Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. MuleSoft
  5. MCIA-LEVEL-1

MuleSoft Certified Integration Architect - Level 1
MCIA-LEVEL-1 Exam

What is required before an API implemented using the components of Anypoint Platform can be managed and governed (by applying API policies) on Anypoint Platform?

  1. The API must be published to Anypoint Exchange and a corresponding API instance ID must be obtained from API Manager to be used in the API implementation
  2. The API implementation source code must be committed to a source control management system (such as GitHub)
  3. A RAML definition of the API must be created in API designer so it can then be published to Anypoint Exchange
  4. The API must be shared with the potential developers through an API portal so API consumers can interact with the API

Answer(s): A

Explanation:

Context of the question is about managing and governing mule applications deployed on Anypoint platform.
Anypoint API Manager (API Manager) is a component of Anypoint Platform that enables you to manage, govern, and secure APIs. It leverages the runtime capabilities of API Gateway and Anypoint Service Mesh, both of which enforce policies, collect and track analytics data, manage proxies, provide encryption and authentication, and manage applications.
Mule Ref Doc : https://docs.mulesoft.com/api-manager/2.x/getting-started-proxy


Reference:

https://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concept



Refer to the exhibit.

One of the backend systems invoked by an API implementation enforces rate limits on the number of requests a particular client can make. Both the backend system and the API implementation are deployed to several non-production environments in addition to production.

Rate limiting of the backend system applies to all non-production environments. The production environment, however, does NOT have any rate limiting.

What is the most effective approach to conduct performance tests of the API implementation in a staging (non-production) environment?

  1. Create a mocking service that replicates the backend system's production performance characteristics. Then configure the API implementation to use the mocking service and conduct the performance tests
  2. Use MUnit to simulate standard responses from the backend system then conduct performance tests to identify other bottlenecks in the system
  3. Include logic within the API implementation that bypasses invocations of the backend system in a performance test situation. Instead invoking local stubs that replicate typical backend system responses then conduct performance tests using this API Implementation
  4. Conduct scaled-down performance tests in the staging environment against the rate limited backend system then upscale performance results to full production scale

Answer(s): A

Explanation:

Correct answer is Create a mocking service that replicates the backend system’s production performance characteristics. Then configure the API implementation to use the mocking service and conduct the performance tests
* MUnit is for only Unit and integration testing for APIs and Mule apps. Not for performance Testing, even if it has the ability to Mock the backend.
* Bypassing the backend invocation defeats the whole purpose of performance testing. Hence it is not a valid answer.
* Scaled down performance tests cant be relied upon as performance of API's is not linear against load.



An API has been unit tested and is ready for integration testing. The API is governed by a Client ID Enforcement policy in all environments.
What must the testing team do before they can start integration testing the API in the Staging environment?

  1. They must access the API portal and create an API notebook using the Client ID and Client Secret supplied by the API portal in the Staging environment
  2. They must request access to the API instance in the Staging environment and obtain a Client ID and Client Secret to be used for testing the API
  3. They must be assigned as an API version owner of the API in the Staging environment
  4. They must request access to the Staging environment and obtain the Client ID and Client Secret for that environment to be used for testing the API

Answer(s): B

Explanation:

* It's mentioned that the API is governed by a Client ID Enforcement policy in all environments.
* Client ID Enforcement policy allows only authorized applications to access the deployed API implementation.
* Each authorized application is configured with credentials: client_id and client_secret.
* At runtime, authorized applications provide the credentials with each request to the API implementation.

MuleSoft Reference:
https://docs.mulesoft.com/api-manager/2.x/policy-mule3-client-id-based-policies



What requires configuration of both a key store and a trust store for an HTTP Listener?

  1. Support for TLS mutual (two-way) authentication with HTTP clients
  2. Encryption of requests to both subdomains and API resource endpoints fhttPs://aDi.customer.com/ and https://customer.com/api)
  3. Encryption of both HTTP request and HTTP response bodies for all HTTP clients
  4. Encryption of both HTTP request header and HTTP request body for all HTTP clients

Answer(s): A

Explanation:

1 way SSL : The server presents its certificate to the client and the client adds it to its list of trusted certificate. And so, the client can talk to the server.
2-way SSL: The same principle but both ways. i.e. both the client and the server has to establish trust between themselves using a trusted certificate. In this way of a digital handshake, the server needs to present a certificate to authenticate itself to client and client has to present its certificate to server.
* TLS is a cryptographic protocol that provides communications security for your Mule app.
* TLS offers many different ways of exchanging keys for authentication, encrypting data, and guaranteeing message integrity Keystores and Truststores Truststore and keystore contents differ depending on whether they are used for clients or servers:
For servers: the truststore contains certificates of the trusted clients, the keystore contains the private and public key of the server. For clients: the truststore contains certificates of the trusted servers, the keystore contains the private and public key of the client.
Adding both a keystore and a truststore to the configuration implements two-way TLS authentication also known as mutual authentication.
* in this case, correct answer is Support for TLS mutual (two-way) authentication with HTTP clients.




Rose
I passed that exam the first time. And I thank you folks for that. I could not have passed it with out your help.
- South Africa
Upvote


Shourya
I've just done my exam and passed (890) - your materials are spot on.
- UNITED STATES
Upvote


90%
I have sat and passed.
- Haidarabad
Upvote


Jessica
Thanks to this site! i passed my 310-055 exam with 90%
- UNITED STATES
Upvote


George
I passed my VCP Exam this week with an 87. I hadn't taken a cert exam in 10 years. Your product was very helpful and helped me hone the areas where I was lacking. Thank you.
- UNITED ARAB EMIRATES
Upvote


David B.
I would like to thank this site for the great support and passing 920-105 exam with excellent result. Thanks once again!
- UNITED STATES
Upvote


Bruce Gord
Thanks Well I just passed the exam with high score. Anyway, thanks for providing the good material.
- Malaysia
Upvote


Parag
Hi, Let me appreciate your Study Guide. I passed the exam with 92%. All the questions were from the study guide. I am still wondering where I went wrong for not scoring 100%. I will not hesitate to recommend your site to my friends and colleagues. Thanks
- UNITED STATES
Upvote


J M
Hello, I purchased your 640-801 last week and I was able to pass my exam with 96%. The questions were all the same. I wondering how you guys do it? Keep up the good job. I appreciate your service and your best price. Thanks
- UNITED STATES
Upvote

Read more ...