[Nov-2021] MCPA-Level-1 Dumps are Available for Instant Access using VCE4Dumps
MCPA-Level-1 Dumps 2021 - New MuleSoft MCPA-Level-1 Exam Questions
MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 Certification Path
MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 exam is foundation level Certification. As such, there is no prerequisite for this course. Anyone who is having a keen interest and familiar with MuleSoft technology is well invited to pursue this certification.
MuleSoft MCPA-Level-1 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
NEW QUESTION 17
Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.
What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?
- A. Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server
- B. Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users
- C. Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials
- D. Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist
Answer: B
Explanation:
Correct answer: Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users.
*****************************************
>> IP Whitelisting does NOT fit for this purpose. Moreover, the users workstations may not necessarily have static IPs in the network.
>> OAuth 2.0 enforcement requires a client provider which isn't in the organizations system components.
>> It is not an effective approach to let every user create separate client credentials and configure those for their usage.
The effective way it to apply a basic authentication - LDAP policy and the internal Active Directory will be configured as the LDAP source for authenticating users.
NEW QUESTION 18
What is true about where an API policy is defined in Anypoint Platform and how it is then applied to API instances?
- A. The API policy is defined in API Manager, and then applied to ALL API instances in the specified environment
- B. The API policy Is defined In API Manager for a specific API Instance, and then ONLY applied to the specific API instance
- C. The API policy Is defined In Runtime Manager as part of the API deployment to a Mule runtime, and then ONLY applied to the specific API Instance
- D. The API policy Is defined in API Manager and then automatically applied to ALL API instances
Answer: B
Explanation:
Correct answer: The API policy is defined in API Manager for a specific API instance, and then ONLY applied to the specific API instance.
*****************************************
>> Once our API specifications are ready and published to Exchange, we need to visit API Manager and register an API instance for each API.
>> API Manager is the place where management of API aspects takes place like addressing NFRs by enforcing policies on them.
>> We can create multiple instances for a same API and manage them differently for different purposes.
>> One instance can have a set of API policies applied and another instance of same API can have different set of policies applied for some other purpose.
>> These APIs and their instances are defined PER environment basis. So, one need to manage them seperately in each environment.
>> We can ensure that same configuration of API instances (SLAs, Policies etc..) gets promoted when promoting to higher environments using platform feature. But this is optional only. Still one can change them per environment basis if they have to.
>> Runtime Manager is the place to manage API Implementations and their Mule Runtimes but NOT APIs itself. Though API policies gets executed in Mule Runtimes, We CANNOT enforce API policies in Runtime Manager. We would need to do that via API Manager only for a cherry picked instance in an environment.
So, based on these facts, right statement in the given choices is - "The API policy is defined in API Manager for a specific API instance, and then ONLY applied to the specific API instance".
NEW QUESTION 19
An organization is implementing a Quote of the Day API that caches today's quote.
What scenario can use the GoudHub Object Store via the Object Store connector to persist the cache's state?
- A. When there is one CloudHub deployment of the API implementation to three CloudHub workers that must share the cache state
- B. When there are two CloudHub deployments of the API implementation by two Anypoint Platform business groups to the same CloudHub region that must share the cache state
- C. When there is one deployment of the API implementation to CloudHub and anottV deployment to a customer-hosted Mule runtime that must share the cache state
- D. When there are three CloudHub deployments of the API implementation to three separate CloudHub regions that must share the cache state
Answer: C
NEW QUESTION 20
An organization makes a strategic decision to move towards an IT operating model that emphasizes consumption of reusable IT assets using modern APIs (as defined by MuleSoft).
What best describes each modern API in relation to this new IT operating model?
- A. Each modern API must be easy to consume, so should avoid complex authentication mechanisms such as SAML or JWT D
- B. Each modern API must be REST and HTTP based
- C. Each modem API must be treated like a product and designed for a particular target audience (for instance, mobile app developers)
- D. Each modern API has its own software development lifecycle, which reduces the need for documentation and automation
Answer: C
Explanation:
Correct Answers:
1. Each modern API must be treated like a product and designed for a particular target audience (for instance mobile app developers)
*****************************************
NEW QUESTION 21
A system API is deployed to a primary environment as well as to a disaster recovery (DR) environment, with different DNS names in each environment. A process API is a client to the system API and is being rate limited by the system API, with different limits in each of the environments. The system API's DR environment provides only 20% of the rate limiting offered by the primary environment. What is the best API fault-tolerant invocation strategy to reduce overall errors in the process API, given these conditions and constraints?
- A. In parallel, invoke the system API deployed to the primary environment and the system API deployed to the DR environment; add timeout and retry logic to the process API to avoid intermittent failures; add logic to the process API to combine the results
- B. Invoke the system API deployed to the primary environment; add retry logic to the process API to handle intermittent failures by invoking the system API deployed to the DR environment
- C. Invoke the system API deployed to the primary environment; add timeout and retry logic to the process API to avoid intermittent failures; if it still fails, invoke the system API deployed to the DR environment
- D. Invoke the system API deployed to the primary environment; add timeout and retry logic to the process API to avoid intermittent failures; if it still fails, invoke a copy of the process API deployed to the DR environment
Answer: C
Explanation:
Correct answer: Invoke the system API deployed to the primary environment; add timeout and retry logic to the process API to avoid intermittent failures; if it still fails, invoke the system API deployed to the DR environment
*****************************************
There is one important consideration to be noted in the question which is - System API in DR environment provides only 20% of the rate limiting offered by the primary environment. So, comparitively, very less calls will be allowed into the DR environment API opposed to its primary environment. With this in mind, lets analyse what is the right and best fault-tolerant invocation strategy.
1. Invoking both the system APIs in parallel is definitely NOT a feasible approach because of the 20% limitation we have on DR environment. Calling in parallel every time would easily and quickly exhaust the rate limits on DR environment and may not give chance to genuine intermittent error scenarios to let in during the time of need.
2. Another option given is suggesting to add timeout and retry logic to process API while invoking primary environment's system API. This is good so far. However, when all retries failed, the option is suggesting to invoke the copy of process API on DR environment which is not right or recommended. Only system API is the one to be considered for fallback and not the whole process API. Process APIs usually have lot of heavy orchestration calling many other APIs which we do not want to repeat again by calling DR's process API. So this option is NOT right.
3. One more option given is suggesting to add the retry (no timeout) logic to process API to directly retry on DR environment's system API instead of retrying the primary environment system API first. This is not at all a proper fallback. A proper fallback should occur only after all retries are performed and exhausted on Primary environment first. But here, the option is suggesting to directly retry fallback API on first failure itself without trying main API. So, this option is NOT right too.
This leaves us one option which is right and best fit.
- Invoke the system API deployed to the primary environment
- Add Timeout and Retry logic on it in process API
- If it fails even after all retries, then invoke the system API deployed to the DR environment.
NEW QUESTION 22
Refer to the exhibit.
An organization uses one specific CloudHub (AWS) region for all CloudHub deployments.
How are CloudHub workers assigned to availability zones (AZs) when the organization's Mule applications are deployed to CloudHub in that region?
- A. AZs are selected as part of the Mule application's deployment configuration
- B. Workers belonging to a given environment are assigned to the same AZ within that region
- C. Workers are randomly distributed across available AZs within that region
- D. An AZ is randomly selected for a Mule application, and all the Mule application's CloudHub workers are assigned to that one AZ
Answer: D
NEW QUESTION 23
In an organization, the InfoSec team is investigating Anypoint Platform related data traffic.
From where does most of the data available to Anypoint Platform for monitoring and alerting originate?
- A. From the Mule runtime or the API implementation, depending on the deployment model
- B. From various components of Anypoint Platform, such as the Shared Load Balancer, VPC, and Mule runtimes
- C. From the Mule runtime irrespective of the deployment model
- D. From the Mule runtime or the API Manager, depending on the type of data
Answer: C
Explanation:
Correct answer: From the Mule runtime irrespective of the deployment model
*****************************************
>> Monitoring and Alerting metrics are always originated from Mule Runtimes irrespective of the deployment model.
>> It may seems that some metrics (Runtime Manager) are originated from Mule Runtime and some are (API Invocations/ API Analytics) from API Manager. However, this is realistically NOT TRUE. The reason is, API manager is just a management tool for API instances but all policies upon applying on APIs eventually gets executed on Mule Runtimes only (Either Embedded or API Proxy).
>> Similarly all API Implementations also run on Mule Runtimes.
So, most of the day required for monitoring and alerts are originated fron Mule Runtimes only irrespective of whether the deployment model is MuleSoft-hosted or Customer-hosted or Hybrid.
NEW QUESTION 24
Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.
What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?
- A. Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server
- B. Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users
- C. Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials
- D. Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist
Answer: B
NEW QUESTION 25
A code-centric API documentation environment should allow API consumers to investigate and execute API client source code that demonstrates invoking one or more APIs as part of representative scenarios.
What is the most effective way to provide this type of code-centric API documentation environment using Anypoint Platform?
- A. Enable mocking services for each of the relevant APIs and expose them via their Anypoint Exchange entry
- B. Create API Notebooks and include them in the relevant Anypoint Exchange entries
- C. Make relevant APIs discoverable via an Anypoint Exchange entry
- D. Ensure the APIs are well documented through their Anypoint Exchange entries and API Consoles and share these pages with all API consumers
Answer: B
Explanation:
Correct answer: Create API Notebooks and Include them in the relevant Anypoint exchange entries
*****************************************
>> API Notebooks are the one on Anypoint Platform that enable us to provide code-centric API documentation Reference:
NEW QUESTION 26
An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.
The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.
What out-of-the-box Anypoint Platform policy can address exposure to this threat?
- A. Apply a Header injection and removal policy that detects the malicious data before it is used
- B. Shut out bad actors by using HTTPS mutual authentication for all API invocations
- C. Apply a JSON threat protection policy to all APIs to detect potential threat vectors
- D. Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors
Answer: C
Explanation:
Correct answer: Apply a JSON threat protection policy to all APIs to detect potential threat vectors
*****************************************
>> Usually, if the APIs are designed and developed for specific consumers (known consumers/customers) then we would IP Whitelist the same to ensure that traffic only comes from them.
>> However, as this scenario states that the APIs are publicly available and being used by so many mobile and web applications, it is NOT possible to identify and blacklist all possible bad actors.
>> So, JSON threat protection policy is the best chance to prevent any bad JSON payloads from such bad actors.
NEW QUESTION 27
An API implementation is deployed on a single worker on CloudHub and invoked by external API clients (outside of CloudHub). How can an alert be set up that is guaranteed to trigger AS SOON AS that API implementation stops responding to API invocations?
- A. Implement a heartbeat/health check within the API and invoke it from outside the Anypoint Platform and alert when the heartbeat does not respond
- B. Handle API invocation exceptions within the calling API client and raise an alert from that API client when the API Is unavailable
- C. Configure a "worker not responding" alert in Anypoint Runtime Manager
- D. Create an alert for when the API receives no requests within a specified time period
Answer: D
NEW QUESTION 28
What condition requires using a CloudHub Dedicated Load Balancer?
- A. When custom DNS names are required for API implementations deployed to customer-hosted Mule runtimes
- B. When server-side load-balanced TLS mutual authentication is required between API implementations and API clients
- C. When cross-region load balancing is required between separate deployments of the same Mule application
- D. When API invocations across multiple CloudHub workers must be load balanced
Answer: B
Explanation:
Correct answer: When server-side load-balanced TLS mutual authentication is required between API implementations and API clients
*****************************************
Fact/ Memory Tip: Although there are many benefits of CloudHub Dedicated Load balancer, TWO important things that should come to ones mind for considering it are:
>> Having URL endpoints with Custom DNS names on CloudHub deployed apps
>> Configuring custom certificates for both HTTPS and Two-way (Mutual) authentication.
Coming to the options provided for this
>> We
CANNOT use DLB to perform cross-region load balancing between separate deployments of the same Mule application.
>> We can have mapping rules to have more than one DLB URL pointing to same Mule app. But vicevera (More than one Mule app having same DLB URL) is NOT POSSIBLE
>> It is true that DLB helps to setup custom DNS names for Cloudhub deployed Mule apps but NOT true for apps deployed to Customer-hosted Mule Runtimes.
>> It is true to that we can load balance API invocations across multiple CloudHub workers using DLB but it is NOT A MUST. We can achieve the same (load balancing) using SLB (Shared Load Balancer) too. We DO NOT necessarily require DLB for achieve it.
So the only right option that fits the scenario and requires us to use DLB is when TLS mutual authentication is required between API implementations and API clients.
NEW QUESTION 29
When using CloudHub with the Shared Load Balancer, what is managed EXCLUSIVELY by the API implementation (the Mule application) and NOT by Anypoint Platform?
- A. The logging configuration that enables log entries to be visible in Runtime Manager
- B. The SSL certificates used by the API implementation to expose HTTPS endpoints
- C. The number of DNS entries allocated to the API implementation
- D. The assignment of each HTTP request to a particular CloudHub worker
Answer: A
NEW QUESTION 30
What API policy would be LEAST LIKELY used when designing an Experience API that is intended to work with a consumer mobile phone or tablet application?
- A. IPwhitellst
- B. Client ID enforcement
- C. JSON threat protection
- D. OAuth 2.0 access token enforcement
Answer: C
NEW QUESTION 31
What Mule application deployment scenario requires using Anypoint Platform Private Cloud Edition or Anypoint Platform for Pivotal Cloud Foundry?
- A. When regulatory requirements mandate on-premises processing of EVERY data item, including meta-data
- B. When ALL backend systems in the application network are deployed in the organization's intranet
- C. When it is required that ALL APIs are private and NOT exposed to the public cloud
- D. When it Is required to make ALL applications highly available across multiple data centers
Answer: A
Explanation:
Correct answer: When regulatory requirements mandate on-premises processing of EVERY data item, including meta-data.
*****************************************
We need NOT require to use Anypoint Platform PCE or PCF for the below. So these options are OUT.
>> We can make ALL applications highly available across multiple data centers using CloudHub too.
>> We can use Anypoint VPN and tunneling from CloudHub to connect to ALL backend systems in the application network that are deployed in the organization's intranet.
>> We can use Anypoint VPC and Firewall Rules to make ALL APIs private and NOT exposed to the public cloud.
Only valid reason in the given options that requires to use Anypoint Platform PCE/ PCF is - When regulatory requirements mandate on-premises processing of EVERY data item, including meta-data.
NEW QUESTION 32
What is a typical result of using a fine-grained rather than a coarse-grained API deployment model to implement a given business process?
- A. A decrease in the number of connections within the application network supporting the business process.
- B. A higher number of discoverable API-related assets in the application network.
- C. A better response time for the end user as a result of the APIs being smaller in scope and complexity.
- D. An overall lower usage of resources because each fine-grained API consumes less resources.
Answer: C
NEW QUESTION 33
An organization makes a strategic decision to move towards an IT operating model that emphasizes consumption of reusable IT assets using modern APIs (as defined by MuleSoft).
What best describes each modern API in relation to this new IT operating model?
- A. Each modern API must be easy to consume, so should avoid complex authentication mechanisms such as SAML or JWT D
- B. Each modern API must be REST and HTTP based
- C. Each modem API must be treated like a product and designed for a particular target audience (for instance, mobile app developers)
- D. Each modern API has its own software development lifecycle, which reduces the need for documentation and automation
Answer: B
NEW QUESTION 34
What do the API invocation metrics provided by Anypoint Platform provide?
- A. Data on past API invocations to help identify anomalies and usage patterns across various APIs
- B. Measurements of the effectiveness of the application network based on the level of reuse
- C. Proactive identification of likely future policy violations that exceed a given threat threshold
- D. ROI metrics from APIs that can be directly shared with business users
Answer: B
NEW QUESTION 35
......
How to study the MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 Exam
Preparation of certification exams could be covered with two resource types. The first one is the study guides, reference books, and study forums that are elaborated and appropriate for building information from the ground up. Apart from the video tutorials and lectures are a good option to ease the pain of through study and are relatively make the study process more interesting nonetheless these demand time and concentration from the learner. Smart candidates who wish to create a solid foundation altogether examination topics and connected technologies typically mix video lectures with study guides to reap the advantages of each, but practice exams or practice exam engines is one important study tool that goes typically unnoted by most candidates. Practice exams are designed with our experts to make exam prospects test their knowledge on skills attained in the course, as well as prospects become comfortable and familiar with the real exam environment. Statistics have indicated exam anxiety plays a much bigger role in a studentâs failure in the exam than the fear of the unknown. VCE4Dumps expert team recommends preparing some notes on these topics along with it don’t forget to practice MuleSoft mcpa-level-1 dumps which had been written by our expert team, each of these can assist you loads to clear this exam with excellent marks.
MuleSoft MCPA-Level-1 Exam Practice Test Questions: https://www.vce4dumps.com/MCPA-Level-1-valid-torrent.html