• Home
  • Blogs
  • Get Latest Oct-2021 Conduct effective penetration tests using Prep4away MCPA-Level-1 exam [Q25-Q46]

Get Latest Oct-2021 Conduct effective penetration tests using Prep4away MCPA-Level-1 exam [Q25-Q46]

Share

Get Latest [Oct-2021] Conduct effective penetration tests using  Prep4away MCPA-Level-1

Penetration testers simulate MCPA-Level-1 exam PDF

NEW QUESTION 25
What is a key requirement when using an external Identity Provider for Client Management in Anypoint Platform?

  • A. The application network must include System APIs that interact with the Identity Provider
  • B. To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider
  • C. APIs managed by Anypoint Platform must be protected by SAML 2.0 policies
  • D. Single sign-on is required to sign in to Anypoint Platform

Answer: C

 

NEW QUESTION 26
An organization is implementing a Quote of the Day API that caches today's quote.

  • A. When there are two CloudHub deployments of the API implementation by two Anypoint Platform business groups to the same CloudHub region that must share the cache state
  • B. When there are three CloudHub deployments of the API implementation to three separate CloudHub regions that must share the cache state
  • C. When there is one CloudHub deployment of the API implementation to three CloudHub workers that must share the cache state
  • D. What scenario can use the GoudHub Object Store via the Object Store connector to persist the cache's state?
  • E. When there is one deployment of the API implementation to CloudHub and anottV deployment to a customer-hosted Mule runtime that must share the cache state

Answer: E

 

NEW QUESTION 27
Refer to the exhibit.

A developer is building a client application to invoke an API deployed to the STAGING environment that is governed by a client ID enforcement policy.
What is required to successfully invoke the API?

  • A. A valid OAuth token obtained from Anypoint Platform and its associated client ID and secret
  • B. The client ID and secret for the Anypoint Platform account's STAGING environment
  • C. The client ID and secret for the Anypoint Platform account owning the API in the STAGING environment
  • D. The client ID and secret obtained from Anypoint Exchange for the API instance in the STAGING environment

Answer: A

Explanation:
Explanation
https://docs.mulesoft.com/api-manager/2.x/policy-mule3-client-id-based-policies

 

NEW QUESTION 28
Refer to the exhibit.

A RAML definition has been proposed for a new Promotions Process API, and has been published to Anypoint Exchange.
The Marketing Department, who will be an important consumer of the Promotions API, has important requirements and expectations that must be met.
What is the most effective way to use Anypoint Platform features to involve the Marketing Department in this early API design phase?
A) Ask the Marketing Department to interact with a mocking implementation of the API using the automatically generated API Console

B) Organize a design workshop with the DBAs of the Marketing Department in which the database schema of the Marketing IT systems is translated into RAML

C) Use Anypoint Studio to Implement the API as a Mule application, then deploy that API implementation to CloudHub and ask the Marketing Department to interact with it

D) Export an integration test suite from API designer and have the Marketing Department execute the tests In that suite to ensure they pass

  • A. Option D
  • B. Option A
  • C. Option C
  • D. Option B

Answer: A

 

NEW QUESTION 29
An organization has implemented a Customer Address API to retrieve customer address information. This API has been deployed to multiple environments and has been configured to enforce client IDs everywhere.
A developer is writing a client application to allow a user to update their address. The developer has found the Customer Address API in Anypoint Exchange and wants to use it in their client application.
What step of gaining access to the API can be performed automatically by Anypoint Platform?

  • A. Approve the client application request for the chosen SLA tier
  • B. Modify the client application to call the API using the client application's credentials
  • C. Request access to the appropriate API Instances deployed to multiple environments using the client application's credentials
  • D. Create a new application in Anypoint Exchange for requesting access to the API

Answer: C

 

NEW QUESTION 30
Refer to the exhibit.

What is a valid API in the sense of API-led connectivity and application networks?
A) Java RMI over TCP

B) Java RMI over TCP

C) CORBA over HOP

D) XML over UDP

  • A. Option D
  • B. Option A
  • C. Option C
  • D. Option B

Answer: A

 

NEW QUESTION 31
Refer to the exhibit.

Three business processes need to be implemented, and the implementations need to communicate with several different SaaS applications.
These processes are owned by separate (siloed) LOBs and are mainly independent of each other, but do share a few business entities. Each LOB has one development team and their own budget In this organizational context, what is the most effective approach to choose the API data models for the APIs that will implement these business processes with minimal redundancy of the data models?
A) Build several Bounded Context Data Models that align with coherent parts of the business processes and the definitions of associated business entities

B) Build distinct data models for each API to follow established micro-services and Agile API-centric practices

C) Build all API data models using XML schema to drive consistency and reuse across the organization

D) Build one centralized Canonical Data Model (Enterprise Data Model) that unifies all the data types from all three business processes, ensuring the data model is consistent and non-redundant

  • A. Option D
  • B. Option A
  • C. Option C
  • D. Option B

Answer: D

 

NEW QUESTION 32
An API implementation is deployed on a single worker on CloudHub and invoked by external API clients (outside of CloudHub).
How can an alert be set up that is guaranteed to trigger AS SOON AS that API implementation stops responding to API invocations?

  • A. Create an alert for when the API receives no requests within a specified time period.
  • B. Implement a heartbeat/health check within the API and invoke it from outside the Anypoint Platform and alert when the heartbeat does not respond.
  • C. Handle API invocation exceptions within the calling API client and raise an alert from that API client when the API is unavailable.
  • D. Configure a "worker not responding" alert in Anypoint Runtime Manager.

Answer: A

 

NEW QUESTION 33
What best explains the use of auto-discovery in API implementations?

  • A. It enables Anypoint Analytics to gain insight into the usage of APIs
  • B. It enables Anypoint Studio to discover API definitions configured in Anypoint Platform
  • C. It makes API Manager aware of API implementations and hence enables it to enforce policies
  • D. It enables Anypoint Exchange to discover assets and makes them available for reuse

Answer: B

 

NEW QUESTION 34
What API policy would LEAST likely be applied to a Process API?

  • A. Rate limiting
  • B. JSON threat protection
  • C. Client ID enforcement
  • D. Custom circuit breaker

Answer: D

 

NEW QUESTION 35
What API policy would LEAST likely be applied to a Process API?

  • A. Rate limiting
  • B. JSON threat protection
  • C. Client ID enforcement
  • D. Custom circuit breaker

Answer: D

Explanation:
Explanation/Reference: https://docs.mulesoft.com/api-manager/2.x/policy-mule3-provided-policies

 

NEW QUESTION 36
What is true about automating interactions with Anypoint Platform using tools such as Anypoint Platform REST APIs, Anypoint CLI, or the Mule Maven plugin?

  • A. By default, the Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications.
  • B. Access to Anypoint Platform APIs and Anypoint CLI can be controlled separately through the roles and permissions in Anypoint Platform, so that specific users can get access to Anypoint CLI while others get access to the platform APIs.
  • C. API policies can be applied to the Anypoint Platform APIs so that ONLY certain LOBs have access to specific functions.
  • D. Anypoint Platform APIs can ONLY automate interactions with CloudHub, while the Mule Maven plugin is required for deployment to customer-hosted Mule runtimes

Answer: A

 

NEW QUESTION 37
Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.

What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?

  • A. Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users
  • B. Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server
  • C. Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials
  • D. Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist

Answer: A

 

NEW QUESTION 38
An API implementation is deployed on a single worker on CloudHub and invoked by external API clients (outside of CloudHub). How can an alert be set up that is guaranteed to trigger AS SOON AS that API implementation stops responding to API invocations?

  • A. Configure a "worker not responding" alert in Anypoint Runtime Manager
  • B. Handle API invocation exceptions within the calling API client and raise an alert from that API client when the API Is unavailable
  • C. Create an alert for when the API receives no requests within a specified time period
  • D. Implement a heartbeat/health check within the API and invoke it from outside the Anypoint Platform and alert when the heartbeat does not respond

Answer: B

 

NEW QUESTION 39
Refer to the exhibit.

What is a valid API in the sense of API-led connectivity and application networks?

  • A. XML over UDP
  • B. XML over HTTP
  • C. CORBA over IIOP
  • D. Java RMI over TCP

Answer: B

 

NEW QUESTION 40
Refer to the exhibit.

what is true when using customer-hosted Mule runtimes with the MuleSoft-hosted Anypoint Platform control plane (hybrid deployment)?

  • A. Anypoint Runtime Manager initiates a network connection to a Mule runtime in order to deploy Mule applications
  • B. The MuleSoft-hosted Shared Load Balancer can be used to load balance API invocations to the Mule runtimes
  • C. API implementations can run successfully in customer-hosted Mule runtimes, even when they are unable to communicate with the control plane
  • D. Anypoint Runtime Manager automatically ensures HA in the control plane by creating a new Mule runtime instance in case of a node failure

Answer: D

 

NEW QUESTION 41
An organization is implementing a Quote of the Day API that caches today's quote.
What scenario can use the GoudHub Object Store via the Object Store connector to persist the cache's state?

  • A. When there are two CloudHub deployments of the API implementation by two Anypoint Platform business groups to the same CloudHub region that must share the cache state
  • B. When there are three CloudHub deployments of the API implementation to three separate CloudHub regions that must share the cache state
  • C. When there is one CloudHub deployment of the API implementation to three CloudHub workers that must share the cache state
  • D. When there is one deployment of the API implementation to CloudHub and anottV deployment to a customer-hosted Mule runtime that must share the cache state

Answer: D

 

NEW QUESTION 42
The responses to some HTTP requests can be cached depending on the HTTP verb used in the request.
According to the HTTP specification, for what HTTP verbs is this safe to do?

  • A. GET, HEAD, POST
  • B. GET, PUT, OPTIONS
  • C. PUT, POST, DELETE
  • D. GET, OPTIONS, HEAD

Answer: C

 

NEW QUESTION 43
Refer to the exhibit.

An organization uses one specific CloudHub (AWS) region for all CloudHub deployments.
How are CloudHub workers assigned to availability zones (AZs) when the organization's Mule applications are deployed to CloudHub in that region?

  • A. Workers belonging to a given environment are assigned to the same AZ within that region
  • B. AZs are selected as part of the Mule application's deployment configuration
  • C. Workers are randomly distributed across available AZs within that region
  • D. An AZ is randomly selected for a Mule application, and all the Mule application's CloudHub workers are assigned to that one AZ

Answer: D

 

NEW QUESTION 44
When designing an upstream API and its implementation, the development team has been advised to NOT set timeouts when invoking a downstream API, because that downstream API has no SLA that can be relied upon.
This is the only downstream API dependency of that upstream API.
Assume the downstream API runs uninterrupted without crashing. What is the impact of this advice?

  • A. An SLA for the upstream API CANNOT be provided
  • B. A toad-dependent timeout of less than 1000 ms will be applied by the Mule runtime in which the downstream API implementation executes
  • C. The invocation of the downstream API will run to completion without timing out
  • D. A default timeout of 500 ms will automatically be applied by the Mule runtime in which the upstream API implementation executes

Answer: D

 

NEW QUESTION 45
What do the API invocation metrics provided by Anypoint Platform provide?

  • A. Data on past API invocations to help identify anomalies and usage patterns across various APIs
  • B. Proactive identification of likely future policy violations that exceed a given threat threshold
  • C. Measurements of the effectiveness of the application network based on the level of reuse
  • D. ROI metrics from APIs that can be directly shared with business users

Answer: A

 

NEW QUESTION 46
......


MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 Certification Path

MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 exam is foundation level Certification. As such, there is no prerequisite for this course. Anyone who is having a keen interest and familiar with MuleSoft technology is well invited to pursue this certification.

 

Tested Material Used To MCPA-Level-1 Test Engine: https://www.prep4away.com/MuleSoft-certification/braindumps.MCPA-Level-1.ete.file.html

 

Related Blogs

more
MuleSoft MCPA-Level-1 Certification Practice Exam