authentication - LDAP

* JSON Threat Protection

* TP Allowlist policies applied

Which two NFRs-are enforced?

Options:

A.

The API invocations are coming from a known subnet range

B.

Username/password supported to validate login credentials

C.

Sensitive data is masked to prevent compromising critical information

D.

The API is protected against XML invocation attacks

E.

Performance expectations are to be allowed up to 1,000 requests per second

Question 42

An organization is implementing a Quote of the Day API that caches today's quote.

What scenario can use the GoudHub Object Store via the Object Store connector to persist the cache's state?

Options:

A.

When there are three CloudHub deployments of the API implementation to three separate CloudHub regions that must share the cache state

B.

When there are two CloudHub deployments of the API implementation by two Anypoint Platform business groups to the same CloudHub region that must share the cache state

C.

When there is one deployment of the API implementation to CloudHub and anottV deployment to a customer-hosted Mule runtime that must share the cache state

D.

When there is one CloudHub deployment of the API implementation to three CloudHub workers that must share the cache state

Question 43

A Mule application implements an API. The Mule application has an HTTP Listener whose connector configuration sets the HTTPS protocol and hard-codes the port

value. The Mule application is deployed to an Anypoint VPC and uses the CloudHub 1.0 Shared Load Balancer (SLB) for all incoming traffic.

Which port number must be assigned to the HTTP Listener's connector configuration so that the Mule application properly receives HTTPS API invocations routed through the

SLB?

Options:

A.

8082

B.

8092

C.

80

D.

443

Question 44

Refer to the exhibit.

what is true when using customer-hosted Mule runtimes with the MuleSoft-hosted Anypoint Platform control plane (hybrid deployment)?

Options:

A.

Anypoint Runtime Manager initiates a network connection to a Mule runtime in order to deploy Mule applications

B.

The MuleSoft-hosted Shared Load Balancer can be used to load balance API invocations to the Mule runtimes

C.

API implementations can run successfully in customer-hosted Mule runtimes, even when they are unable to communicate with the control plane

D.

Anypoint Runtime Manager automatically ensures HA in the control plane by creating a new Mule runtime instance in case of a node failure