CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. MuleSoft
  5. MCPA-LEVEL-1-MAINTENANCE

Free MCPA-LEVEL-1-MAINTENANCE Exam Braindumps (page: 6)

Page 5 of 21
PDF with 80 Questions

A code-centric API documentation environment should allow API consumers to investigate and execute API client source code that demonstrates invoking one or more APIs as part of representative scenarios.
What is the most effective way to provide this type of code-centric API documentation environment using Anypoint Platform?

  1. Enable mocking services for each of the relevant APIs and expose them via their Anypoint Exchange entry
  2. Ensure the APIs are well documented through their Anypoint Exchange entries and API Consoles and share these pages with all API consumers
  3. Create API Notebooks and include them in the relevant Anypoint Exchange entries
  4. Make relevant APIs discoverable via an Anypoint Exchange entry

Answer(s): C

Explanation:

Correct Answer: Create API Notebooks and Include them in the relevant Anypoint exchange entries
*****************************************

>> API Notebooks are the one on Anypoint Platform that enable us to provide code-centric API documentation


Reference:

https://docs.mulesoft.com/exchange/to-use-api-notebook



Bottom of Form
Top of Form



Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.



What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?

  1. Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users
  2. Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials
  3. Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist
  4. Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server

Answer(s): A

Explanation:

Correct Answer: Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users.
*****************************************
>> IP Whitelisting does NOT fit for this purpose. Moreover, the users workstations may not necessarily have static IPs in the network.
>> OAuth 2.0 enforcement requires a client provider which isn't in the organizations system components.
>> It is not an effective approach to let every user create separate client credentials and configure those for their usage.
The effective way it to apply a basic authentication - LDAP policy and the internal Active Directory will be configured as the LDAP source for authenticating users.


Reference:

https://docs.mulesoft.com/api-manager/2.x/basic-authentication-ldap-concept



What is a best practice when building System APIs?

  1. Document the API using an easily consumable asset like a RAML definition
  2. Model all API resources and methods to closely mimic the operations of the backend system
  3. Build an Enterprise Data Model (Canonical Data Model) for each backend system and apply it to System APIs
  4. Expose to API clients all technical details of the API implementation's interaction wifch the backend system

Answer(s): B

Explanation:

Correct Answer: Model all API resources and methods to closely mimic the operations of the backend system.
*****************************************
>> There are NO fixed and straight best practices while opting data models for APIs. They are completly contextual and depends on number of factors. Based upon those factors, an enterprise can choose if they have to go with Enterprise Canonical Data Model or Bounded Context Model etc. >> One should NEVER expose the technical details of API implementation to their API clients. Only the API interface/ RAML is exposed to API clients.
>> It is true that the RAML definitions of APIs should be as detailed as possible and should reflect most of the documentation. However, just that is NOT enough to call your API as best documented API. There should be even more documentation on Anypoint Exchange with API Notebooks etc. to make and create a developer friendly API and repository..

>> The best practice always when creating System APIs is to create their API interfaces by modeling their resources and methods to closely reflect the operations and functionalities of that backend system.



What CANNOT be effectively enforced using an API policy in Anypoint Platform?

  1. Guarding against Denial of Service attacks
  2. Maintaining tamper-proof credentials between APIs
  3. Logging HTTP requests and responses
  4. Backend system overloading

Answer(s): A

Explanation:

Correct Answer: Guarding against Denial of Service attacks
*****************************************
>> Backend system overloading can be handled by enforcing "Spike Control Policy" >> Logging HTTP requests and responses can be done by enforcing "Message Logging Policy" >> Credentials can be tamper-proofed using "Security" and "Compliance" Policies However, unfortunately, there is no proper way currently on Anypoint Platform to guard against DOS attacks.


Reference:

https://help.mulesoft.com/s/article/DDos-Dos-at






Post your Comments and Discuss MuleSoft MCPA-LEVEL-1-MAINTENANCE exam with other Community members:

MCPA-LEVEL-1-MAINTENANCE Exam Discussions & Posts