Quality MCPA-Level-1 PDF Dumps - MCPA-Level-1 Exam Questions
Most UptoDate MuleSoft MCPA-Level-1 Exam Dumps PDF 2022
Difficulty in Writing MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 Exam
MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 is a prestigious certification one could be graced with. But adverse to the general notion certifying with MuleSoft is not that challenging if the candidates have utilized proper study preparation material to pass the MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 exam with good grades. 2Pass4sure consist of the foremost phenomenal and noteworthy questions answers and description that contents the complete course. Certification questions have a brilliant mcpa-Level 1 exam dumps pdf with most recent and important questions and answers in PDF files. 2Pass4sure are sure about the exactness and legitimacy of mcpa-level-1 exam dumps which are getting validated by our MuleSoft certified experts. Candidates can easily pass the MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 exam and get MuleSoft certification. These exam dumps are viewed as the best source to understand the MuleSoft MCPA - Level 1: MuleSoft Certified Platform Architect - Level 1 well by simply pursuing examples questions and answers. If the candidate will practice the exam with mcpa-level-1 exam dumps along with self-assessment to get the proper idea on MuleSoft accreditation and to crack the certification exam.
NEW QUESTION 51
A Mule application exposes an HTTPS endpoint and is deployed to the CloudHub Shared Worker Cloud. All traffic to that Mule application must stay inside the AWS VPC.
To what TCP port do API invocations to that Mule application need to be sent?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
Explanation:
Explanation
https://help.mulesoft.com/s/question/0D52T00004mXXULSA4/multiple-http-listerners-on-cloudhub-one-with-p
NEW QUESTION 52
How can the application of a rate limiting API policy be accurately reflected in the RAML definition of an API?
- A. By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example
- B. By refining the resource definitions by adding a description of the rate limiting policy behavior
- C. By refining the response definitions by adding the out-of-the-box Anypoint Platform rate-limit-enforcement securityScheme with description, type, and example
- D. By refining the request definitions by adding a remaining Requests query parameter with description, type, and example
Answer: A
NEW QUESTION 53
A System API is designed to retrieve data from a backend system that has scalability challenges. What API policy can best safeguard the backend system?
- A. IPwhitelist
- B. Auth 2 token enforcement
- C. Client ID enforcement
- D. SLA-based rate limiting
Answer: D
Explanation:
Explanation
https://dzone.com/articles/how-to-secure-apis
NEW QUESTION 54
What is true about automating interactions with Anypoint Platform using tools such as Anypoint Platform REST APIs, Anypoint CU, or the Mule Maven plugin?
- A. Access to Anypoint Platform APIs and Anypoint CU can be controlled separately through the roles and permissions in Anypoint Platform, so that specific users can get access to Anypoint CLI white others get access to the platform APIs
- B. Anypoint Platform APIs can ONLY automate interactions with CloudHub, while the Mule Maven plugin is required for deployment to customer-hosted Mule runtimes
- C. By default, the Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications
- D. API policies can be applied to the Anypoint Platform APIs so that ONLY certain LOBs have access to specific functions
Answer: C
NEW QUESTION 55
A Mule application exposes an HTTPS endpoint and is deployed to the CloudHub Shared Worker Cloud. All traffic to that Mule application must stay inside the AWS VPC.
To what TCP port do API invocations to that Mule application need to be sent?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
NEW QUESTION 56
An API implementation is deployed to CloudHub.
What conditions can be alerted on using the default Anypoint Platform functionality, where the alert conditions depend on the end-to-end request processing of the API implementation?
- A. When the API receives a very high number of API invocations
- B. When a particular API client invokes the API too often within a given time period
- C. When the response time of API invocations exceeds a threshold
- D. When the API is invoked by an unrecognized API client
Answer: C
NEW QUESTION 57
What are the major benefits of MuleSoft proposed IT Operating Model?
- A. 1. Decrease the IT delivery gap
2. Meet various business demands without increasing the IT capacity
3. Focus on creation of reusable assets first. Upon finishing creation of all the possible assets then inform the LOBs in the organization to start using them - B. 1. Decrease the IT delivery gap
2. Meet various business demands without increasing the IT capacity
3. Make consumption of assets at the rate of production - C. 1. Decrease the IT delivery gap
2. Meet various business demands by increasing the IT capacity and forming various IT departments
3. Make consumption of assets at the rate of production
Answer: B
Explanation:
Correct answer:
1. Decrease the IT delivery gap
2. Meet various business demands without increasing the IT capacity
3. Make consumption of assets at the rate of production.
*****************************************
Reference:

NEW QUESTION 58
A retail company is using an Order API to accept new orders. The Order API uses a JMS queue to submit orders to a backend order management service. The normal load for orders is being handled using two (2) CloudHub workers, each configured with 0.2 vCore. The CPU load of each CloudHub worker normally runs well below 70%. However, several times during the year the Order API gets four times (4x) the average number of orders. This causes the CloudHub worker CPU load to exceed 90% and the order submission time to exceed 30 seconds. The cause, however, is NOT the backend order management service, which still responds fast enough to meet the response SLA for the Order API. What is the MOST resource-efficient way to configure the Mule application's CloudHub deployment to help the company cope with this performance challenge?
- A. Permanently increase the number of CloudHub workers by four times (4x) to eight (8) CloudHub workers
- B. Use a horizontal CloudHub autoscaling policy that triggers on CPU utilization greater than 70%
- C. Use a vertical CloudHub autoscaling policy that triggers on CPU utilization greater than 70%
- D. Permanently increase the size of each of the two (2) CloudHub workers by at least four times (4x) to one (1) vCore
Answer: B
Explanation:
Correct answer: Use a horizontal CloudHub autoscaling policy that triggers on CPU utilization greater than 70%
*****************************************
The scenario in the question is very clearly stating that the usual traffic in the year is pretty well handled by the existing worker configuration with CPU running well below 70%. The problem occurs only "sometimes" occasionally when there is spike in the number of orders coming in.
So, based on above, We neither need to permanently increase the size of each worker nor need to permanently increase the number of workers. This is unnecessary as other than those "occasional" times the resources are idle and wasted.
We have two options left now. Either to use horizontal Cloudhub autoscaling policy to automatically increase the number of workers or to use vertical Cloudhub autoscaling policy to automatically increase the vCore size of each worker.
Here, we need to take two things into consideration:
1. CPU
2. Order Submission Rate to JMS Queue
>> From CPU perspective, both the options (horizontal and vertical scaling) solves the issue. Both helps to bring down the usage below 90%.
>> However, If we go with Vertical Scaling, then from Order Submission Rate perspective, as the application is still being load balanced with two workers only, there may not be much improvement in the incoming request processing rate and order submission rate to JMS queue. The throughput would be same as before. Only CPU utilization comes down.
>> But, if we go with Horizontal Scaling, it will spawn new workers and adds extra hand to increase the throughput as more workers are being load balanced now. This way we can address both CPU and Order Submission rate.
Hence, Horizontal CloudHub Autoscaling policy is the right and best answer.
NEW QUESTION 59
How are an API implementation, API client, and API consumer combined to invoke and process an API?
- A. The API consumer creates an API implementation, which receives API invocations from an API such that they are processed for an API client
- B. The ApI consumer creates an API client, which sends API invocations to an API such that they are processed by an API implementation
- C. The API client creates an API consumer, which receives API invocations from an API such that they are processed for an API implementation
- D. The ApI client creates an API consumer, which sends API invocations to an API such that they are processed by an API implementation
Answer: B
Explanation:
Correct answer: The API consumer creates an API client, which sends API invocations to an API such that they are processed by an API implementation
*****************************************
Terminology:
>> API Client - It is a piece of code or program the is written to invoke an API
>> API Consumer - An owner/entity who owns the API Client. API Consumers write API clients.
>> API - The provider of the API functionality. Typically an API Instance on API Manager where they are managed and operated.
>> API Implementation - The actual piece of code written by API provider where the functionality of the API is implemented. Typically, these are Mule Applications running on Runtime Manager.
NEW QUESTION 60
An organization has implemented a Customer Address API to retrieve customer address information. This API has been deployed to multiple environments and has been configured to enforce client IDs everywhere.
A developer is writing a client application to allow a user to update their address. The developer has found the Customer Address API in Anypoint Exchange and wants to use it in their client application.
What step of gaining access to the API can be performed automatically by Anypoint Platform?
- A. Approve the client application request for the chosen SLA tier
- B. Create a new application in Anypoint Exchange for requesting access to the API
- C. Modify the client application to call the API using the client application's credentials
- D. Request access to the appropriate API Instances deployed to multiple environments using the client application's credentials
Answer: D
NEW QUESTION 61
An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.
The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.
What out-of-the-box Anypoint Platform policy can address exposure to this threat?
- A. Apply a Header injection and removal policy that detects the malicious data before it is used
- B. Shut out bad actors by using HTTPS mutual authentication for all API invocations
- C. Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors
- D. Apply a JSON threat protection policy to all APIs to detect potential threat vectors
Answer: D
Explanation:
Correct answer: Apply a JSON threat protection policy to all APIs to detect potential threat vectors
*****************************************
>> Usually, if the APIs are designed and developed for specific consumers (known consumers/customers) then we would IP Whitelist the same to ensure that traffic only comes from them.
>> However, as this scenario states that the APIs are publicly available and being used by so many mobile and web applications, it is NOT possible to identify and blacklist all possible bad actors.
>> So, JSON threat protection policy is the best chance to prevent any bad JSON payloads from such bad actors.
NEW QUESTION 62
What Mule application deployment scenario requires using Anypoint Platform Private Cloud Edition or Anypoint Platform for Pivotal Cloud Foundry?
- A. When it is required that ALL APIs are private and NOT exposed to the public cloud
- B. When regulatory requirements mandate on-premises processing of EVERY data item, including meta-data
- C. When it Is required to make ALL applications highly available across multiple data centers
- D. When ALL backend systems in the application network are deployed in the organization's intranet
Answer: B
NEW QUESTION 63
An API implementation is being designed that must invoke an Order API, which is known to repeatedly experience downtime.
For this reason, a fallback API is to be called when the Order API is unavailable.
What approach to designing the invocation of the fallback API provides the best resilience?
- A. Search Anypoint Exchange for a suitable existing fallback API, and then implement invocations to this fallback API in addition to the Order API
- B. Set an option in the HTTP Requester component that invokes the Order API to instead invoke a fallback API whenever an HTTP 4xx or 5xx response status code is returned from the Order API
- C. Create a separate entry for the Order API in API Manager, and then invoke this API as a fallback API if the primary Order API is unavailable
- D. Redirect client requests through an HTTP 307 Temporary Redirect status code to the fallback API whenever the Order API is unavailable
Answer: A
NEW QUESTION 64
Mule applications that implement a number of REST APIs are deployed to their own subnet that is inaccessible from outside the organization.
External business-partners need to access these APIs, which are only allowed to be invoked from a separate subnet dedicated to partners - called Partner-subnet. This subnet is accessible from the public internet, which allows these external partners to reach it.
Anypoint Platform and Mule runtimes are already deployed in Partner-subnet. These Mule runtimes can already access the APIs.
What is the most resource-efficient solution to comply with these requirements, while having the least impact on other applications that are currently using the APIs?
- A. Redeploy the API implementations to the same servers running the Mule runtimes
- B. Implement (or generate) an API proxy Mule application for each of the APIs, then deploy the API proxies to the Mule runtimes
- C. Add an additional endpoint to each API for partner-enablement consumption
- D. Duplicate the APIs as Mule applications, then deploy them to the Mule runtimes
Answer: B
NEW QUESTION 65
What is a key requirement when using an external Identity Provider for Client Management in Anypoint Platform?
- A. The application network must include System APIs that interact with the Identity Provider
- B. To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider
- C. Single sign-on is required to sign in to Anypoint Platform
- D. APIs managed by Anypoint Platform must be protected by SAML 2.0 policies
Answer: B
Explanation:
https://www.folkstalk.com/2019/11/mulesoft-integration-and-platform.html Explanation:
Correct answer: To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider
*****************************************
>> It is NOT necessary that single sign-on is required to sign in to Anypoint Platform because we are using an external Identity Provider for Client Management
>> It is NOT necessary that all APIs managed by Anypoint Platform must be protected by SAML 2.0 policies because we are using an external Identity Provider for Client Management
>> Not TRUE that the application network must include System APIs that interact with the Identity Provider because we are using an external Identity Provider for Client Management Only TRUE statement in the given options is - "To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider" References:
https://docs.mulesoft.com/api-manager/2.x/external-oauth-2.0-token-validation-policy
https://blogs.mulesoft.com/dev/api-dev/api-security-ways-to-authenticate-and-authorize/
NEW QUESTION 66
How can the application of a rate limiting API policy be accurately reflected in the RAML definition of an API?
- A. By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example
- B. By refining the resource definitions by adding a description of the rate limiting policy behavior
- C. By refining the response definitions by adding the out-of-the-box Anypoint Platform rate-limit-enforcement securityScheme with description, type, and example
- D. By refining the request definitions by adding a remaining Requests query parameter with description, type, and example
Answer: A
Explanation:
Correct answer: By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example
*****************************************
References:
https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling#response-headers
https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling-sla-based-policies#response-headers
NEW QUESTION 67
What Mule application can have API policies applied by
Anypoint Platform to the endpoint exposed by that Mule application?
A) A Mule application that accepts requests over HTTP/1.x
B) A Mule application that accepts JSON requests over TCP but is NOT required to provide a response
C) A Mute application that accepts JSON requests over WebSocket
D) A Mule application that accepts gRPC requests over HTTP/2
- A. Option D
- B. Option C
- C. Option B
- D. Option A
Answer: D
Explanation:
Correct answer: Option A
*****************************************
>> Anypoint API Manager and API policies are applicable to all types of HTTP/1.x APIs.
>> They are not applicable to WebSocket APIs, HTTP/2 APIs and gRPC APIs
NEW QUESTION 68
What best describes the Fully Qualified Domain Names (FQDNs), also known as DNS entries, created when a Mule application is deployed to the CloudHub Shared Worker Cloud?
- A. The FQDNs are determined by the application name, but can be modified by an administrator after deployment
- B. The FQDNs are determined by both the application name and the Anypoint Platform organization
- C. A fixed number of FQDNs are created, IRRESPECTIVE of the environment and VPC design
- D. The FQDNs are determined by the application name chosen, IRRESPECTIVE of the region
Answer: D
Explanation:
Correct answer: The FQDNs are determined by the application name chosen, IRRESPECTIVE of the region
*****************************************
>> When deploying applications to Shared Worker Cloud, the FQDN are always determined by application name chosen.
>> It does NOT matter what region the app is being deployed to.
>> Although it is fact and true that the generated FQDN will have the region included in it (Ex: exp-salesorder-api.au-s1.cloudhub.io), it does NOT mean that the same name can be used when deploying to another CloudHub region.
>> Application name should be universally unique irrespective of Region and Organization and solely determines the FQDN for Shared Load Balancers.
NEW QUESTION 69
An API implementation is deployed on a single worker on CloudHub and invoked by external API clients (outside of CloudHub). How can an alert be set up that is guaranteed to trigger AS SOON AS that API implementation stops responding to API invocations?
- A. Handle API invocation exceptions within the calling API client and raise an alert from that API client when the API Is unavailable
- B. Implement a heartbeat/health check within the API and invoke it from outside the Anypoint Platform and alert when the heartbeat does not respond
- C. Configure a "worker not responding" alert in Anypoint Runtime Manager
- D. Create an alert for when the API receives no requests within a specified time period
Answer: A
NEW QUESTION 70
Refer to the exhibit.
What is the best way to decompose one end-to-end business process into a collaboration of Experience, Process, and System APIs?
A) Handle customizations for the end-user application at the Process API level rather than the Experience API level
B) Allow System APIs to return data that is NOT currently required by the identified Process or Experience APIs
C) Always use a tiered approach by creating exactly one API for each of the 3 layers (Experience, Process and System APIs)
D) Use a Process API to orchestrate calls to multiple System APIs, but NOT to other Process APIs
- A. Option C
- B. Option D
- C. Option B
- D. Option A
Answer: A
NEW QUESTION 71
The implementation of a Process API must change.
What is a valid approach that minimizes the impact of this change on API clients?
- A. Update the RAML definition of the current Process API and notify API client developers by sending them links to the updated RAML definition
- B. Implement the Process API changes in a new API implementation, and have the old API implementation return an HTTP status code 301 - Moved Permanently to inform API clients they should be calling the new API implementation
- C. Postpone changes until API consumers acknowledge they are ready to migrate to a new Process API or API version
- D. Implement required changes to the Process API implementation so that whenever possible, the Process API's RAML definition remains unchanged
Answer: A
NEW QUESTION 72
What should be ensured before sharing an API through a public Anypoint Exchange portal?
- A. The users needing access to the API should be added to the appropriate role in Anypoint Platform
- B. The API should be functional with at least an initial implementation deployed and accessible for users to interact with
- C. The API should be secured using one of the supported authentication/authorization mechanisms to ensure that data is not compromised
- D. The visibility level of the API instances of that API that need to be publicly accessible should be set to public visibility
Answer: C
NEW QUESTION 73
A Mule application exposes an HTTPS endpoint and is deployed to the CloudHub Shared Worker Cloud. All traffic to that Mule application must stay inside the AWS VPC.
To what TCP port do API invocations to that Mule application need to be sent?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: A
Explanation:
Correct answer: 8082
*****************************************
>> 8091 and 8092 ports are to be used when keeping your HTTP and HTTPS app private to the LOCAL VPC respectively.
>> Above TWO ports are not for Shared AWS VPC/ Shared Worker Cloud.
>> 8081 is to be used when exposing your HTTP endpoint app to the internet through Shared LB
>> 8082 is to be used when exposing your HTTPS endpoint app to the internet through Shared LB So, API invocations should be sent to port 8082 when calling this HTTPS based app.
References:
https://docs.mulesoft.com/runtime-manager/cloudhub-networking-guide
https://help.mulesoft.com/s/article/Configure-Cloudhub-Application-to-Send-a-HTTPS-Request-Directly-to-Another-Cloudhub-Application
https://help.mulesoft.com/s/question/0D52T00004mXXULSA4/multiple-http-listerners-on-cloudhub-one-with-port-9090
NEW QUESTION 74
Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.
What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?
- A. Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users
- B. Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials
- C. Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist
- D. Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server
Answer: B
NEW QUESTION 75
......
100% Free MuleSoft Certified Platform Architect MCPA-Level-1 Dumps PDF Demo Cert Guide Cover: https://www.2pass4sure.com/MuleSoft-Certified-Platform-Architect/MCPA-Level-1-actual-exam-braindumps.html