Salesforce Certified Platform Integration Architect Plat-Arch-204 Exam Questions

Answer : A

In modern enterprise architecture, securing the boundary between cloud environments like Salesforce and on-premise data centers is a critical responsibility of the Integration Architect. When Corporate Security Guidelines mandate that all traffic must pass through a secure firewall, the architecture must support a Demilitarized Zone (DMZ) or 'Perimeter Network' strategy.

An API Gateway or a specialized middleware connector acts as the 'front door' for these on-premise resources. The architect must evaluate whether the chosen middleware solution supports a distributed deployment model where the gateway component can reside within the DMZ. This setup allows the organization to terminate external (cloud) connections in a hardened environment before the traffic is inspected and proxied to the internal, trusted network.

While supporting OAuth (Option C) is essential for modern authentication, it does not satisfy the specific network-level firewall requirement described. Similarly, ODBC connections (Option B) are low-level database protocols that usually operate deep within the internal network and would typically be considered a security risk if exposed directly to a firewall.

By ensuring the middleware has an architecturally compatible gateway for the DMZ, the architect provides a solution that allows for deep packet inspection, IP whitelisting, and rate limiting at the edge of the corporate network. This approach aligns with the 'Defense in Depth' principle, ensuring that Salesforce can securely communicate with legacy systems (like SAP or internal databases) without exposing those systems directly to the public internet, thereby satisfying the new Corporate Security Guidelines.

Answer : A

For HR synchronization requiring high reliability and a multi-day data retention window, Change Data Capture (CDC) is the optimal architectural choice.12

CDC is an event-driven integration framework that automatically publ3ishes change events for Sale4sforce records (Create, Update, Delete, and Undelete). A critical feature of CDC for failure recovery is its 72-hour (3-day) retention window. If the external HR system or the replication middleware experience downtime, the change events remain stored in the Salesforce event bus for up to three days. Once the HR system is back online, the subscriber can use the Replay ID of the last successfully processed event to retrieve all missed notifications from the bus, ensuring zero data loss during the outage.

In contrast, Outbound Messaging (Option B) only provides a 24-hour retry window. If the target system is unavailable for more than one day, the notifications are dropped, making it unsuitable for a 3-day requirement. Callouts (Option C) are typically synchronous and do not have native, platform-managed storage or retry mechanisms for failed requests; once a callout fails, the data is lost unless a custom retry architecture is built. CDC's native, durable event bus provides the necessary scalability and resilience for critical HR data synchronization without requiring complex custom code for error handling and data recovery.

Answer : A

In this scenario, the primary architectural challenge is managing high-latency, multi-step orchestration involving 10 disparate external systems. Each agency has a varying response time that can span several days, making a synchronous 'Request-Reply' pattern within Salesforce technically impossible due to transaction timeout limits (maximum 120 seconds).

The recommended approach is to leverage Middleware as the orchestration and state-management layer. Middleware (such as an ESB or iPaaS) is specifically designed for Process Choreography. Salesforce initiates a single 'Fire and Forget' request to the middleware. The middleware then takes responsibility for:

Sequential or Parallel Callouts: Initiating the requests to all 10 verification agencies.

Callback Management: Handling the asynchronous responses from each agency as they arrive over a period of days.

Aggregation Logic: Consolidating the results and determining when the 'Business Process' is complete (e.g., all 10 agencies have approved).

Once the consolidation logic is satisfied, the middleware performs a Remote Call-In to the Salesforce REST API to update the trainer's record. This pattern keeps Salesforce 'clean' by moving complex, long-running orchestration logic off-platform, preventing the consumption of excessive Apex CPU time and ensuring that Salesforce only receives a single, final status update.

Option B (External Services) is unsuitable for a multi-day asynchronous process as it is designed for real-time, synchronous Flow actions. Option C (@future) is restricted by the same 120-second timeout and cannot handle the 'waiting' state required for days of verification. Using middleware provides the necessary Quality of Service (QoS), durability, and error handling required for such a critical enterprise compliance process.

Answer : B

When dealing with a 'big surge' or high-volume influx of requests, a synchronous pattern like Request and Reply (Option A) can lead to significant performance bottlenecks. In a synchronous model, each Salesforce user thread must wait for the external scheduling system to respond, which could lead to 'Concurrent Request Limit' errors during peak times.

The Remote Process Invocation---Fire and Forget pattern is the architecturally sound choice for managing surges. In this pattern, Salesforce captures the registration intent and immediately hands it off to an asynchronous process or a middleware queue. Salesforce does not wait for the external system to process the room capacity logic; instead, it receives a simple acknowledgment that the message was received.23

This pattern decouples the front-end user experience from the back-end processing limits. Middleware can then 'drip-feed' these registration4s into the scheduling system at a rate it can handl5e. If the scheduling system becomes overwhelmed or goes offline, the messages remain safely in the queue. Option C (Batch) is unsuitable because users expect near real-time feedback on their registration attempt, even if the final confirmation is sent a few minutes later. By utilizing Fire and Forget, NTO ensures a responsive Community Experience during the critical launch window while maintaining system stability.

Answer : B

Prior to implementing Shield Platform Encryption, the most critical step for an Integration Architect is to perform a comprehensive Review of Shield Platform Encryption configurations and their impact on existing platform functionality. Encryption at rest is not a 'set-and-forget' feature; it changes how the Salesforce database interacts with various features, and failing to review these limitations beforehand can lead to significant business disruption.

Salesforce documentation emphasizes that encryption affects several core areas:

SOQL/SOSL Limitations: Encrypted fields have restricted capabilities in WHERE, GROUP BY, and ORDER BY clauses.1 For example, if Social Security Numbers (SSNs) are encrypted using Probabilistic Encryption, they cannot be filtered or sorted in a query.2 This could break existing integrations or reports that rely on finding specific records by SSN.

Search Functionality: While Salesforce supports searching for encrypted data, there are specific behaviors to consider regarding how search indexes are built and updated.

AppExchange and Managed Packages: If the SSN field is used by a third-party app or a managed package, encrypting it might cause those external tools to fail if they are not designed to handle encrypted data types.

Field Attributes: Encrypted fields cannot be used as Unique or External IDs if using the probabilistic scheme, which is a vital consideration for data synchronization architectures.3

Therefore, the architect must first conduct a Business Impact Analysis. This includes identifying where the sensitive data (SSNs) is used in Apex code, Flows, validation rules, and reports. By reviewing the configurations and functional limitations first, the architect can decide between Probabilistic (higher security) and Deterministic (allows filtering) encryption strategies.4 Option A is a step taken during or after implementation (Background Encryption), and Option C is an anti-pattern, as encrypting 'everything' leads to unnecessary performance overhead and massive functional loss. Only after a thorough review can the architect safely proceed with the technical implementation of Shield.

Answer : A

The timing of Platform Event publishing is a critical detail for an Integration Architect, as it affects data consistency and transaction integrity. In Salesforce, the default and most common behavior for publishing Platform Events from Apex is 'Publish After Commit.'

When an architect chooses the 'Publish After Commit' setting (defined at the event level), the events are held in a buffer and are only released to the event bus after the Apex transaction completes successfully. This ensures that if the database transaction fails and rolls back, the event---which might trigger external actions---is never sent. This prevents 'ghost' events where an external system is told to process data that was never actually saved to the Salesforce database.

The question implies a standard scenario where events are being 'published' into the bus. In this state, the events have passed the transaction boundary. If the events were only 'being published from Apex' (Option C), it doesn't describe the state of the delivery or the transaction. Option B is technically incorrect for standard event publishing logic, as Salesforce explicitly separates the event bus from the database commit to maintain atomicity.

Understanding this 'After Commit' behavior is vital when designing synchronization patterns. If the architect requires the event to be sent regardless of whether the transaction succeeds (e.g., for logging a failure), they would need to configure the event as 'Publish Immediately.' However, in a standard synchronization use case where events are 'only being published,' it signifies that the source transaction has finalized, and the messages are now available for subscribers (like middleware or other Salesforce orgs) to consume.

---

Answer : A