Salesforce Certified MuleSoft Platform Architect (Mule-Arch-201) Exam Questions Instant Access

Question 1

What is true about API implementations when dealing with legal regulations that require all data processing to be performed within a certain jurisdiction (such as in the USA or the EU)?

AThey must avoid using the Object Store as it depends on services deployed ONLY to the US East region

BThey must use a Jurisdiction-local external messaging system such as Active MQ rather than Anypoint MQ

CThey must te deployed to Anypoint Platform runtime planes that are managed by Anypoint Platform control planes, with both planes in the same Jurisdiction

DThey must ensure ALL data is encrypted both in transit and at rest

Answer : C

Correct Answe r: They must be deployed to Anypoint Platform runtime planes that are managed by Anypoint Platform control planes, with both planes in the same Jurisdiction.

*****************************************

>> As per legal regulations, all data processing to be performed within a certain jurisdiction. Meaning, the data in USA should reside within USA and should not go out. Same way, the data in EU should reside within EU and should not go out.

>> So, just encrypting the data in transit and at rest does not help to be compliant with the rules. We need to make sure that data does not go out too.

>> The data that we are talking here is not just about the messages that are published to Anypoint MQ. It includes the apps running, transaction states, application logs, events, metric info and any other metadata. So, just replacing Anypoint MQ with a locally hosted ActiveMQ does NOT help.

>> The data that we are talking here is not just about the key/value pairs that are stored in Object Store. It includes the messages published, apps running, transaction states, application logs, events, metric info and any other metadata. So, just avoiding using Object Store does NOT help.

>> The only option left and also the right option in the given choices is to deploy application on runtime and control planes that are both within the jurisdiction.

Question 2

A business process is being implemented within an organization's application network. The architecture group proposes using a more coarse-grained application

network design with relatively fewer APIs deployed to the application network compared to a more fine-grained design.

Overall, which factor typically increases with a more coarse-grained design for this business process implementation and deployment compared with using a more fine-grained

design?

AThe complexity of each API implementation

BThe number of discoverable assets related to APIs deployed in the application network

CThe number of possible connections between API implementations in the application network

DThe usage of network infrastructure resources by the application network

Answer : A

Understanding Coarse-Grained vs. Fine-Grained API Design:

A coarse-grained design consolidates multiple operations within a single API, leading to fewer APIs but with more complex implementations. Conversely, a fine-grained design breaks down functionalities into smaller, more specific APIs, resulting in simpler implementations but a larger number of APIs.

Evaluating the Options:

Option A (Correct Answer): With a coarse-grained design, each API handles more functionalities, increasing the complexity of each API implementation as it needs to manage more use cases and logic.

Option B: A coarse-grained design typically reduces the number of APIs, so fewer discoverable assets are available.

Option C: Fewer APIs generally mean fewer connections between them in the application network.

Option D: Network infrastructure usage may actually decrease with fewer APIs, as there are fewer calls between APIs.

Conclusion:

Option A is the correct answer, as the complexity of each API implementation increases in a coarse-grained design due to the consolidation of multiple functionalities into single APIs.

Refer to MuleSoft's documentation on API design principles and best practices for coarse-grained vs. fine-grained API implementation.

Question 3

What is the most performant out-of-the-box solution in Anypoint Platform to track transaction state in an asynchronously executing long-running process implemented as a Mule application deployed to multiple CloudHub workers?

ARedis distributed cache

Bjava.util.WeakHashMap

CPersistent Object Store

DFile-based storage

Answer : C

Correct Answe r: Persistent Object Store

*****************************************

>> Redis distributed cache is performant but NOT out-of-the-box solution in Anypoint Platform

>> File-storage is neither performant nor out-of-the-box solution in Anypoint Platform

>> java.util.WeakHashMap needs a completely custom implementation of cache from scratch using Java code and is limited to the JVM where it is running. Which means the state in the cache is not worker aware when running on multiple workers. This type of cache is local to the worker. So, this is neither out-of-the-box nor worker-aware among multiple workers on cloudhub. https://www.baeldung.com/java-weakhashmap

>> Persistent Object Store is an out-of-the-box solution provided by Anypoint Platform which is performant as well as worker aware among multiple workers running on CloudHub. https://docs.mulesoft.com/object-store/

So, Persistent Object Store is the right answer.

Question 4

What is typically NOT a function of the APIs created within the framework called API-led connectivity?

AThey provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.

BThey allow for innovation at the user Interface level by consuming the underlying assets without being aware of how data Is being extracted from backend systems.

CThey reduce the dependency on the underlying backend systems by helping unlock data from backend systems In a reusable and consumable way.

DThey can compose data from various sources and combine them with orchestration logic to create higher level value.

Answer : A

Correct Answe r: They provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.

*****************************************

In API-led connectivity,

>> Experience APIs - allow for innovation at the user interface level by consuming the underlying assets without being aware of how data is being extracted from backend systems.

>> Process APIs - compose data from various sources and combine them with orchestration logic to create higher level value

>> System APIs - reduce the dependency on the underlying backend systems by helping unlock data from backend systems in a reusable and consumable way.

However, they NEVER promise that they provide an additional layer of resilience on top of the underlying backend system, thereby insulating clients from extended failure of these systems.

https://dzone.com/articles/api-led-connectivity-with-mule

Question 5

An API experiences a high rate of client requests (TPS) vwth small message paytoads. How can usage limits be imposed on the API based on the type of client application?

AUse an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type

BUse a spike control policy that limits the number of requests for each client application type

CUse a cross-origin resource sharing (CORS) policy to limit resource sharing between client applications, configured by the client application type

DUse a rate limiting policy and a client ID enforcement policy, each configured by the client application type

Answer : A

Correct Answe r: Use an SLA-based rate limiting policy and assign a client application to a matching SLA tier based on its type.

*****************************************

>> SLA tiers will come into play whenever any limits to be imposed on APIs based on client type

Question 6

An API implementation is updated. When must the RAML definition of the API also be updated?

AWhen the API implementation changes the structure of the request or response messages

BWhen the API implementation changes from interacting with a legacy backend system deployed on-premises to a modern, cloud-based (SaaS) system

CWhen the API implementation is migrated from an older to a newer version of the Mule runtime

DWhen the API implementation is optimized to improve its average response time

Answer : A

Correct Answe r: When the API implementation changes the structure of the request or response messages

*****************************************

>> RAML definition usually needs to be touched only when there are changes in the request/response schemas or in any traits on API.

>> It need not be modified for any internal changes in API implementation like performance tuning, backend system migrations etc..

Question 7

Refer to the exhibit.

A developer is building a client application to invoke an API deployed to the STAGING environment that is governed by a client ID enforcement policy.

What is required to successfully invoke the API?

AThe client ID and secret for the Anypoint Platform account owning the API in the STAGING environment

BThe client ID and secret for the Anypoint Platform account's STAGING environment

CThe client ID and secret obtained from Anypoint Exchange for the API instance in the STAGING environment

DA valid OAuth token obtained from Anypoint Platform and its associated client ID and secret

Answer : C

Correct Answe r: The client ID and secret obtained from Anypoint Exchange for the API instance in the STAGING environment

*****************************************

>> We CANNOT use the client ID and secret of Anypoint Platform account or any individual environments for accessing the APIs

>> As the type of policy that is enforced on the API in question is 'Client ID Enforcment Policy', OAuth token based access won't work.

Right way to access the API is to use the client ID and secret obtained from Anypoint Exchange for the API instance in a particular environment we want to work on.

Managing API instance Contracts on API Manager

https://docs.mulesoft.com/api-manager/1.x/request-access-to-api-task

https://docs.mulesoft.com/exchange/to-request-access

https://docs.mulesoft.com/api-manager/2.x/policy-mule3-client-id-based-policies