真実的-信頼的なMule-Arch-201日本語版参考資料試験-試験の準備方法Mule-Arch-201対応問題集「あきらめたら そこで試合終了ですよ」という『スラムダンク』の中の安西監督が言った名言があります。この文は人々に知られています。試合と同じ、試験もそのどおりですよ。試験に準備する時間が十分ではないから、Mule-Arch-201認定試験を諦めた人がたくさんいます。しかし、優秀な資料を利用すれば、短時間の準備をしても、高得点で試験に合格することができます。信じないでしょうか。CertShikenの試験問題集はそのような資料ですよ。はやく試してください。 Salesforce Certified MuleSoft Platform Architect 認定 Mule-Arch-201 試験問題 (Q88-Q93):質問 # 88
Refer to the exhibit.
what is true when using customer-hosted Mule runtimes with the MuleSoft-hosted Anypoint Platform control plane (hybrid deployment)?
A. Anypoint Runtime Manager automatically ensures HA in the control plane by creating a new Mule runtime instance in case of a node failure
B. API implementations can run successfully in customer-hosted Mule runtimes, even when they are unable to communicate with the control plane
C. Anypoint Runtime Manager initiates a network connection to a Mule runtime in order to deploy Mule applications
D. The MuleSoft-hosted Shared Load Balancer can be used to load balance API invocations to the Mule runtimes
正解:B
解説:
Correct Answe r: API implementations can run successfully in customer-hosted Mule runtimes, even when they are unable to communicate with the control plane.
*****************************************
>> We CANNOT use Shared Load balancer to load balance APIs on customer hosted runtimes
>> For Hybrid deployment models, the on-premises are first connected to Runtime Manager using Runtime Manager agent. So, the connection is initiated first from On-premises to Runtime Manager. Then all control can be done from Runtime Manager.
>> Anypoint Runtime Manager CANNOT ensure automatic HA. Clusters/Server Groups etc should be configured before hand.
Only TRUE statement in the given choices is, API implementations can run successfully in customer-hosted Mule runtimes, even when they are unable to communicate with the control plane. There are several references below to justify this statement.
Reference: https://docs.mulesoft.com/runtim ... #hybrid-deployments https://help.mulesoft.com/s/arti ... lane-June-18th-2018 https://help.mulesoft.com/s/arti ... lane-June-25th-2019 https://help.mulesoft.com/s/arti ... nager-May-29th-2018
質問 # 89
An organization is deploying their new implementation of the OrderStatus System API to multiple workers in CloudHub. This API fronts the organization's on-premises Order Management System, which is accessed by the API implementation over an IPsec tunnel.
What type of error typically does NOT result in a service outage of the OrderStatus System API?
A. A CloudHub worker fails with an out-of-memory exception
B. The Order Management System is Inaccessible due to a network outage in the organization's on-premises data center
C. API Manager has an extended outage during the initial deployment of the API implementation
D. The AWS region goes offline with a major network failure to the relevant AWS data centers
正解:A
解説:
Correct Answe r: A CloudHub worker fails with an out-of-memory exception.
*****************************************
>> An AWS Region itself going down will definitely result in an outage as it does not matter how many workers are assigned to the Mule App as all of those in that region will go down. This is a complete downtime and outage.
>> Extended outage of API manager during initial deployment of API implementation will of course cause issues in proper application startup itself as the API Autodiscovery might fail or API policy templates and polices may not be downloaded to embed at the time of applicaiton startup etc... there are many reasons that could cause issues.
>> A network outage onpremises would of course cause the Order Management System not accessible and it does not matter how many workers are assigned to the app they all will fail and cause outage for sure.
The only option that does NOT result in a service outage is if a cloudhub worker fails with an out-of-memory exception. Even if a worker fails and goes down, there are still other workers to handle the requests and keep the API UP and Running. So, this is the right answer.
質問 # 90
Due to a limitation in the backend system, a system API can only handle up to 500 requests per second. What is the best type of API policy to apply to the system API to avoid overloading the backend system?
A. HTTP caching
B. Spike control
C. Rate limiting
D. Rate limiting - SLA based
正解:B
解説:
Correct Answe r: Spike control
*****************************************
>> First things first, HTTP Caching policy is for purposes different than avoiding the backend system from overloading. So this is OUT.
>> Rate Limiting and Throttling/ Spike Control policies are designed to limit API access, but have different intentions.
>> Rate limiting protects an API by applying a hard limit on its access.
>> Throttling/ Spike Control shapes API access by smoothing spikes in traffic.
That is why, Spike Control is the right option.
質問 # 91
Which statement is true about identity management and client management on Anypoint Platform?
A. Both client management and identity management require an identity provider
B. If an external client provider is configured, it must be configured at the Anypoint Platform organization level and cannot be assigned to individual business groups and environments
C. If an external identity provider is configured, the SAML 2.0 bearer tokens issued by the identity provider cannot be used for invocations of the Anypoint Platform web APIs
D. Anypoint Platform supports configuring one external identity provider
正解:D
解説:
Anypoint Platform allows organizations to integrate one external identity provider (IdP) for identity and access management (IAM), supporting SSO and centralized user authentication.
Identity Provider Limit:
Anypoint Platform supports configuring a single IdP for the organization, which can be used to authenticate all users across business groups and environments within that Anypoint organization.
of Correct Answer (C):
Configuring one IdP ensures centralized and secure identity management, aligned with MuleSoft's architecture.
of Incorrect Options:
Option A is incorrect because SAML 2.0 bearer tokens from external IdPs can indeed be used for invoking Anypoint Platform APIs.
Option B is incorrect as client providers can be assigned to specific business groups and environments.
Option D is incorrect since only identity management strictly requires an IdP; client management does not.
Reference
For further details on identity management options, consult MuleSoft documentation on Anypoint Platform's IAM capabilities.
質問 # 92
An IT Security Compliance Auditor is assessing which nonfunctional requirements (NFRs) are already being implemented to meet security measures.
* The Web API has Rate-Limiting SLA
* Basic Authentication - LDAP
* JSON Threat Protection
* TP Allowlist policies applied
Which two NFRs-are enforced?
A. The API is protected against XML invocation attacks
B. Performance expectations are to be allowed up to 1,000 requests per second
C. The API invocations are coming from a known subnet range
D. Username/password supported to validate login credentials
E. Sensitive data is masked to prevent compromising critical information
正解:C、D
解説:
Understanding Nonfunctional Requirements (NFRs):
The NFRs in this context are related to security measures implemented for the Web API, such as rate limiting, LDAP-based authentication, JSON threat protection, and IP allowlist policies.
Evaluating the Options:
Option A (Correct Answer): The IP allowlist policy restricts access to known subnets, ensuring that API invocations come from a defined range of IPs.
Option B (Correct Answer): Basic Authentication with LDAP enforces a username/password validation, satisfying an NFR for identity verification.
Option C: Masking sensitive data is not part of the listed NFRs, as none of the mentioned policies address data masking.
Option D: XML threat protection is not mentioned, so this option is incorrect.
Option E: While rate-limiting implies performance control, it does not directly enforce a specific performance expectation.
Conclusion:
Options A and B are correct as they directly address the implemented security measures related to IP range restrictions and username/password authentication.
Refer to MuleSoft's documentation on API security policies for details on LDAP, rate limiting, and allowlist policies.
