CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. MuleSoft
  5. MuleSoft Certified Platform Architect - Level 1

Free MuleSoft Certified Platform Architect - Level 1 Exam Braindumps (page: 8)

Page 8 of 24
PDF with 95 Questions

How can the application of a rate limiting API policy be accurately reflected in the RAML definition of an API?

  1. By refining the resource definitions by adding a description of the rate limiting policy behavior
  2. By refining the request definitions by adding a remaining Requests query parameter with description, type, and example
  3. By refining the response definitions by adding the out-of-the-box Anypoint Platform rate-limit- enforcement securityScheme with description, type, and example
  4. By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example

Answer(s): D

Explanation:

Correct Answer: By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example
*****************************************


Reference:

https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling#response-headers https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling-sla-based-policies#response-headers



An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.
The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.
What out-of-the-box Anypoint Platform policy can address exposure to this threat?

  1. Shut out bad actors by using HTTPS mutual authentication for all API invocations
  2. Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors
  3. Apply a Header injection and removal policy that detects the malicious data before it is used
  4. Apply a JSON threat protection policy to all APIs to detect potential threat vectors

Answer(s): D

Explanation:

Correct Answer: Apply a JSON threat protection policy to all APIs to detect potential threat vectors
*****************************************
>> Usually, if the APIs are designed and developed for specific consumers (known consumers/customers) then we would IP Whitelist the same to ensure that traffic only comes from them.
>> However, as this scenario states that the APIs are publicly available and being used by so many mobile and web applications, it is NOT possible to identify and blacklist all possible bad actors.
>> So, JSON threat protection policy is the best chance to prevent any bad JSON payloads from such bad actors.



An API experiences a high rate of client requests (TPS) vwth small message paytoads. How can usage limits be imposed on the API based on the type of client application?

  1. Use an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type
  2. Use a spike control policy that limits the number of requests for each client application type
  3. Use a cross-origin resource sharing (CORS) policy to limit resource sharing between client applications, configured by the client application type
  4. Use a rate limiting policy and a client ID enforcement policy, each configured by the client application type

Answer(s): A

Explanation:

Correct Answer: Use an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type.
*****************************************
>> SLA tiers will come into play whenever any limits to be imposed on APIs based on client type Reference:
https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling-sla-based- policies



A code-centric API documentation environment should allow API consumers to investigate and execute API client source code that demonstrates invoking one or more APIs as part of representative scenarios.
What is the most effective way to provide this type of code-centric API documentation environment using Anypoint Platform?

  1. Enable mocking services for each of the relevant APIs and expose them via their Anypoint Exchange entry
  2. Ensure the APIs are well documented through their Anypoint Exchange entries and API Consoles and share these pages with all API consumers
  3. Create API Notebooks and include them in the relevant Anypoint Exchange entries
  4. Make relevant APIs discoverable via an Anypoint Exchange entry

Answer(s): C

Explanation:

Correct Answer: Create API Notebooks and Include them in the relevant Anypoint exchange entries
*****************************************
>> API Notebooks are the one on Anypoint Platform that enable us to provide code-centric API documentation


Reference:

https://docs.mulesoft.com/exchange/to-use-api-notebook



Page 8 of 24



Post your Comments and Discuss MuleSoft MuleSoft Certified Platform Architect - Level 1 exam with other Community members:

Olympia commented on October 25, 2024
The free version is good but does not have all questions. However the PDF has double the amount of questions and very helpful to pass the exam.
Canada
upvote