ExamGecko
Search Search Login
Home Home / MuleSoft / MCIA - Level 1
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A mule application is deployed to a Single Cloudhub worker and the public URL appears in Runtime Manager as the APP URL. Requests are sent by external web clients over the public internet to the mule application App url. Each of these requests routed to the HTTPS Listener event source of the running Mule application. Later, the DevOps team edits some properties of this running Mule application in Runtime Manager. Immediately after the new property values are applied in runtime manager, how is the current Mule application deployment affected and how will future web client requests to the Mule application be handled?
A company is designing an integration Mule application to process orders by submitting them to a back-end system for offline processing. Each order will be received by the Mule application through an HTTP5 POST and must be acknowledged immediately. Once acknowledged the order will be submitted to a back-end system. Orders that cannot be successfully submitted due to the rejections from the back-end system will need to be processed manually (outside the banking system). The mule application will be deployed to a customer hosted runtime and will be able to use an existing ActiveMQ broker if needed. The ActiveMQ broker is located inside the organization's firewall. The back-end system has a track record of unreliability due to both minor network connectivity issues and longer outages. Which combination of Mule application components and ActiveMQ queues are required to ensure automatic submission of orders to the back-end system while supporting but minimizing manual order processing?
A key Cl/CD capability of any enterprise solution is a testing framework to write and run repeatable tests. Which component of Anypoint Platform provides the te6t automation capabilities for customers to use in their pipelines?
According to the National Institute of Standards and Technology (NIST), which cloud computing deployment model describes a composition of two or more distinct clouds that support data and application portability?
A company is planning to migrate its deployment environment from on-premises cluster to a Runtime Fabric (RTF) cluster. It also has a requirement to enable Mule applications deployed to a Mule runtime instance to store and share data across application replicas and restarts. How can these requirements be met?
An organization has an HTTPS-enabled Mule application named Orders API that receives requestsfrom another Mule application named Process Orders. The communication between these two Mule applications must be secured by TLS mutual authentication (two-way TLS). At a minimum, what must be stored in each truststore and keystore of these two Mule applications to properly support two-way TLS between the two Mule applications while properly protecting each Mule application's keys?
An organization is implementing a Quote of the Day API that caches today's quote. What scenario can use the CloudHub Object Store connector to persist the cache's state?
Refer to the exhibit. Anypoint Platform supports role-based access control (RBAC) to features of the platform. An organization has configured an external Identity Provider for identity management with Anypoint Platform. What aspects of RBAC must ALWAYS be controlled from the Anypoint Platform control plane and CANNOT be controlled via the external Identity Provider?
What is required before an API implemented using the components of Anypoint Platform can be managed and governed (by applying API policies) on Anypoint Platform?
An organization is not meeting its growth and innovation objectives because IT cannot deliver projects last enough to keep up with the pace of change required by the business. According to MuleSoft's IT delivery and operating model, which step should the organization lake to solve this problem?

Question 233 - MCIA - Level 1 discussion

Report
Export

What is an advantage of using OAuth 2.0 client credentials and access tokens over only API keys for API authentication?

A.
If the access token is compromised, the client credentials do not to be reissued.
Answers
A.
If the access token is compromised, the client credentials do not to be reissued.
B.
If the access token is compromised, I can be exchanged for an API key.
Answers
B.
If the access token is compromised, I can be exchanged for an API key.
C.
If the client ID is compromised, it can be exchanged for an API key
Answers
C.
If the client ID is compromised, it can be exchanged for an API key
D.
If the client secret is compromised, the client credentials do not have to be reissued.
Answers
D.
If the client secret is compromised, the client credentials do not have to be reissued.
Suggested answer: A

Explanation:

The advantage of using OAuth 2.0 client credentials and access tokens over only API keys for API authentication is that if the access token is compromised, the client credentials do not have to be reissued.

OAuth 2.0 is a secure protocol for authenticating clients and authorizing them to access protected resources. It works by having the client authenticate with the authorization server and receive an access token, which is then used to authenticate requests to the API. If the access token is compromised, it can be revoked and replaced without needing to reissue the client credentials.

Reference: MuleSoft Certified Integration Architect - Level 1 Official Text Book and Resources:

Chapter 7: Security

Section 7.2: OAuth 2.0

Show Answer
asked 18/09/2024
Parita Malbari
48 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms