A company wants to move its Mule API implementations into production as quickly as possible. To protect access to all Mule application data and metadata, the company requires that all Mule applications be deployed to the company's customer-hosted infrastructure within the corporate firewall. What combination of runtime plane and control plane options meets these project lifecycle goals?

• A.Manually provisioned customer-hosted runtime plane and customer-hosted control plane
• B.MuleSoft-hosted runtime plane and customer-hosted control plane
• C.Manually provisioned customer-hosted runtime plane and MuleSoft-hosted control plane
• D.iPaaS provisioned customer-hosted runtime plane and MuleSoft-hosted control plane

Comment: *

Name: *

Email: *

Verification: *

A System API is designed to retrieve data from a backend system that has scalability challenges. What API policy can best safeguard the backend system?

• A.Auth 2 token enforcement
• B.IPwhitelist
• C.SLA-based rate limiting
• D.Client ID enforcement

Comment: *

Name: *

Email: *

Verification: *

An organization has implemented a Customer Address API to retrieve customer address information. This API has been deployed to multiple environments and has been configured to enforce client IDs everywhere.
A developer is writing a client application to allow a user to update their address. The developer has found the Customer Address API in Anypoint Exchange and wants to use it in their client application.
What step of gaining access to the API can be performed automatically by Anypoint Platform?

• A.Approve the client application request for the chosen SLA tier
• B.Request access to the appropriate API Instances deployed to multiple environments using the client application's credentials
• C.Modify the client application to call the API using the client application's credentials
• D.Create a new application in Anypoint Exchange for requesting access to the API

Comment: *

Name: *

Email: *

Verification: *

When must an API implementation be deployed to an Anypoint VPC?

• A.When the API Implementation must invoke publicly exposed services that are deployed outside of CloudHub in a customer- managed AWS instance
• B.When the API implementation must be deployed to a production AWS VPC using the Mule Maven plugin
• C.When the API Implementation must write to a persistent Object Store
• D.When the API implementation must be accessible within a subnet of a restricted customer-hosted network that does not allow public access

Comment: *

Name: *

Email: *

Verification: *

An organization has several APIs that accept JSON data over HTTP POST. The APIs are all publicly available and are associated with several mobile applications and web applications.
The organization does NOT want to use any authentication or compliance policies for these APIs, but at the same time, is worried that some bad actor could send payloads that could somehow compromise the applications or servers running the API implementations.
What out-of-the-box Anypoint Platform policy can address exposure to this threat?

• A.Shut out bad actors by using HTTPS mutual authentication for all API invocations
• B.Apply an IP blacklist policy to all APIs; the blacklist will Include all bad actors
• C.Apply a Header injection and removal policy that detects the malicious data before it is used
• D.Apply a JSON threat protection policy to all APIs to detect potential threat vectors

Comment: *

Name: *

Email: *

Verification: *