ExamGecko
Search Search Login
Home Home / MuleSoft / MCPA - Level 1
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following best fits the definition of API-led connectivity?
An API implementation returns three X-RateLimit-* HTTP response headers to a requesting APIclient. What type of information do these response headers indicate to the API client?
A Mule application exposes an HTTPS endpoint and is deployed to three CloudHub workers that donot use static IP addresses. The Mule application expects a high volume of client requests in shorttime periods. What is the most cost-effective infrastructure component that should be used to servethe high volume of client requests?
Which of the following sequence is correct?
What is true about API implementations when dealing with legal regulations that require all data processing to be performed within a certain jurisdiction (such as in the USA or the EU)?
What correctly characterizes unit tests of Mule applications?
An API experiences a high rate of client requests (TPS) vwth small message paytoads. How can usage limits be imposed on the API based on the type of client application?
What is the most performant out-of-the-box solution in Anypoint Platform to track transaction state in an asynchronously executing long-running process implemented as a Mule application deployed to multiple CloudHub workers?
An organization is implementing a Quote of the Day API that caches today's quote. What scenario can use the GoudHub Object Store via the Object Store connector to persist the cache's state?
Select the correct Owner-Layer combinations from below options

Question 17 - MCPA - Level 1 discussion

Report
Export

A System API is designed to retrieve data from a backend system that has scalability challenges.

What API policy can best safeguard the backend system?

A.
IPwhitelist
Answers
A.
IPwhitelist
B.
SLA-based rate limiting
Answers
B.
SLA-based rate limiting
C.
Auth 2 token enforcement
Answers
C.
Auth 2 token enforcement
D.
Client ID enforcement
Answers
D.
Client ID enforcement
Suggested answer: A, B, D

Explanation:

Answer: SLA-based rate limiting

*****************************************

>> Client Id enforement policy is a "Compliance" related NFR and does not help in maintaining the "Quality of Service (QoS)". It CANNOT and NOT meant for protecting the backend systems from scalability challenges.

>> IP Whitelisting and OAuth 2.0 token enforcement are "Security" related NFRs and again does not help in maintaining the "Quality of Service (QoS)". They CANNOT and are NOT meant for protecting the backend systems from scalability challenges.

Rate Limiting, Rate Limiting-SLA, Throttling, Spike Control are the policies that are "Quality of Service (QOS)" related NFRs and are meant to help in protecting the backend systems from getting overloaded.

https://dzone.com/articles/how-to-secure-apis

Show Answer
asked 18/09/2024
Justin Kim
38 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms