A leading eCommerce giant will use MuleSoft APIs on Runtime Fabric (RTF) to process customer orders. Some customer-sensitive information, such as credit card information, is required in request payloads or is included in response payloads in some of the APIs. Other API requests and responses are not authorized to access some of this customer-sensitive information but have been implemented to validate and transform based on the structure and format of this customer-sensitive information (such as account IDs, phone numbers, and postal codes).
What approach configures an API gateway to hide sensitive data exchanged between API consumers and API implementations, but can convert tokenized fields back to their original value for other API requests or responses, without having to recode the API implementations?
Later, the project team requires all API specifications to be augmented with an additional non-functional requirement (NFR) to protect the backend services from a high rate of requests, according to defined service-level agreements (SLAs). The NFR's SLAs are based on a new tiered subscription level "Gold", "Silver", or "Platinum" that must be tied to a new parameter that is being added to the Accounts object in their enterprise data model.
Following MuleSoft's recommended best practices, how should the project team now convey the necessary non-functional requirement to stakeholders?
A. Create and deploy API proxies in API Manager for the NFR, change the baseurl in each API specification to the corresponding API proxy implementation endpoint, and publish each modified API specification to Exchange B. Update each API specification with comments about the NFR's SLAs and publish each modified API specification to Exchange C. Update each API specification with a shared RAML fragment required to implement the NFR and publish the RAML fragment and each modified API specification to Exchange D. Create a shared RAML fragment required to implement the NFR, list each API implementation endpoint in the RAML fragment, and publish the RAML fragment to Exchange
C. Update each API specification with a shared RAML fragment required to implement the NFR and publish the RAML fragment and each modified API specification to Exchange
Explanation/Reference:
To convey the necessary non-functional requirement (NFR) related to protecting backend services from a high rate of requests according to SLAs, the following steps should be taken:
Create a Shared RAML Fragment: Develop a RAML fragment that defines the NFR, including the SLAs for different subscription levels ("Gold", "Silver", "Platinum"). This fragment should include the details on rate limiting and throttling based
on the new parameter added to the Accounts object.
Update API Specifications: Integrate the shared RAML fragment into each API specification. This ensures that the NFR is consistently applied across all relevant APIs. Publish to Exchange: Publish the updated API specifications and the
shared RAML fragment to Anypoint Exchange. This makes the NFR visible and accessible to all stakeholders and developers, ensuring compliance and implementation consistency.
This approach ensures that the NFR is clearly communicated and applied uniformly across all API implementations.
References:
MuleSoft Documentation on RAML and API Specifications
Best Practices for API Design and Documentation
Question 62:
A finance giant is planning to migrate all its Mule applications to Runtime fabric (RTF). Currently all Mule applications are deployed cloud hub using automated CI/CD scripts.
As an integration architect, which of the below step would you suggest to ensure that the applications from cloudhub are migrated properly to Runtime Fabric (RTF) with an assumption that organization is keen on keeping the same deployment strategy.
A. No changes need to be made to POM.xml file and CI/CD script should be modified as per the RTF configurations B. runtimeFabric dependency should be added as a mule plug-in to POM.xml file and CI/CD script should be modified as per the RTF configurations C. runtimeFabric deployment should be added to POM.xml file in all the mule applications and CI/CD script should be modified as per the RTF configurations D. runtimeFabric profile should be added mule configuration files in the mule applications and CI/CD script should be modified as per the RTF configurations
C. runtimeFabric deployment should be added to POM.xml file in all the mule applications and CI/CD script should be modified as per the RTF configurations
Explanation/Reference:
To migrate Mule applications from CloudHub to Runtime Fabric (RTF) while maintaining the same deployment strategy using CI/CD, follow these steps:
POM.xml Modification: Update the POM.xml file of each Mule application to include runtimeFabric deployment configurations. This ensures that the applications are packaged and prepared correctly for deployment to RTF. CI/CD Script
Adjustments: Modify the existing CI/CD scripts to accommodate RTF-specific deployment commands and configurations. This includes updating the deployment targets and parameters to match the RTF environment. Deployment Strategy:
Ensure that the CI/CD pipeline remains consistent with the organization's existing strategy, but with the necessary changes to support RTF. This might involve using Anypoint CLI or API to interact with RTF. By updating the POM.xml and CI/
CD scripts, you can ensure a smooth transition from CloudHub to RTF while retaining the automated deployment process.
References:
MuleSoft Runtime Fabric
Mule Maven Plugin
Question 63:
An organization plans to extend its Mule APIs to the EU (Frankfurt) region.
Currently, all Mule applications are deployed to CloudHub 1.0 in the default North American region, from the North America control plane, following this naming convention: {API-name}--{environment} (for example, Orderssapi--dev, Orderssapi---qa, Orders-sapi---prod, etc.).
There is no network restriction to block communications between APIs.
What strategy should be implemented in order to deploy the same Mule APIs to the CloudHub 1.0 EU region from the North America control plane,
as well as to minimize latency between APIs and target users and systems in Europe?
A. In Runtime Manager, for each Mule application deployment, set the Region property to EU (Frankfurt) and reuse the same Mule application mame as in the North American region. Communicate the new urls {API-name}--{environment}.de-ci.cloudhub.io to the consuming API clients In Europe. B. In API Manager, set the Region property to EU (Frankfurt) to create an API proxy named {API-name}--proxy--{environment} for each Mule application. Communicate the new url {API-name}--proxy--{environment}.de-c1.cloudhub.io to the consuming API clients In Europe. C. In Runtime Manager, for each Mule application deployment, leave the Region property blank (default) and change the Mule application name to {API-name}--{environment).de-cl. Communicate the new urls {API-name}--{environment}.de-ci1.cloudhub.io to the consuming API clients in Europe. D. In API Manager, leave the Region property blank (default) to deploy an API proxy named {API-name}~proxy~-(environment}.de-cl for each Mule application. Communicate the new url {API-name}--proxy--{environment}.de-cl.cloudhub.io to the consuming API clients in Europe.
A. In Runtime Manager, for each Mule application deployment, set the Region property to EU (Frankfurt) and reuse the same Mule application mame as in the North American region. Communicate the new urls {API-name}--{environment}.de-ci.cloudhub.io to the consuming API clients In Europe.
Set Region Property: In Runtime Manager, for each Mule application deployment, set the Region property to EU (Frankfurt). This deploys the application to the desired region, optimizing performance for European users. Reuse Application
Names: Keep the same Mule application names as used in the North American region. This approach maintains consistency and simplifies management. Communicate New URLs: Inform the consuming API clients in Europe of the new URLs
in the format {API-name}--{environment}.de-ci.cloudhub.io. These URLs will direct the clients to the applications deployed in the EU region, ensuring reduced latency and improved performance.
This strategy effectively deploys the same Mule APIs to the CloudHub EU region, leveraging the existing control plane in North America.
Question 64:
An API implementation is being developed to expose data from a production database via HTTP requests. The API implementation executes a database SELECT statement that is dynamically created based upon data received from each incoming HTTP request. The developers are planning to use various types of testing to make sure the Mule application works as expected, can handle specific workloads, and behaves correctly from an API consumer perspective.
What type of testing would typically mock the results from each SELECT statement rather than actually execute it in the production database?
A. Unit testing (white box) B. Integration testing C. Functional testing (black box) D. Performance testing
A. Unit testing (white box)
Explanation/Reference:
In Unit testing instead of using actual backends, stubs are used for the backend services. This ensures that developers are not blocked and have no dependency on other systems. In Unit testing instead of using actual backends, stubs are used for the backend services. This ensures that developers are not blocked and have no dependency on other systems. Below are the typical characteristics of unit testing. --Unit tests do not require deployment into any special environment, such as a staging environment --Unit tests san be run from within an embedded Mule runtime --Unit tests can/should be implemented using MUnit --For read-only interactions to any dependencies (such as other APIs): allowed to invoke production endpoints --For write interactions: developers must implement mocks using MUnit --Require knowledge of the implementation details of the API implementation under test
Question 65:
An organization has deployed both Mule and non-Mule API implementations to integrate its customer and order management systems. All the APIs are available to REST clients on the public internet.
The organization wants to monitor these APIs by running health checks: for example, to determine if an API can properly accept and process requests. The organization does not have subscriptions to any external monitoring tools and also does not want to extend its IT footprint.
What Anypoint Platform feature provides the most idiomatic (used for its intended purpose) way to monitor the availability of both the Mule and the non-Mule API implementations?
A. API Functional Monitoring B. Runtime Manager C. API Manager D. Anypoint Visualizer
D. Anypoint Visualizer
Explanation/Reference:
Reference: https://docs.mulesoft.com/visualizer/
Question 66:
As a part of business requirement , old CRM system needs to be integrated using Mule application. CRM system is capable of exchanging data only via SOAP/HTTP protocol. As an integration architect who follows API led approach , what is the the below step you will perform so that you can share document with CRM team?
A. Create RAML specification using Design Center B. Create SOAP API specification using Design Center C. Create WSDL specification using text editor D. Create WSDL specification using Design Center
C. Create WSDL specification using text editor
Explanation/Reference:
Correct answer is Create WSDL specification using text editor SOAP services are specified using WSDL. A client program connecting to a web service can read the WSDL to determine what functions are available on the server. We can not create WSDL specification in Design Center. We need to use external text editor to create WSDL.
Question 67:
Refer to the exhibit.
What is the type data format shown in the exhibit?
A. JSON B. XML C. YAML D. CSV
C. YAML
Explanation/Reference:
The data format shown in the exhibit is YAML (YAML Ain't Markup Language). YAML is a human-readable data serialization standard that is commonly used for configuration files and data exchange between languages with different data structures. In the exhibit, the indentation and the use of colons to define key-value pairs are characteristic of YAML. JSON (JavaScript Object Notation) and XML (eXtensible Markup Language) have different syntax structures, and CSV (Comma-Separated Values) is a flat file format that uses commas to separate values. The format shown in the exhibit fits the structure and style of YAML. References: YAML Specification Documentation MuleSoft Documentation on Supported Data Formats
Question 68:
A high-volume eCommerce retailer receives thousands of orders per hour and requires notification of its order management, warehouse, and billing system for subsequent processing within 15 minutes of order submission through its website.
Which integration technology, when used for its typical and intended purpose, meets the retailer's requirements for this use case?
A. Managed File Transfer (MFT) B. Publish/Subscriber Messaging Bus (Pub/Sub) C. Enterprise Data Warehouse (EDW) D. Extract Transform Load (ETL)
B. Publish/Subscriber Messaging Bus (Pub/Sub)
Explanation/Reference:
The Publish/Subscriber Messaging Bus (Pub/Sub) model is well-suited for high-volume, real-time communication and notification requirements. In this scenario, the retailer needs to notify its order management, warehouse, and billing
systems within 15 minutes of order submission. Pub/Sub messaging systems enable asynchronous communication where messages (orders) are published to a topic and multiple subscribers (order management, warehouse, billing systems)
receive notifications simultaneously. This decouples the systems and ensures that each subscriber receives the message promptly for subsequent processing.
References:
Understanding Pub/Sub Messaging
MuleSoft's Approach to Event-Driven Architecture
Question 69:
What approach configures an API gateway to hide sensitive data exchanged between API consumers and API implementations, but can convert tokenized fields back to their original value for other API requests or responses, without having to recode the API implementations?
A. Create both masking and tokenization formats and use both to apply a tokenization policy in an API gateway to mask sensitive values in message payloads withcharacters, and apply a corresponding detokenization policy to return the original values to other APIs B. Create a masking format and use it to apply a tokenization policy in an API gateway to mask sensitive values in message payloads with characters, and apply a corresponding detokenization policy to return the original values to other APIs C. Use a field-level encryption policy in an API gateway to replace sensitive fields in message payload with encrypted values, and apply a corresponding field-level decryption policy to return the original values to other APIs D. Create a tokenization format and use it to apply a tokenization policy in an API gateway to replace sensitive fields in message payload with similarly formatted tokenized values, and apply a corresponding detokenization policy to return the original values to other APIs
D. Create a tokenization format and use it to apply a tokenization policy in an API gateway to replace sensitive fields in message payload with similarly formatted tokenized values, and apply a corresponding detokenization policy to return the original values to other APIs
Explanation/Reference:
To hide sensitive data exchanged between API consumers and API implementations while allowing the conversion of tokenized fields back to their original values for other API requests or responses, the best approach is to use tokenization.
This involves:
Tokenization Format: Create a tokenization format that will be used to apply a tokenization policy in the API gateway. This format ensures that sensitive fields in message payloads are replaced with tokenized values that maintain a similar
format, making them less recognizable as sensitive data.
Tokenization Policy: Apply a tokenization policy in the API gateway that replaces sensitive data with tokenized values.
Detokenization Policy: Apply a corresponding detokenization policy in the API gateway to convert tokenized values back to their original values when required by other APIs. This method does not require recoding the API implementations and
ensures that sensitive data is protected while still being accessible in its original form when necessary.
References:
MuleSoft Documentation on Tokenization Policies
API Gateway Security Best Practices
Question 70:
An insurance company is using a CIoudHub runtime plane. As a part of requirement, email alert should be sent to internal operations team every time of policy applied to an API instance is deleted As an integration architect suggest on how this requirement be met?
A. Use audit logs in Anypoint platform to detect a policy deletion and configure the Audit logs alert feature to send an email to the operations team B. Use Anypoint monitoring to configure an alert that sends an email to the operations team every time a policy is deleted in API manager C. Create a custom connector to be triggered every time of policy is deleted in API manager D. Implement a new application that uses the Audit log REST API to detect the policy deletion and send an email to operations team the SMTP connector
D. Implement a new application that uses the Audit log REST API to detect the policy deletion and send an email to operations team the SMTP connector
Explanation/Reference:
Requirement Analysis: The organization needs to send email alerts to the internal operations team whenever a policy applied to an API instance is deleted in the CloudHub runtime plane. Solution: The most effective approach is to implement
a new Mule application that uses the Audit Log REST API to detect when a policy is deleted and then sends an email using the SMTP connector.
Implementation Steps:
GET /accounts/api/v2/organizations/{orgId}/audit-logs
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Salesforce exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your MULESOFT-INTEGRATION-ARCHITECT-I exam preparations
and Salesforce certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.