MCPA-Level-1PDF試験材料2022年最新の実際に出るMCPA-Level-1問題集
更新されたのはMuleSoft MCPA-Level-1問題集PDFオンラインエンジン
質問 23
The responses to some HTTP requests can be cached depending on the HTTP verb used in the request. According to the HTTP specification, for what HTTP verbs is this safe to do?
- A. GET, OPTIONS, HEAD
- B. PUT, POST, DELETE
- C. GET, HEAD, POST
- D. GET, PUT, OPTIONS
正解: A
解説:
Correct answer: GET, OPTIONS, HEAD
http://restcookbook.com/HTTP%20Methods/idempotency/
質問 24
Refer to the exhibit.
An organization uses one specific CloudHub (AWS) region for all CloudHub deployments.
How are CloudHub workers assigned to availability zones (AZs) when the organization's Mule applications are deployed to CloudHub in that region?
- A. Workers are randomly distributed across available AZs within that region
- B. AZs are selected as part of the Mule application's deployment configuration
- C. Workers belonging to a given environment are assigned to the same AZ within that region
- D. An AZ is randomly selected for a Mule application, and all the Mule application's CloudHub workers are assigned to that one AZ
正解: D
質問 25
An organization makes a strategic decision to move towards an IT operating model that emphasizes consumption of reusable IT assets using modern APIs (as defined by MuleSoft).
What best describes each modern API in relation to this new IT operating model?
- A. Each modern API must be REST and HTTP based
- B. Each modern API must be easy to consume, so should avoid complex authentication mechanisms such as SAML or JWT D
- C. Each modem API must be treated like a product and designed for a particular target audience (for instance, mobile app developers)
- D. Each modern API has its own software development lifecycle, which reduces the need for documentation and automation
正解: C
解説:
Correct Answers:
1. Each modern API must be treated like a product and designed for a particular target audience (for instance mobile app developers)
*****************************************
質問 26
A Mule application exposes an HTTPS endpoint and is deployed to the CloudHub Shared Worker Cloud. All traffic to that Mule application must stay inside the AWS VPC.
To what TCP port do API invocations to that Mule application need to be sent?
- A. 0
- B. 1
- C. 2
- D. 3
正解: A
解説:
Correct answer: 8082
*****************************************
>> 8091 and 8092 ports are to be used when keeping your HTTP and HTTPS app private to the LOCAL VPC respectively.
>> Above TWO ports are not for Shared AWS VPC/ Shared Worker Cloud.
>> 8081 is to be used when exposing your HTTP endpoint app to the internet through Shared LB
>> 8082 is to be used when exposing your HTTPS endpoint app to the internet through Shared LB So, API invocations should be sent to port 8082 when calling this HTTPS based app.
References:
https://docs.mulesoft.com/runtime-manager/cloudhub-networking-guide
https://help.mulesoft.com/s/article/Configure-Cloudhub-Application-to-Send-a-HTTPS-Request-Directly-to-Another-Cloudhub-Application
https://help.mulesoft.com/s/question/0D52T00004mXXULSA4/multiple-http-listerners-on-cloudhub-one-with-port-9090
質問 27
An API implementation is being designed that must invoke an Order API, which is known to repeatedly experience downtime.
For this reason, a fallback API is to be called when the Order API is unavailable.
What approach to designing the invocation of the fallback API provides the best resilience?
- A. Set an option in the HTTP Requester component that invokes the Order API to instead invoke a fallback API whenever an HTTP 4xx or 5xx response status code is returned from the Order API
- B. Search Anypoint Exchange for a suitable existing fallback API, and then implement invocations to this fallback API in addition to the Order API
- C. Redirect client requests through an HTTP 307 Temporary Redirect status code to the fallback API whenever the Order API is unavailable
- D. Create a separate entry for the Order API in API Manager, and then invoke this API as a fallback API if the primary Order API is unavailable
正解: C
質問 28
An Anypoint Platform organization has been configured with an external identity provider (IdP) for identity management and client management. What credentials or token must be provided to Anypoint CLI to execute commands against the Anypoint Platform APIs?
- A. The credentials provided by the IdP for client management
- B. The credentials provided by the IdP for identity management
- C. An OAuth 2.0 token generated using the credentials provided by the IdP for client management
- D. An OAuth 2.0 token generated using the credentials provided by the IdP for identity management
正解: B
解説:
Correct answer: The credentials provided by the IdP for identity management
*****************************************
Reference:
>> There is no support for OAuth 2.0 tokens from client/identity providers to authenticate via Anypoint CLI. Only possible tokens are "bearer tokens" that too only generated using Anypoint Organization/Environment Client Id and Secret from https://anypoint.mulesoft.com/accounts/login. Not the client credentials of client provider. So, OAuth 2.0 is not possible. More over, the token is mainly for API Manager purposes and not associated with a user. You can NOT use it to call most APIs (for example Cloudhub and etc) as per this Mulesoft Knowledge article.
>> The other option allowed by Anypoint CLI is to use client credentials. It is possible to use client credentials of a client provider but requires setting up Connected Apps in client management but such details are not given in the scenario explained in the question.
>> So only option left is to use user credentials from identify provider
質問 29
What API policy would LEAST likely be applied to a Process API?
- A. JSON threat protection
- B. Custom circuit breaker
- C. Client ID enforcement
- D. Rate limiting
正解: B
解説:
Explanation/Reference: https://docs.mulesoft.com/api-manager/2.x/policy-mule3-provided-policies
質問 30
An organization makes a strategic decision to move towards an IT operating model that emphasizes consumption of reusable IT assets using modern APIs (as defined by MuleSoft).
What best describes each modern API in relation to this new IT operating model?
- A. Each modern API must be easy to consume, so should avoid complex authentication mechanisms such as SAML or JWT.
- B. Each modern API must be treated like a product and designed for a particular target audience (for instance, mobile app developers)
- C. Each modern API has its own software development lifecycle, which reduces the need for documentation and automation.
- D. Each modern API must be REST and HTTP based.
正解: B
質問 31
Refer to the exhibit.
what is true when using customer-hosted Mule runtimes with the MuleSoft-hosted Anypoint Platform control plane (hybrid deployment)?
- A. API implementations can run successfully in customer-hosted Mule runtimes, even when they are unable to communicate with the control plane
- B. The MuleSoft-hosted Shared Load Balancer can be used to load balance API invocations to the Mule runtimes
- C. Anypoint Runtime Manager automatically ensures HA in the control plane by creating a new Mule runtime instance in case of a node failure
- D. Anypoint Runtime Manager initiates a network connection to a Mule runtime in order to deploy Mule applications
正解: C
質問 32
What is true about the technology architecture of Anypoint VPCs?
- A. VPC peering can be used to link the underlying AWS VPC to an on-premises (non AWS) private network
- B. Traffic between Mule applications deployed to an Anypoint VPC and on-premises systems can stay within a private network
- C. The private IP address range of an Anypoint VPC is automatically chosen by CloudHub
- D. Each CloudHub environment requires a separate Anypoint VPC
正解: C
質問 33
What is typically NOT a function of the APIs created within the framework called API-led connectivity?
- A. They provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.
- B. They reduce the dependency on the underlying backend systems by helping unlock data from backend systems In a reusable and consumable way.
- C. They allow for innovation at the user Interface level by consuming the underlying assets without being aware of how data Is being extracted from backend systems.
- D. They can compose data from various sources and combine them with orchestration logic to create higher level value.
正解: C
質問 34
Refer to the exhibit.
What is a valid API in the sense of API-led connectivity and application networks?
A) Java RMI over TCP
B) Java RMI over TCP
C) CORBA over HOP
D) XML over UDP
- A. Option C
- B. Option B
- C. Option A
- D. Option D
正解: D
質問 35
What is the main change to the IT operating model that MuleSoft recommends to organizations to improve innovation and clock speed?
- A. Implement SOA for reusable APIs to focus on production over consumption; this standardizes on XML and WSDL formats to speed up decision making
- B. Create a lean and agile organization that makes many small decisions everyday; this speeds up decision making and enables each line of business to take ownership of its projects
- C. Expose assets using a Master Data Management (MDM) system; this standardizes projects and enables developers to quickly discover and reuse assets from other projects
- D. Drive consumption as much as production of assets; this enables developers to discover and reuse assets from other projects and encourages standardization
正解: D
解説:
Correct answer: Drive consumption as much as production of assets; this enables developers to discover and reuse assets from other projects and encourages standardization
*****************************************
>> The main motto of the new IT Operating Model that MuleSoft recommends and made popular is to change the way that they are delivered from a production model to a production + consumption model, which is done through an API strategy called API-led connectivity.
>> The assets built should also be discoverable and self-serveable for reusablity across LOBs and organization.
>> MuleSoft's IT operating model does not talk about SDLC model (Agile/ Lean etc) or MDM at all. So, options suggesting these are not valid.
References:
https://blogs.mulesoft.com/biz/connectivity/what-is-a-center-for-enablement-c4e/
https://www.mulesoft.com/resources/api/secret-to-managing-it-projects
質問 36
A System API is designed to retrieve data from a backend system that has scalability challenges. What API policy can best safeguard the backend system?
- A. IPwhitelist
- B. SLA-based rate limiting
- C. Client ID enforcement
- D. Auth 2 token enforcement
正解: D
質問 37
An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.
The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.
What out-of-the-box Anypoint Platform policy can address exposure to this threat?
- A. Apply a Header injection and removal policy that detects the malicious data before it is used
- B. Shut out bad actors by using HTTPS mutual authentication for all API invocations
- C. Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors
- D. Apply a JSON threat protection policy to all APIs to detect potential threat vectors
正解: D
解説:
Correct answer: Apply a JSON threat protection policy to all APIs to detect potential threat vectors
*****************************************
>> Usually, if the APIs are designed and developed for specific consumers (known consumers/customers) then we would IP Whitelist the same to ensure that traffic only comes from them.
>> However, as this scenario states that the APIs are publicly available and being used by so many mobile and web applications, it is NOT possible to identify and blacklist all possible bad actors.
>> So, JSON threat protection policy is the best chance to prevent any bad JSON payloads from such bad actors.
質問 38
True or False. We should always make sure that the APIs being designed and developed are self-servable even if it needs more man-day effort and resources.
- A. TRUE
- B. FALSE
正解: A
解説:
Correct answer: TRUE
*****************************************
>> As per MuleSoft proposed IT Operating Model, designing APIs and making sure that they are discoverable and self-servable is VERY VERY IMPORTANT and decides the success of an API and its application network.
質問 39
What best describes the Fully Qualified Domain Names (FQDNs), also known as DNS entries, created when a Mule application is deployed to the CloudHub Shared Worker Cloud?
- A. The FQDNs are determined by the application name, but can be modified by an administrator after deployment
- B. The FQDNs are determined by both the application name and the Anypoint Platform organization
- C. A fixed number of FQDNs are created, IRRESPECTIVE of the environment and VPC design
- D. The FQDNs are determined by the application name chosen, IRRESPECTIVE of the region
正解: C
質問 40
What Mule application can have API policies applied by
Anypoint Platform to the endpoint exposed by that Mule application?
A) A Mule application that accepts requests over HTTP/1.x
B) A Mule application that accepts JSON requests over TCP but is NOT required to provide a response
C) A Mute application that accepts JSON requests over WebSocket
D) A Mule application that accepts gRPC requests over HTTP/2
- A. Option D
- B. Option C
- C. Option B
- D. Option A
正解: D
解説:
Correct answer: Option A
*****************************************
>> Anypoint API Manager and API policies are applicable to all types of HTTP/1.x APIs.
>> They are not applicable to WebSocket APIs, HTTP/2 APIs and gRPC APIs
質問 41
An organization has implemented a Customer Address API to retrieve customer address information. This API has been deployed to multiple environments and has been configured to enforce client IDs everywhere.
A developer is writing a client application to allow a user to update their address. The developer has found the Customer Address API in Anypoint Exchange and wants to use it in their client application.
What step of gaining access to the API can be performed automatically by Anypoint Platform?
- A. Approve the client application request for the chosen SLA tier
- B. Request access to the appropriate API Instances deployed to multiple environments using the client application's credentials
- C. Create a new application in Anypoint Exchange for requesting access to the API
- D. Modify the client application to call the API using the client application's credentials
正解: A
解説:
Correct answer: Approve the client application request for the chosen SLA tier
*****************************************
>> Only approving the client application request for the chosen SLA tier can be automated
>> Rest of the provided options are not valid
質問 42
What is the most performant out-of-the-box solution in Anypoint Platform to track transaction state in an asynchronously executing long-running process implemented as a Mule application deployed to multiple CloudHub workers?
- A. java.util.WeakHashMap
- B. Persistent Object Store
- C. Redis distributed cache
- D. File-based storage
正解: C
質問 43
......
MuleSoft MCPA-Level-1 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
MuleSoft MCPA-Level-1問題集PDFのベストを目指すなら問題集を使おう 目指そう高得点:https://www.goshiken.com/MuleSoft/MCPA-Level-1-mondaishu.html