Free MCPA-Level-1 Exam Files Downloaded Instantly UPDATED [2024]
100% Pass Guaranteed Free MCPA-Level-1 Exam Dumps
The MCPA program is designed for architects who want to validate their skills in designing and building scalable, efficient, and robust MuleSoft solutions. The MCPA-Level-1 exam is the first step in this certification program. MCPA-Level-1 exam tests the candidate's knowledge of MuleSoft architecture, design patterns, best practices, and implementation strategies. MCPA-Level-1 exam also focuses on the candidate's ability to design and implement complex MuleSoft solutions that meet business requirements.
NEW QUESTION # 52
What is true about automating interactions with Anypoint Platform using tools such as Anypoint Platform REST APIs, Anypoint CU, or the Mule Maven plugin?
- A. API policies can be applied to the Anypoint Platform APIs so that ONLY certain LOBs have access to specific functions
- B. By default, the Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications
- C. Access to Anypoint Platform APIs and Anypoint CU can be controlled separately through the roles and permissions in Anypoint Platform, so that specific users can get access to Anypoint CLI white others get access to the platform APIs
- D. Anypoint Platform APIs can ONLY automate interactions with CloudHub, while the Mule Maven plugin is required for deployment to customer-hosted Mule runtimes
Answer: B
Explanation:
Correct answer: By default, the Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications
*****************************************
>> We CANNOT apply API policies to the Anypoint Platform APIs like we can do on our custom written API instances. So, option suggesting this is FALSE.
>> Anypoint Platform APIs can be used for automating interactions with both CloudHub and customer-hosted Mule runtimes. Not JUST the CloudHub. So, option opposing this is FALSE.
>> Mule Maven plugin is NOT mandatory for deployment to customer-hosted Mule runtimes. It just helps your CI/CD to have smoother automation. But not a compulsory requirement to deploy. So, option opposing this is FALSE.
>> We DO NOT have any such special roles and permissions on the platform to separately control access for some users to have Anypoint CLI and others to have Anypoint Platform APIs. With proper general roles/permissions (API Owner, Cloudhub Admin etc..), one can use any of the options (Anypoint CLI or Platform APIs). So, option suggesting this is FALSE.
Only TRUE statement given in the choices is that - Anypoint CLI and Mule Maven plugin are NOT included in the Mule runtime, so are NOT available to be used by deployed Mule applications.
Maven is part of Studio or you can use other Maven installation for development.
CLI is convenience only. It is one of many ways how to install app to the runtime.
These are definitely NOT part of anything except your process of deployment or automation.
NEW QUESTION # 53
What condition requires using a CloudHub Dedicated Load Balancer?
- A. When API invocations across multiple CloudHub workers must be load balanced
- B. When custom DNS names are required for API implementations deployed to customer-hosted Mule runtimes
- C. When server-side load-balanced TLS mutual authentication is required between API implementations and API clients
- D. When cross-region load balancing is required between separate deployments of the same Mule application
Answer: C
NEW QUESTION # 54
Refer to the exhibit.
Three business processes need to be implemented, and the implementations need to communicate with several different SaaS applications.
These processes are owned by separate (siloed) LOBs and are mainly independent of each other, but do share a few business entities. Each LOB has one development team and their own budget In this organizational context, what is the most effective approach to choose the API data models for the APIs that will implement these business processes with minimal redundancy of the data models?
A) Build several Bounded Context Data Models that align with coherent parts of the business processes and the definitions of associated business entities
B) Build distinct data models for each API to follow established micro-services and Agile API-centric practices
C) Build all API data models using XML schema to drive consistency and reuse across the organization
D) Build one centralized Canonical Data Model (Enterprise Data Model) that unifies all the data types from all three business processes, ensuring the data model is consistent and non-redundant
- A. Option A
- B. Option D
- C. Option C
- D. Option B
Answer: D
NEW QUESTION # 55
A company requires Mule applications deployed to CloudHub to be isolated between non-production and production environments. This is so Mule applications deployed to non-production environments can only access backend systems running in their customer-hosted non-production environment, and so Mule applications deployed to production environments can only access backend systems running in their customer-hosted production environment. How does MuleSoft recommend modifying Mule applications, configuring environments, or changing infrastructure to support this type of per-environment isolation between Mule applications and backend systems?
- A. Create non-production and production environments in different Anypoint Platform business groups
- B. Create separate Anypoint VPCs for non-production and production environments, then configure connections to the backend systems in the corresponding customer-hosted environments
- C. Configure firewall rules in the infrastructure inside each customer-hosted environment so that only IP addresses from the corresponding Anypoint Platform environments are allowed to communicate with corresponding backend systems
- D. Modify properties of Mule applications deployed to the production Anypoint Platform environments to prevent access from non-production Mule applications
Answer: B
Explanation:
Correct answer: Create separate Anypoint VPCs for non-production and production environments, then configure connections to the backend systems in the corresponding customer-hosted environments.
*****************************************
>> Creating different Business Groups does NOT make any difference w.r.t accessing the non-prod and prod customer-hosted environments. Still they will be accessing from both Business Groups unless process network restrictions are put in place.
>> We need to modify or couple the Mule Application Implementations with the environment. In fact, we should never implements application coupled with environments by binding them in the properties. Only basic things like endpoint URL etc should be bundled in properties but not environment level access restrictions.
>> IP addresses on CloudHub are dynamic until unless a special static addresses are assigned. So it is not possible to setup firewall rules in customer-hosted infrastrcture. More over, even if static IP addresses are assigned, there could be 100s of applications running on cloudhub and setting up rules for all of them would be a hectic task, non-maintainable and definitely got a good practice.
>> The best practice recommended by Mulesoft (In fact any cloud provider), is to have your Anypoint VPCs seperated for Prod and Non-Prod and perform the VPC peering or VPN tunneling for these Anypoint VPCs to respective Prod and Non-Prod customer-hosted environment networks.
Reference:
NEW QUESTION # 56
Refer to the exhibit.
An organization uses one specific CloudHub (AWS) region for all CloudHub deployments.
How are CloudHub workers assigned to availability zones (AZs) when the organization's Mule applications are deployed to CloudHub in that region?
- A. AZs are selected as part of the Mule application's deployment configuration
- B. Workers belonging to a given environment are assigned to the same AZ within that region
- C. Workers are randomly distributed across available AZs within that region
- D. An AZ is randomly selected for a Mule application, and all the Mule application's CloudHub workers are assigned to that one AZ
Answer: D
NEW QUESTION # 57
An organization has created an API-led architecture that uses various API layers to integrate mobile clients with a backend system. The backend system consists of a number of specialized components and can be accessed via a REST API. The process and experience APIs share the same bounded-context model that is different from the backend data model. What additional canonical models, bounded-context models, or anti-corruption layers are best added to this architecture to help process data consumed from the backend system?
- A. Create a bounded-context model for every layer and overlap them when the boundary contexts overlap, letting API developers know about the differences between upstream and downstream data models
- B. Create an anti-corruption layer for every API to perform transformation for every data model to match each other, and let data simply travel between APIs to avoid the complexity and overhead of building canonical models
- C. Create a bounded-context model for the system layer to closely match the backend data model, and add an anti-corruption layer to let the different bounded contexts cooperate across the system and process layers
- D. Create a canonical model that combines the backend and API-led models to simplify and unify data models, and minimize data transformations.
Answer: C
Explanation:
Create a bounded-context model for the system layer to closely match the backend data model, and add an anti-corruption layer to let the different bounded contexts cooperate across the system and process layers
*****************************************
>> Canonical models are not an option here as the organization has already put in efforts and created bounded-context models for Experience and Process APIs.
>> Anti-corruption layers for ALL APIs is unnecessary and invalid because it is mentioned that experience and process APIs share same bounded-context model. It is just the System layer APIs that need to choose their approach now.
>> So, having an anti-corruption layer just between the process and system layers will work well. Also to speed up the approach, system APIs can mimic the backend system data model.
NEW QUESTION # 58
What should be ensured before sharing an API through a public Anypoint Exchange portal?
- A. The API should be secured using one of the supported authentication/authorization mechanisms to ensure that data is not compromised
- B. The visibility level of the API instances of that API that need to be publicly accessible should be set to public visibility
- C. The users needing access to the API should be added to the appropriate role in Anypoint Platform
- D. The API should be functional with at least an initial implementation deployed and accessible for users to interact with
Answer: B
Explanation:
Explanation
https://docs.mulesoft.com/exchange/to-share-api-asset-to-portal
NEW QUESTION # 59
How can the application of a rate limiting API policy be accurately reflected in the RAML definition of an API?
- A. By refining the request definitions by adding a remaining Requests query parameter with description, type, and example
- B. By refining the response definitions by adding the out-of-the-box Anypoint Platform rate-limit-enforcement securityScheme with description, type, and example
- C. By refining the resource definitions by adding a description of the rate limiting policy behavior
- D. By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example
Answer: D
Explanation:
Correct answer: By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example
*****************************************
References:
https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling#response-headers
https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling-sla-based-policies#response-headers
NEW QUESTION # 60
What is typically NOT a function of the APIs created within the framework called API-led connectivity?
- A. They reduce the dependency on the underlying backend systems by helping unlock data from backend systems In a reusable and consumable way.
- B. They can compose data from various sources and combine them with orchestration logic to create higher level value.
- C. They provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.
- D. They allow for innovation at the user Interface level by consuming the underlying assets without being aware of how data Is being extracted from backend systems.
Answer: C
Explanation:
They provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.
*****************************************
In API-led connectivity,
>> Experience APIs - allow for innovation at the user interface level by consuming the underlying assets without being aware of how data is being extracted from backend systems.
>> Process APIs - compose data from various sources and combine them with orchestration logic to create higher level value
>> System APIs - reduce the dependency on the underlying backend systems by helping unlock data from backend systems in a reusable and consumable way.
However, they NEVER promise that they provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.
https://dzone.com/articles/api-led-connectivity-with-mule
NEW QUESTION # 61
Refer to the exhibit.
What is a valid API in the sense of API-led connectivity and application networks?
A) Java RMI over TCP
B) Java RMI over TCP
C) CORBA over HOP
D) XML over UDP
- A. Option A
- B. Option D
- C. Option C
- D. Option B
Answer: D
NEW QUESTION # 62
When using CloudHub with the Shared Load Balancer, what is managed EXCLUSIVELY by the API implementation (the Mule application) and NOT by Anypoint Platform?
- A. The assignment of each HTTP request to a particular CloudHub worker
- B. The SSL certificates used by the API implementation to expose HTTPS endpoints
- C. The logging configuration that enables log entries to be visible in Runtime Manager
- D. The number of DNS entries allocated to the API implementation
Answer: B
Explanation:
The SSL certificates used by the API implementation to expose HTTPS endpoints
*****************************************
>> The assignment of each HTTP request to a particular CloudHub worker is taken care by Anypoint Platform itself. We need not manage it explicitly in the API implementation and in fact we CANNOT manage it in the API implementation.
>> The logging configuration that enables log entries to be visible in Runtime Manager is ALWAYS managed in the API implementation and NOT just for SLB. So this is not something we do EXCLUSIVELY when using SLB.
>> We DO NOT manage the number of DNS entries allocated to the API implementation inside the code.
Anypoint Platform takes care of this.
It is the SSL certificates used by the API implementation to expose HTTPS endpoints that is to be managed EXCLUSIVELY by the API implementation. Anypoint Platform does NOT do this when using SLBs.
NEW QUESTION # 63
What is the most performant out-of-the-box solution in Anypoint Platform to track transaction state in an asynchronously executing long-running process implemented as a Mule application deployed to multiple CloudHub workers?
- A. Persistent Object Store
- B. File-based storage
- C. Redis distributed cache
- D. java.util.WeakHashMap
Answer: A
Explanation:
Correct answer: Persistent Object Store
*****************************************
>> Redis distributed cache is performant but NOT out-of-the-box solution in Anypoint Platform
>> File-storage is neither performant nor out-of-the-box solution in Anypoint Platform
>> java.util.WeakHashMap needs a completely custom implementation of cache from scratch using Java code and is limited to the JVM where it is running. Which means the state in the cache is not worker aware when running on multiple workers. This type of cache is local to the worker. So, this is neither out-of-the-box nor worker-aware among multiple workers on cloudhub. https://www.baeldung.com/java-weakhashmap
>> Persistent Object Store is an out-of-the-box solution provided by Anypoint Platform which is performant as well as worker aware among multiple workers running on CloudHub. https://docs.mulesoft.com/object-store/ So, Persistent Object Store is the right answer.
NEW QUESTION # 64
A code-centric API documentation environment should allow API consumers to investigate and execute API client source code that demonstrates invoking one or more APIs as part of representative scenarios.
What is the most effective way to provide this type of code-centric API documentation environment using Anypoint Platform?
- A. Enable mocking services for each of the relevant APIs and expose them via their Anypoint Exchange entry
- B. Create API Notebooks and include them in the relevant Anypoint Exchange entries
- C. Make relevant APIs discoverable via an Anypoint Exchange entry
- D. Ensure the APIs are well documented through their Anypoint Exchange entries and API Consoles and share these pages with all API consumers
Answer: B
NEW QUESTION # 65
What Mule application can have API policies applied by Anypoint Platform to the endpoint exposed by that Mule application?
- A. A Mule application that accepts requests over HTTP/1x.

- B. A Mule application that accepts JSON requests over WebSocket.

- C. A Mule application that accepts gRPC requests over HTTP/2

- D. A Mule application that accepts JSON requests over TCP but is NOT required to provide a response.

Answer: C
Explanation:
Explanation/Reference:
NEW QUESTION # 66
What do the API invocation metrics provided by Anypoint Platform provide?
- A. Proactive identification of likely future policy violations that exceed a given threat threshold
- B. ROI metrics from APIs that can be directly shared with business users
- C. Measurements of the effectiveness of the application network based on the level of reuse
- D. Data on past API invocations to help identify anomalies and usage patterns across various APIs
Answer: C
Explanation:
Explanation/Reference: https://usermanual.wiki/Document/APAAppNetstudentManual02may2018.991784750.pdf
NEW QUESTION # 67
An organization is deploying their new implementation of the OrderStatus System API to multiple workers in CloudHub. This API fronts the organization's on-premises Order Management System, which is accessed by the API implementation over an IPsec tunnel.
What type of error typically does NOT result in a service outage of the OrderStatus System API?
- A. The AWS region goes offline with a major network failure to the relevant AWS data centers
- B. API Manager has an extended outage during the initial deployment of the API implementation
- C. The Order Management System is Inaccessible due to a network outage in the organization's on-premises data center
- D. A CloudHub worker fails with an out-of-memory exception
Answer: C
NEW QUESTION # 68
What is a key performance indicator (KPI) that measures the success of a typical C4E that is immediately apparent in responses from the Anypoint Platform APIs?
- A. The fraction of API implementations deployed manually relative to those deployed using a CI/CD tool
- B. The number of API specifications in RAML or OAS format published to Anypoint Exchange
- C. The number of production outage incidents reported in the last 24 hours
- D. The number of API implementations that have a publicly accessible HTTP endpoint and are being managed by Anypoint Platform
Answer: B
Explanation:
Correct answer: The number of API specifications in RAML or OAS format published to Anypoint Exchange
*****************************************
>> The success of C4E always depends on their contribution to the number of reusable assets that they have helped to build and publish to Anypoint Exchange.
>> It is NOT due to any factors w.r.t # of outages, Manual vs CI/CD deployments or Publicly accessible HTTP endpoints
>> Anypoint Platform APIs helps us to quickly run and get the number of published RAML/OAS assets to Anypoint Exchange. This clearly depicts how successful a C4E team is based on number of returned assets in the response.
NEW QUESTION # 69
Select the correct Owner-Layer combinations from below options
- A. 1. App Developers owns and focuses on Experience Layer APIs
2. Central IT owns and focuses on Process Layer APIs
3. LOB IT owns and focuses on System Layer APIs - B. 1. Central IT owns and focuses on Experience Layer APIs
2. LOB IT owns and focuses on Process Layer APIs
3. App Developers owns and focuses on System Layer APIs - C. 1. App Developers owns and focuses on Experience Layer APIs
2. LOB IT owns and focuses on Process Layer APIs
3. Central IT owns and focuses on System Layer APIs
Answer: C
Explanation:
Correct answer:
1. App Developers owns and focuses on Experience Layer APIs
2. LOB IT owns and focuses on Process Layer APIs
3. Central IT owns and focuses on System Layer APIs
References:
https://blogs.mulesoft.com/biz/api/experience-api-ownership/
https://blogs.mulesoft.com/biz/api/process-api-ownership/
https://blogs.mulesoft.com/biz/api/system-api-ownership/
NEW QUESTION # 70
A company requires Mule applications deployed to CloudHub to be isolated between non-production and production environments. This is so Mule applications deployed to non-production environments can only access backend systems running in their customer-hosted non-production environment, and so Mule applications deployed to production environments can only access backend systems running in their customer-hosted production environment. How does MuleSoft recommend modifying Mule applications, configuring environments, or changing infrastructure to support this type of per-environment isolation between Mule applications and backend systems?
- A. Create non-production and production environments in different Anypoint Platform business groups
- B. Create separate Anypoint VPCs for non-production and production environments, then configure connections to the backend systems in the corresponding customer-hosted environments
- C. Configure firewall rules in the infrastructure inside each customer-hosted environment so that only IP addresses from the corresponding Anypoint Platform environments are allowed to communicate with corresponding backend systems
- D. Modify properties of Mule applications deployed to the production Anypoint Platform environments to prevent access from non-production Mule applications
Answer: B
Explanation:
Create separate Anypoint VPCs for non-production and production environments, then configure connections to the backend systems in the corresponding customer-hosted environments.
*****************************************
>> Creating different Business Groups does NOT make any difference w.r.t accessing the non-prod and prod customer-hosted environments. Still they will be accessing from both Business Groups unless process network restrictions are put in place.
>> We need to modify or couple the Mule Application Implementations with the environment. In fact, we should never implements application coupled with environments by binding them in the properties. Only basic things like endpoint URL etc should be bundled in properties but not environment level access restrictions.
>> IP addresses on CloudHub are dynamic until unless a special static addresses are assigned. So it is not possible to setup firewall rules in customer-hosted infrastrcture. More over, even if static IP addresses are assigned, there could be 100s of applications running on cloudhub and setting up rules for all of them would be a hectic task, non-maintainable and definitely got a good practice.
>> The best practice recommended by Mulesoft (In fact any cloud provider), is to have your Anypoint VPCs seperated for Prod and Non-Prod and perform the VPC peering or VPN tunneling for these Anypoint VPCs to respective Prod and Non-Prod customer-hosted environment networks.
NEW QUESTION # 71
What is a key requirement when using an external Identity Provider for Client Management in Anypoint Platform?
- A. To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider
- B. APIs managed by Anypoint Platform must be protected by SAML 2.0 policies
- C. Single sign-on is required to sign in to Anypoint Platform
- D. The application network must include System APIs that interact with the Identity Provider
Answer: A
Explanation:
Explanation
https://www.folkstalk.com/2019/11/mulesoft-integration-and-platform.html
NEW QUESTION # 72
What API policy would LEAST likely be applied to a Process API?
- A. JSON threat protection
- B. Custom circuit breaker
- C. Client ID enforcement
- D. Rate limiting
Answer: B
NEW QUESTION # 73
......
Latest MCPA-Level-1 dumps - Instant Download PDF: https://www.prep4pass.com/MCPA-Level-1_exam-braindumps.html
