PDF (New 2023) Actual MuleSoft MCPA-Level-1-Maintenance Exam Questions [Q23-Q39]

Share

PDF (New 2023) Actual MuleSoft MCPA-Level-1-Maintenance Exam Questions

Dumps Moneyack Guarantee - MCPA-Level-1-Maintenance Dumps UpTo 90% Off


The MCPA-Level-1-Maintenance certification is an industry-recognized certification that demonstrates a candidate's expertise in maintaining and managing MuleSoft implementations. It can help professionals advance their careers and increase their earning potential, and it can also help organizations identify and hire qualified professionals who can manage and maintain their MuleSoft implementations effectively. With proper preparation and study, candidates can pass the exam and attain this valuable certification.


MuleSoft MCPA-Level-1-Maintenance certification exam is designed to validate the skills and knowledge of professionals who have already earned the MuleSoft Certified Platform Architect - Level 1 (MCPA-Level-1) certification. MuleSoft Certified Platform Architect - Level 1 MAINTENANCE certification exam is specifically aimed at testing the ability of professionals to maintain and support MuleSoft applications, ensuring they are efficient, reliable, and secure.


The MCPA-Level-1-Maintenance exam is a challenging test that requires significant preparation and study. Candidates should have a strong foundation in MuleSoft Anypoint Platform architecture and be familiar with the latest industry standards and best practices. Additionally, candidates should have experience designing and building MuleSoft integrations in a variety of deployment models.

 

NEW QUESTION # 23
Due to a limitation in the backend system, a system API can only handle up to 500 requests per second. What is the best type of API policy to apply to the system API to avoid overloading the backend system?

  • A. HTTP caching
  • B. Rate limiting - SLA based
  • C. Spike control
  • D. Rate limiting

Answer: C

Explanation:
Spike control
*****************************************
>> First things first, HTTP Caching policy is for purposes different than avoiding the backend system from overloading. So this is OUT.
>> Rate Limiting and Throttling/ Spike Control policies are designed to limit API access, but have different intentions.
>> Rate limiting protects an API by applying a hard limit on its access.
>> Throttling/ Spike Control shapes API access by smoothing spikes in traffic.
That is why, Spike Control is the right option.


NEW QUESTION # 24
Traffic is routed through an API proxy to an API implementation. The API proxy is managed by API Manager and the API implementation is deployed to a CloudHub VPC using Runtime Manager. API policies have been applied to this API. In this deployment scenario, at what point are the API policies enforced on incoming API client requests?

  • A. At the API proxy
  • B. At the API implementation
  • C. At a MuleSoft-hosted load balancer
  • D. At both the API proxy and the API implementation

Answer: A

Explanation:
At the API proxy
*****************************************
>> API Policies can be enforced at two places in Mule platform.
>> One - As an Embedded Policy enforcement in the same Mule Runtime where API implementation is running.
>> Two - On an API Proxy sitting in front of the Mule Runtime where API implementation is running.
>> As the deployment scenario in the question has API Proxy involved, the policies will be enforced at the API Proxy.


NEW QUESTION # 25
How are an API implementation, API client, and API consumer combined to invoke and process an API?

  • A. The ApI consumer creates an API client, which sends API invocations to an API such that they are processed by an API implementation
  • B. The API consumer creates an API implementation, which receives API invocations from an API such that they are processed for an API client
  • C. The API client creates an API consumer, which receives API invocations from an API such that they are processed for an API implementation
  • D. The ApI client creates an API consumer, which sends API invocations to an API such that they are processed by an API implementation

Answer: A

Explanation:
The API consumer creates an API client, which sends API invocations to an API such that they are processed by an API implementation
*****************************************
Terminology:
>> API Client - It is a piece of code or program the is written to invoke an API
>> API Consumer - An owner/entity who owns the API Client. API Consumers write API clients.
>> API - The provider of the API functionality. Typically an API Instance on API Manager where they are managed and operated.
>> API Implementation - The actual piece of code written by API provider where the functionality of the API is implemented. Typically, these are Mule Applications running on Runtime Manager.


NEW QUESTION # 26
What best describes the Fully Qualified Domain Names (FQDNs), also known as DNS entries, created when a Mule application is deployed to the CloudHub Shared Worker Cloud?

  • A. The FQDNs are determined by the application name, but can be modified by an administrator after deployment
  • B. The FQDNs are determined by the application name chosen, IRRESPECTIVE of the region
  • C. The FQDNs are determined by both the application name and the Anypoint Platform organization
  • D. A fixed number of FQDNs are created, IRRESPECTIVE of the environment and VPC design

Answer: B

Explanation:
The FQDNs are determined by the application name chosen, IRRESPECTIVE of the region
*****************************************
>> When deploying applications to Shared Worker Cloud, the FQDN are always determined by application name chosen.
>> It does NOT matter what region the app is being deployed to.
>> Although it is fact and true that the generated FQDN will have the region included in it (Ex:
exp-salesorder-api.au-s1.cloudhub.io), it does NOT mean that the same name can be used when deploying to another CloudHub region.
>> Application name should be universally unique irrespective of Region and Organization and solely determines the FQDN for Shared Load Balancers.


NEW QUESTION # 27
A system API has a guaranteed SLA of 100 ms per request. The system API is deployed to a primary environment as well as to a disaster recovery (DR) environment, with different DNS names in each environment. An upstream process API invokes the system API and the main goal of this process API is to respond to client requests in the least possible time. In what order should the system APIs be invoked, and what changes should be made in order to speed up the response time for requests from the process API?

  • A. In parallel, invoke the system API deployed to the primary environment and the system API deployed to the DR environment using a scatter-gather configured with a timeout, and then merge the responses
  • B. In parallel, invoke the system API deployed to the primary environment and the system API deployed to the DR environment, and ONLY use the first response
  • C. Invoke ONLY the system API deployed to the primary environment, and add timeout and retry logic to avoid intermittent failures
  • D. Invoke the system API deployed to the primary environment, and if it fails, invoke the system API deployed to the DR environment

Answer: B

Explanation:
In parallel, invoke the system API deployed to the primary environment and the system API deployed to the DR environment, and ONLY use the first response.
*****************************************
>> The API requirement in the given scenario is to respond in least possible time.
>> The option that is suggesting to first try the API in primary environment and then fallback to API in DR environment would result in successful response but NOT in least possible time. So, this is NOT a right choice of implementation for given requirement.
>> Another option that is suggesting to ONLY invoke API in primary environment and to add timeout and retries may also result in successful response upon retries but NOT in least possible time. So, this is also NOT a right choice of implementation for given requirement.
>> One more option that is suggesting to invoke API in primary environment and API in DR environment in parallel using Scatter-Gather would result in wrong API response as it would return merged results and moreover, Scatter-Gather does things in parallel which is true but still completes its scope only on finishing all routes inside it. So again, NOT a right choice of implementation for given requirement The Correct choice is to invoke the API in primary environment and the API in DR environment parallelly, and using ONLY the first response received from one of them.


NEW QUESTION # 28
A company uses a hybrid Anypoint Platform deployment model that combines the EU control plane with customer-hosted Mule runtimes. After successfully testing a Mule API implementation in the Staging environment, the Mule API implementation is set with environment-specific properties and must be promoted to the Production environment. What is a way that MuleSoft recommends to configure the Mule API implementation and automate its promotion to the Production environment?

  • A. Use an API policy to change properties in the Mule API implementation deployed to the Staging environment and another API policy to deploy the Mule API implementation to the Production environment
  • B. Bundle properties files for each environment into the Mule API implementation's deployable archive, then promote the Mule API implementation to the Production environment using Anypoint CLI or the Anypoint Platform REST APIsB.
  • C. Modify the Mule API implementation's properties in the API Manager Properties tab, then promote the Mule API implementation to the Production environment using API Manager
  • D. Modify the Mule API implementation's properties in Anypoint Exchange, then promote the Mule API implementation to the Production environment using Runtime Manager

Answer: B

Explanation:
Bundle properties files for each environment into the Mule API implementation's deployable archive, then promote the Mule API implementation to the Production environment using Anypoint CLI or the Anypoint Platform REST APIs
*****************************************
>> Anypoint Exchange is for asset discovery and documentation. It has got no provision to modify the properties of Mule API implementations at all.
>> API Manager is for managing API instances, their contracts, policies and SLAs. It has also got no provision to modify the properties of API implementations.
>> API policies are to address Non-functional requirements of APIs and has again got no provision to modify the properties of API implementations.
So, the right way and recommended way to do this as part of development practice is to bundle properties files for each environment into the Mule API implementation and just point and refer to respective file per environment.


NEW QUESTION # 29
An API implementation is updated. When must the RAML definition of the API also be updated?

  • A. When the API implementation changes the structure of the request or response messages
  • B. When the API implementation is optimized to improve its average response time
  • C. When the API implementation is migrated from an older to a newer version of the Mule runtime
  • D. When the API implementation changes from interacting with a legacy backend system deployed on-premises to a modern, cloud-based (SaaS) system

Answer: A

Explanation:
When the API implementation changes the structure of the request or response messages
*****************************************
>> RAML definition usually needs to be touched only when there are changes in the request/response schemas or in any traits on API.
>> It need not be modified for any internal changes in API implementation like performance tuning, backend system migrations etc..


NEW QUESTION # 30
Which of the following sequence is correct?

  • A. API Consumer requests access to API >> API Client implementes logic to call an API >> API routes the request to >> API Implementation
  • B. API Client implementes logic to call an API >> API Consumer requests access to API >> API routes the request to >> API Implementation
  • C. API Client implementes logic to call an API >> API Consumer requests access to API >> API Implementation routes the request to >> API
  • D. API Consumer implementes logic to call an API >> API Client requests access to API >> API Implementation routes the request to >> API

Answer: A

Explanation:
API Consumer requests access to API >> API Client implementes logic to call an API >> API routes the request to >> API Implementation
*****************************************
>> API consumer does not implement any logic to invoke APIs. It is just a role. So, the option stating "API Consumer implementes logic to call an API" is INVALID.
>> API Implementation does not route any requests. It is a final piece of logic where functionality of target systems is exposed. So, the requests should be routed to the API implementation by some other entity. So, the options stating "API Implementation routes the request to >> API" is INVALID
>> The statements in one of the options are correct but sequence is wrong. The sequence is given as "API Client implementes logic to call an API >> API Consumer requests access to API >> API routes the request to
>> API Implementation". Here, the statements in the options are VALID but sequence is WRONG.
>> Right option and sequence is the one where API consumer first requests access to API on Anypoint Exchange and obtains client credentials. API client then writes logic to call an API by using the access client credentials requested by API consumer and the requests will be routed to API implementation via the API which is managed by API Manager.


NEW QUESTION # 31
A new upstream API Is being designed to offer an SLA of 500 ms median and 800 ms maximum (99th percentile) response time. The corresponding API implementation needs to sequentially invoke 3 downstream APIs of very similar complexity.
The first of these downstream APIs offers the following SLA for its response time: median: 100 ms, 80th percentile: 500 ms, 95th percentile: 1000 ms.
If possible, how can a timeout be set in the upstream API for the invocation of the first downstream API to meet the new upstream API's desired SLA?

  • A. Do not set a timeout; the Invocation of this API Is mandatory and so we must wait until it responds
  • B. Set a timeout of 50 ms; this times out more invocations of that API but gives additional room for retries
  • C. No timeout is possible to meet the upstream API's desired SLA; a different SLA must be negotiated with the first downstream API or invoke an alternative API
  • D. Set a timeout of 100 ms; that leaves 400 ms for the other two downstream APIs to complete

Answer: D

Explanation:
Set a timeout of 100ms; that leaves 400ms for other two downstream APIs to complete
*****************************************
Key details to take from the given scenario:
>> Upstream API's designed SLA is 500ms (median). Lets ignore maximum SLA response times.
>> This API calls 3 downstream APIs sequentially and all these are of similar complexity.
>> The first downstream API is offering median SLA of 100ms, 80th percentile: 500ms; 95th percentile:
1000ms.
Based on the above details:
>> We can rule out the option which is suggesting to set 50ms timeout. Because, if the median SLA itself being offered is 100ms then most of the calls are going to timeout and time gets wasted in retried them and eventually gets exhausted with all retries. Even if some retries gets successful, the remaining time wont leave enough room for 2nd and 3rd downstream APIs to respond within time.
>> The option suggesting to NOT set a timeout as the invocation of this API is mandatory and so we must wait until it responds is silly. As not setting time out would go against the good implementation pattern and moreover if the first API is not responding within its offered median SLA 100ms then most probably it would either respond in 500ms (80th percentile) or 1000ms (95th percentile). In BOTH cases, getting a successful response from 1st downstream API does NO GOOD because already by this time the Upstream API SLA of
500 ms is breached. There is no time left to call 2nd and 3rd downstream APIs.
>> It is NOT true that no timeout is possible to meet the upstream APIs desired SLA.
As 1st downstream API is offering its median SLA of 100ms, it means MOST of the time we would get the responses within that time. So, setting a timeout of 100ms would be ideal for MOST calls as it leaves enough room of 400ms for remaining 2 downstream API calls.


NEW QUESTION # 32
A code-centric API documentation environment should allow API consumers to investigate and execute API client source code that demonstrates invoking one or more APIs as part of representative scenarios.
What is the most effective way to provide this type of code-centric API documentation environment using Anypoint Platform?

  • A. Create API Notebooks and include them in the relevant Anypoint Exchange entries
  • B. Ensure the APIs are well documented through their Anypoint Exchange entries and API Consoles and share these pages with all API consumers
  • C. Make relevant APIs discoverable via an Anypoint Exchange entry
  • D. Enable mocking services for each of the relevant APIs and expose them via their Anypoint Exchange entry

Answer: A

Explanation:
Create API Notebooks and Include them in the relevant Anypoint exchange entries
*****************************************
>> API Notebooks are the one on Anypoint Platform that enable us to provide code-centric API documentation


NEW QUESTION # 33
What are 4 important Platform Capabilities offered by Anypoint Platform?

  • A. API Design and Development, API Deprecation, API Versioning, API Consumer Engagement
  • B. API Design and Development, API Runtime Execution and Hosting, API Versioning, API Deprecation
  • C. API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement
  • D. API Versioning, API Runtime Execution and Hosting, API Invocation, API Consumer Engagement

Answer: C

Explanation:
API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement
*****************************************
>> API Design and Development - Anypoint Studio, Anypoint Design Center, Anypoint Connectors
>> API Runtime Execution and Hosting - Mule Runtimes, CloudHub, Runtime Services
>> API Operations and Management - Anypoint API Manager, Anypoint Exchange
>> API Consumer Management - API Contracts, Public Portals, Anypoint Exchange, API Notebooks


NEW QUESTION # 34
A company has started to create an application network and is now planning to implement a Center for Enablement (C4E) organizational model. What key factor would lead the company to decide upon a federated rather than a centralized C4E?

  • A. When there are a large number of existing common assets shared by development teams
  • B. When various teams responsible for creating APIs are new to integration and hence need extensive training
  • C. When development is already organized into several independent initiatives or groups
  • D. When the majority of the applications in the application network are cloud based

Answer: C

Explanation:
When development is already organized into several independent initiatives or groups
*****************************************
>> It would require lot of process effort in an organization to have a single C4E team coordinating with multiple already organized development teams which are into several independent initiatives. A single C4E works well with different teams having at least a common initiative. So, in this scenario, federated C4E works well instead of centralized C4E.


NEW QUESTION # 35
Mule applications that implement a number of REST APIs are deployed to their own subnet that is inaccessible from outside the organization.
External business-partners need to access these APIs, which are only allowed to be invoked from a separate subnet dedicated to partners - called Partner-subnet. This subnet is accessible from the public internet, which allows these external partners to reach it.
Anypoint Platform and Mule runtimes are already deployed in Partner-subnet. These Mule runtimes can already access the APIs.
What is the most resource-efficient solution to comply with these requirements, while having the least impact on other applications that are currently using the APIs?

  • A. Redeploy the API implementations to the same servers running the Mule runtimes
  • B. Add an additional endpoint to each API for partner-enablement consumption
  • C. Duplicate the APIs as Mule applications, then deploy them to the Mule runtimes
  • D. Implement (or generate) an API proxy Mule application for each of the APIs, then deploy the API proxies to the Mule runtimes

Answer: D


NEW QUESTION # 36
What API policy would be LEAST LIKELY used when designing an Experience API that is intended to work with a consumer mobile phone or tablet application?

  • A. JSON threat protection
  • B. IPwhitellst
  • C. OAuth 2.0 access token enforcement
  • D. Client ID enforcement

Answer: B

Explanation:
IP whitelist
*****************************************
>> OAuth 2.0 access token and Client ID enforcement policies are VERY common to apply on Experience APIs as API consumers need to register and access the APIs using one of these mechanisms
>> JSON threat protection is also VERY common policy to apply on Experience APIs to prevent bad or suspicious payloads hitting the API implementations.
>> IP whitelisting policy is usually very common in Process and System APIs to only whitelist the IP range inside the local VPC. But also applied occassionally on some experience APIs where the End User/ API Consumers are FIXED.
>> When we know the API consumers upfront who are going to access certain Experience APIs, then we can request for static IPs from such consumers and whitelist them to prevent anyone else hitting the API.
However, the experience API given in the question/ scenario is intended to work with a consumer mobile phone or tablet application. Which means, there is no way we can know all possible IPs that are to be whitelisted as mobile phones and tablets can so many in number and any device in the city/state/country/globe.
So, It is very LEAST LIKELY to apply IP Whitelisting on such Experience APIs whose consumers are typically Mobile Phones or Tablets.


NEW QUESTION # 37
A company has created a successful enterprise data model (EDM). The company is committed to building an application network by adopting modern APIs as a core enabler of the company's IT operating model. At what API tiers (experience, process, system) should the company require reusing the EDM when designing modern API data models?

  • A. At the experience and process tiers
  • B. At the process and system tiers
  • C. At the experience and system tiers
  • D. At the experience, process, and system tiers

Answer: B

Explanation:
At the process and system tiers
*****************************************
>> Experience Layer APIs are modeled and designed exclusively for the end user's experience. So, the data models of experience layer vary based on the nature and type of such API consumer. For example, Mobile consumers will need light-weight data models to transfer with ease on the wire, where as web-based consumers will need detailed data models to render most of the info on web pages, so on. So, enterprise data models fit for the purpose of canonical models but not of good use for experience APIs.
>> That is why, EDMs should be used extensively in process and system tiers but NOT in experience tier.


NEW QUESTION # 38
A set of tests must be performed prior to deploying API implementations to a staging environment. Due to data security and access restrictions, untested APIs cannot be granted access to the backend systems, so instead mocked data must be used for these tests. The amount of available mocked data and its contents is sufficient to entirely test the API implementations with no active connections to the backend systems. What type of tests should be used to incorporate this mocked data?

  • A. Unit tests (Whitebox)
  • B. Integration tests
  • C. Functional tests (Blackbox)
  • D. Performance tests

Answer: A

Explanation:
Unit tests (Whitebox)
*****************************************


NEW QUESTION # 39
......

Updated Oct-2023 Pass MCPA-Level-1-Maintenance Exam - Real Practice Test Questions: https://www.torrentexam.com/MCPA-Level-1-Maintenance-exam-latest-torrent.html