CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. MuleSoft
  5. MCIA-LEVEL-1

Free MCIA-LEVEL-1 Exam Braindumps (page: 3)

Page 3 of 62
PDF with 244 Questions

What is required before an API implemented using the components of Anypoint Platform can be managed and governed (by applying API policies) on Anypoint Platform?

  1. The API must be published to Anypoint Exchange and a corresponding API instance ID must be obtained from API Manager to be used in the API implementation
  2. The API implementation source code must be committed to a source control management system (such as GitHub)
  3. A RAML definition of the API must be created in API designer so it can then be published to Anypoint Exchange
  4. The API must be shared with the potential developers through an API portal so API consumers can interact with the API

Answer(s): A

Explanation:

Context of the question is about managing and governing mule applications deployed on Anypoint platform.
Anypoint API Manager (API Manager) is a component of Anypoint Platform that enables you to manage, govern, and secure APIs. It leverages the runtime capabilities of API Gateway and Anypoint Service Mesh, both of which enforce policies, collect and track analytics data, manage proxies, provide encryption and authentication, and manage applications.
Mule Ref Doc : https://docs.mulesoft.com/api-manager/2.x/getting-started-proxy


Reference:

https://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concept



Refer to the exhibit.

One of the backend systems invoked by an API implementation enforces rate limits on the number of requests a particular client can make. Both the backend system and the API implementation are deployed to several non-production environments in addition to production.

Rate limiting of the backend system applies to all non-production environments. The production environment, however, does NOT have any rate limiting.

What is the most effective approach to conduct performance tests of the API implementation in a staging (non-production) environment?

  1. Create a mocking service that replicates the backend system's production performance characteristics. Then configure the API implementation to use the mocking service and conduct the performance tests
  2. Use MUnit to simulate standard responses from the backend system then conduct performance tests to identify other bottlenecks in the system
  3. Include logic within the API implementation that bypasses invocations of the backend system in a performance test situation. Instead invoking local stubs that replicate typical backend system responses then conduct performance tests using this API Implementation
  4. Conduct scaled-down performance tests in the staging environment against the rate limited backend system then upscale performance results to full production scale

Answer(s): A

Explanation:

Correct answer is Create a mocking service that replicates the backend system’s production performance characteristics. Then configure the API implementation to use the mocking service and conduct the performance tests
* MUnit is for only Unit and integration testing for APIs and Mule apps. Not for performance Testing, even if it has the ability to Mock the backend.
* Bypassing the backend invocation defeats the whole purpose of performance testing. Hence it is not a valid answer.
* Scaled down performance tests cant be relied upon as performance of API's is not linear against load.



An API has been unit tested and is ready for integration testing. The API is governed by a Client ID Enforcement policy in all environments.
What must the testing team do before they can start integration testing the API in the Staging environment?

  1. They must access the API portal and create an API notebook using the Client ID and Client Secret supplied by the API portal in the Staging environment
  2. They must request access to the API instance in the Staging environment and obtain a Client ID and Client Secret to be used for testing the API
  3. They must be assigned as an API version owner of the API in the Staging environment
  4. They must request access to the Staging environment and obtain the Client ID and Client Secret for that environment to be used for testing the API

Answer(s): B

Explanation:

* It's mentioned that the API is governed by a Client ID Enforcement policy in all environments.
* Client ID Enforcement policy allows only authorized applications to access the deployed API implementation.
* Each authorized application is configured with credentials: client_id and client_secret.
* At runtime, authorized applications provide the credentials with each request to the API implementation.

MuleSoft Reference:
https://docs.mulesoft.com/api-manager/2.x/policy-mule3-client-id-based-policies



What requires configuration of both a key store and a trust store for an HTTP Listener?

  1. Support for TLS mutual (two-way) authentication with HTTP clients
  2. Encryption of requests to both subdomains and API resource endpoints fhttPs://aDi.customer.com/ and https://customer.com/api)
  3. Encryption of both HTTP request and HTTP response bodies for all HTTP clients
  4. Encryption of both HTTP request header and HTTP request body for all HTTP clients

Answer(s): A

Explanation:

1 way SSL : The server presents its certificate to the client and the client adds it to its list of trusted certificate. And so, the client can talk to the server.
2-way SSL: The same principle but both ways. i.e. both the client and the server has to establish trust between themselves using a trusted certificate. In this way of a digital handshake, the server needs to present a certificate to authenticate itself to client and client has to present its certificate to server.
* TLS is a cryptographic protocol that provides communications security for your Mule app.
* TLS offers many different ways of exchanging keys for authentication, encrypting data, and guaranteeing message integrity Keystores and Truststores Truststore and keystore contents differ depending on whether they are used for clients or servers:
For servers: the truststore contains certificates of the trusted clients, the keystore contains the private and public key of the server. For clients: the truststore contains certificates of the trusted servers, the keystore contains the private and public key of the client.
Adding both a keystore and a truststore to the configuration implements two-way TLS authentication also known as mutual authentication.
* in this case, correct answer is Support for TLS mutual (two-way) authentication with HTTP clients.



Page 3 of 62



Post your Comments and Discuss MuleSoft MCIA-LEVEL-1 exam with other Community members:

sanath sekar commented on September 05, 2024
nice good good expirence with these dumps provided
Anonymous
upvote