Page: 1
/ 4
Total 61 questions
An API experiences a high rate of client requests (TPS) with small message payloads.
How can usage limits be imposed on the API based on the type of client application?
- A. Use an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type.
- B. Use a spike control policy that limits the number of requests for each client application type.
- C. Use a cross-origin resource sharing (CORS) policy to limit resource sharing between client applications, configured by the client application type.
- D. Use a rate limiting policy and a client ID enforcement policy, each configured by the client application type.
Answer : A
A code-centric API documentation environment should allow API consumers to investigate and execute API client source code that demonstrates invoking one or more APIs as part of representative scenarios.
What is the most effective way to provide this type of code-centric API documentation environment using Anypoint Platform?
- A. Enable mocking services for each of the relevant APIs and expose them via their Anypoint Exchange entry
- B. Ensure the APIs are well documented through their Anypoint Exchange entries and API Consoles and share these pages with all API consumers
- C. Create API Notebooks and include them in the relevant Anypoint Exchange entries
- D. Make relevant APIs discoverable via an Anypoint Exchange entry
Answer : B
Refer to the exhibit.
An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.
What policy should be applied to all instances of APIs in the organization to most effectively restrict access to a specific group of internal users?
- A. Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users.
- B. Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials.
- C. Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist.
- D. Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server.
Answer : A
What is a best practice when building System APIs?
- A. Document the API using an easily consumable asset like a RAML definition
- B. Model all API resources and methods to closely mimic the operations of the backend system
- C. Build an Enterprise Data Model (Canonical Data Model) for each backend system and apply it to System APIs
- D. Expose to API clients all technical details of the API implementation's interaction with the backend system
Answer : A
What CANNOT be effectively enforced using an API policy in Anypoint Platform?
- A. Guarding against Denial of Service attacks
- B. Maintaining tamper-proof credentials between APIs
- C. Logging HTTP requests and responses
- D. Backend system overloading
Answer : A
An organization makes a strategic decision to move towards an IT operating model that emphasizes consumption of reusable IT assets using modern APIs (as defined by MuleSoft).
What best describes each modern API in relation to this new IT operating model?
- A. Each modern API has its own software development lifecycle, which reduces the need for documentation and automation.
- B. Each modern API must be treated like a product and designed for a particular target audience (for instance, mobile app developers)
- C. Each modern API must be easy to consume, so should avoid complex authentication mechanisms such as SAML or JWT.
- D. Each modern API must be REST and HTTP based.
Answer : B
What API policy would be LEAST LIKELY used when designing an Experience API that is intended to work with a consumer mobile phone or tablet application?
- A. OAuth 2.0 access token enforcement
- B. Client ID enforcement
- C. JSON threat protection
- D. IP whitelist
Answer : C
A new upstream API is being designed to offer an SLA of 500 ms median and 800 ms maximum (99th percentile) response time. The corresponding API implementation needs to sequentially invoke 3 downstream APIs of very similar complexity.
The first of these downstream APIs offers the following SLA for its response time: median: 100 ms, 80th percentile: 500 ms, 95th percentile: 1000 ms.
If possible, how can a timeout be set in the upstream API for the invocation of the first downstream API to meet the new upstream API's desired SLA?
- A. Set a timeout of 50 ms; this times out more invocations of that API but gives additional room for retries.
- B. Set a timeout of 100 ms; that leaves 400 ms for the other two downstream APIs to complete.
- C. No timeout is possible to meet the upstream API's desired SLA; a different SLA must be negotiated with the first downstream API or invoke an alternative API.
- D. Do not set a timeout; the invocation of this API is mandatory and so we must wait until it responds.
Answer : B
What is true about automating interactions with Anypoint Platform using tools such as Anypoint Platform REST APIs, Anypoint CLI, or the Mule Maven plugin?
- A. Access to Anypoint Platform APIs and Anypoint CLI can be controlled separately through the roles and permissions in Anypoint Platform, so that specific users can get access to Anypoint CLI while others get access to the platform APIs.
- B. Anypoint Platform APIs can ONLY automate interactions with CloudHub, while the Mule Maven plugin is required for deployment to customer-hosted Mule runtimes
- C. ׀’y default, the Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications.
- D. API policies can be applied to the Anypoint Platform APIs so that ONLY certain LOBs have access to specific functions.
Answer : C
What Mule application deployment scenario requires using Anypoint Platform Private Cloud Edition or Anypoint Platform for Pivotal Cloud Foundry?
- A. When it is required to make ALL applications highly available across multiple data centers.
- B. When it is required that ALL APIs are private and NOT exposed to the public cloud.
- C. When regulatory requirements mandate on-premises processing of EVERY data item, including meta-data.
- D. When ALL backend systems in the application network are deployed in the organization's intranet.
Answer : C
What is typically NOT a function of the APIs created within the framework called API-led connectivity?
- A. They provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.
- B. They allow for innovation at the user interface level by consuming the underlying assets without being aware of how data is being extracted from backend systems.
- C. They reduce the dependency on the underlying backend systems by helping unlock data from backend systems in a reusable and consumable way.
- D. They can compose data from various sources and combine them with orchestration logic to create higher level value
Answer : A
Reference:
https://dzone.com/articles/api-led-connectivity-with-mule
An organization has implemented a Customer Address API to retrieve customer address information. This API has been deployed to multiple environments and has been configured to enforce client IDs everywhere.
A developer is writing a client application to allow a user to update their address. The developer has found the Customer Address API in Anypoint Exchange and wants to use it in their client application.
What step of gaining access to the API can be performed automatically by Anypoint Platform?
- A. Approve the client application request for the chosen SLA tier.
- B. Request access to the appropriate API instances deployed to multiple environments using the client application's credentials.
- C. Modify the client application to call the API using the client application's credentials.
- D. Create a new application in Anypoint Exchange for requesting access to the API.
Answer : B
What is a typical result of using a fine-grained rather than a coarse-grained API deployment model to implement a given business process?
- A. A decrease in the number of connections within the application network supporting the business process.
- B. A higher number of discoverable API-related assets in the application network.
- C. A better response time for the end user as a result of the APIs being smaller in scope and complexity.
- D. An overall lower usage of resources because each fine-grained API consumes less resources.
Answer : C
What correctly characterizes unit tests of Mule applications?
- A. They test the validity of input and output of source and target systems.
- B. They must be run in a unit testing environment with dedicated Mule runtimes for the environment.
- C. They must be triggered by an external client tool or event source.
- D. They are typically written using MUnit to run in an embedded Mule runtime that does not require external connectivity.
Answer : B
Reference:
https://dzone.com/articles/munit-framework
An organization is deploying their new implementation of the OrderStatus System API to multiple workers in CloudHub. This API fronts the organization's on- premises Order Management System, which is accessed by the API implementation over an IPsec tunnel.
What type of error typically does NOT result in a service outage of the OrderStatus System API?
- A. A CloudHub worker fails with an out-of-memory exception.
- B. API Manager has an extended outage during the initial deployment of the API implementation.
- C. The AWS region goes offline with a major network failure to the relevant AWS data centers.
- D. The Order Management System is inaccessible due to a network outage in the organization's on-premises data center.
Answer : A
30 days access 