Mulesoft MuleSoft Certified Platform Architect MCPA-LEVEL-1-MAINTENANCE Questions & Answers

• Question 11:

  What are 4 important Platform Capabilities offered by Anypoint Platform?

  A. API Versioning, API Runtime Execution and Hosting, API Invocation, API Consumer Engagement

  B. API Design and Development, API Runtime Execution and Hosting, API Versioning, API Deprecation

  C. API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement

  D. API Design and Development, API Deprecation, API Versioning, API Consumer Engagement

  Correct Answer: C

  API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement ***************************************** >> API Design and Development - Anypoint Studio, Anypoint Design Center, Anypoint Connectors >> API Runtime Execution and Hosting - Mule Runtimes, CloudHub, Runtime Services >> API Operations and Management - Anypoint API Manager, Anypoint Exchange >> API Consumer Management - API Contracts, Public Portals, Anypoint Exchange, API Notebooks

• Question 12:

  Due to a limitation in the backend system, a system API can only handle up to 500 requests per second. What is the best type of API policy to apply to the system API to avoid overloading the backend system?

  A. Rate limiting

  B. HTTP caching

  C. Rate limiting - SLA based

  D. Spike control

  Correct Answer: D

  Spike control

  *****************************************

  >> First things first, HTTP Caching policy is for purposes different than avoiding the backend system from overloading. So this is OUT.

  >> Rate Limiting and Throttling/ Spike Control policies are designed to limit API access, but have different intentions.

  >> Rate limiting protects an API by applying a hard limit on its access. >> Throttling/ Spike Control shapes API access by smoothing spikes in traffic.

  That is why, Spike Control is the right option.

• Question 13:

  What Mule application can have API policies applied by

  Anypoint Platform to the endpoint exposed by that Mule application?

  

  A. Option A

  B. Option B

  C. Option C

  D. Option D

  Correct Answer: A

  Option A ***************************************** >> Anypoint API Manager and API policies are applicable to all types of HTTP/1.x APIs. >> They are not applicable to WebSocket APIs, HTTP/2 APIs and gRPC APIs

  Reference: https://docs.mulesoft.com/api-manager/2.x/using-policies

• Question 14:

  Refer to the exhibit.

  

  What is a valid API in the sense of API-led connectivity and application networks?

  

  A. Option A

  B. Option B

  C. Option C

  D. Option D

  Correct Answer: D

  XML over HTTP ***************************************** >> API-led connectivity and Application Networks urge to have the APIs on HTTP based protocols for building most effective APIs and networks on top of them. >> The HTTP based APIs allow the platform to apply various varities of policies to address many NFRs >> The HTTP based APIs also allow to implement many standard and effective implementation patterns that adhere to HTTP based w3c rules.

  

• Question 15:

  An organization has created an API-led architecture that uses various API layers to integrate mobile clients with a backend system. The backend system consists of a number of specialized components and can be accessed via a REST API. The process and experience APIs share the same bounded-context model that is different from the backend data model. What additional canonical models, bounded-context models, or anti-corruption layers are best added to this architecture to help process data consumed from the backend system?

  A. Create a bounded-context model for every layer and overlap them when the boundary contexts overlap, letting API developers know about the differences between upstream and downstream data models

  B. Create a canonical model that combines the backend and API-led models to simplify and unify data models, and minimize data transformations.

  C. Create a bounded-context model for the system layer to closely match the backend data model, and add an anti-corruption layer to let the different bounded contexts cooperate across the system and process layers

  D. Create an anti-corruption layer for every API to perform transformation for every data model to match each other, and let data simply travel between APIs to avoid the complexity and overhead of building canonical models

  Correct Answer: C

  Create a bounded-context model for the system layer to closely match the backend data model, and add an anti-corruption layer to let the different bounded contexts cooperate across the system and process layers ***************************************** >> Canonical models are not an option here as the organization has already put in efforts and created bounded-context models for Experience and Process APIs. >> Anti-corruption layers for ALL APIs is unnecessary and invalid because it is mentioned that experience and process APIs share same bounded-context model. It is just the System layer APIs that need to choose their approach now. >> So, having an anti-corruption layer just between the process and system layers will work well. Also to speed up the approach, system APIs can mimic the backend system data model.

• Question 16:

  An organization has implemented a Customer Address API to retrieve customer address information. This API has been deployed to multiple environments and has been configured to enforce client IDs everywhere.

  A developer is writing a client application to allow a user to update their address. The developer has found the Customer Address API in Anypoint Exchange and wants to use it in their client application.

  What step of gaining access to the API can be performed automatically by Anypoint Platform?

  A. Approve the client application request for the chosen SLA tier

  B. Request access to the appropriate API Instances deployed to multiple environments using the client application's credentials

  C. Modify the client application to call the API using the client application's credentials

  D. Create a new application in Anypoint Exchange for requesting access to the API

  Correct Answer: A

  Approve the client application request for the chosen SLA tier ***************************************** >> Only approving the client application request for the chosen SLA tier can be automated >> Rest of the provided options are not valid Reference: https://docs.mulesoft.com/api-manager/2.x/defining-sla-tiers#defining-a-tier

• Question 17:

  The application network is recomposable: it is built for change because it "bends but does not break"

  A. TRUE

  B. FALSE

  Correct Answer: A

  ***************************************** >> Application Network is a disposable architecture. >> Which means, it can be altered without disturbing entire architecture and its components. >> It bends as per requirements or design changes but does not break Reference: https://www.mulesoft.com/resources/api/what-is-an-application-network

• Question 18:

  Mule applications that implement a number of REST APIs are deployed to their own subnet that is inaccessible from outside the organization.

  External business-partners need to access these APIs, which are only allowed to be invoked from a separate subnet dedicated to partners - called Partner-subnet. This subnet is accessible from the public internet, which allows these external partners to reach it.

  Anypoint Platform and Mule runtimes are already deployed in Partner-subnet. These Mule runtimes can already access the APIs.

  What is the most resource-efficient solution to comply with these requirements, while having the least impact on other applications that are currently using the APIs?

  A. Implement (or generate) an API proxy Mule application for each of the APIs, then deploy the API proxies to the Mule runtimes

  B. Redeploy the API implementations to the same servers running the Mule runtimes

  C. Add an additional endpoint to each API for partner-enablement consumption

  D. Duplicate the APIs as Mule applications, then deploy them to the Mule runtimes

  Correct Answer: A

• Question 19:

  What correctly characterizes unit tests of Mule applications?

  A. They test the validity of input and output of source and target systems

  B. They must be run in a unit testing environment with dedicated Mule runtimes for the environment

  C. They must be triggered by an external client tool or event source

  D. They are typically written using MUnit to run in an embedded Mule runtime that does not require external connectivity

  Correct Answer: D

  They are typically written using MUnit to run in an embedded Mule runtime that does not require external connectivity.

  *****************************************

  Below TWO are characteristics of Integration Tests but NOT unit tests:

  >> They test the validity of input and output of source and target systems. >> They must be triggered by an external client tool or event source. It is NOT TRUE that Unit Tests must be run in a unit testing environment with dedicated Mule

  runtimes for the environment.

  MuleSoft offers MUnit for writing Unit Tests and they run in an embedded Mule Runtime without needing any separate/ dedicated Runtimes to execute them. They also do NOT need any external connectivity as MUnit supports mocking via

  stubs.

  https://dzone.com/articles/munit-framework

• Question 20:

  An API experiences a high rate of client requests (TPS) vwth small message paytoads. How can usage limits be imposed on the API based on the type of client application?

  A. Use an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type

  B. Use a spike control policy that limits the number of requests for each client application type

  C. Use a cross-origin resource sharing (CORS) policy to limit resource sharing between client applications, configured by the client application type

  D. Use a rate limiting policy and a client ID enforcement policy, each configured by the client application type

  Correct Answer: A

  Use an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type.

  *****************************************

  >> SLA tiers will come into play whenever any limits to be imposed on APIs based on client type

  Reference: https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling-sla- based-policies