Mulesoft level 2

A senior developer created an API and followed design-first standards. Now, the senior developer needs to make a request to return the Gold customers from the implemented API and test them. Which URL follows the MuleSoft best practice to return Gold customers from the implemented API in the development environment?. https://customers-papi-dev.us-e2.cloudhub.io/api/v1/customers?type=gold. https://customers-papi.us-e2.cloudhub.io/api/v1/dev/customers?type=gold. https://customers-papi-dev.us-e2.cloudhub.io/api/v1.0.0/customers/gold. https://customers-papi-dev.us-e2.cloudhub.io/api/v1.0.0/customers/type/gold.

A developer uses Anypoint Design Center to create multiple APIs with common customer definitions. The common data needs to be reused across an API and shared for use in future APIs. How can this be achieved?. Create the data structure as an API fragment in API Designer and publish to Anypoint Exchange. Import the published version into the API specification and keep the old version of the API fragment in Anypoint Exchange. Delete the old version of the API fragment in Anypoint Exchange. Create the new data structure as an API fragment in API Designer and publish to Anypoint Exchange. Instruct users to use the new version. Create the data structure with appropriate versions within the API using RAML data types. Import the correct version into the API specification. Create an API library resource within the API. Create a common data structure to reuse across the different endpoints.

An Experience API takes the JSON input and returns a JSON output as the response. What are two ways to shield the current API request body from vulnerabilities? (Choose two.). Define array data types as bounded. Apply the JSON Threat Protection policy. Apply an SLA-based routing policy. Apply the OAuth 2.0 policy. Apply a Client ID Enforcement policy.

What regulates API request traffic by limiting the number of messages processed by an API and ensures that the number of messages processed within a specified time, regardless of client, does not exceed the configured limit?. Spike Control policy. IP Allowlist policy. Rate-Limiting Service Level Agreement (SLA) policy. Caching policy.

Which statement is true about a Webhook?. It is when a provider initiates the event to a consumer-defined endpoint when a particular event happens so the consumer does not have to poll. It is an event where the consumer polls the provider. It is a technique where provider and consumer exchange data via a message broker. It allows developers to intercept HTTP requests and modify the request header and/or payload while it is in transit.

An Orders API is deployed to CloudHub and has many clients communicating over HTTP, including external clients with code written in many possible languages. When an order is submitted through the API, a long running process to process the order is initiated. The API clients in CloudHub need to be notified when the order is finally processed. Which approach should be used?. Use webhooks, where each client can submit a callback URL that the Orders API can invoke after the order is complete. Use VM queues to notify each application asynchronously when the order is complete. Use JMS topics to notify each client asynchronously when the order is complete. Use the return address attribute automatically populated by Mule to send a notification back to each client.

API Manager is set up to manage an API from Anypoint Exchange. A Mule application implements the API. What role does autodiscovery play in this API?. It links the API ID in API Manager with implementation to download and enforce policies. It uses the API ID in Anypoint Exchange to retrieve and auto-populate API references in Anypoint Studio. It links the API ID in Anypoint Exchange with API Manager to download and enforce policies. It identifies services that are linked to the current API and renders them on the Anypoint Exchange interface.

A Mule application uses API autodiscovery to apply policies to an APIkit project running in a development environment. Which autodiscovery configuration must be changed to deploy this application to production using environment-specific credentials?. The API ID and the client ID and client secret. The client ID and client secret. The API ID only. No configuration change is required.

Refer to the exhibits. The command mvn clean package issued on a Mule application, which is a standalone Maven project, results in a build failure. Which two changes will result in a successful build? (Choose two.). Add to pom.xml <repository> <id>anyairline-exchange</id> <name>AnyAirline's Anypoint Exchange</name> <url>https://maven.anypoint.mulesoft.com/api/v2/maven</url> <layout>default</layout> </repository>. Add to setting.xml (AP: Anypoint Platform) <repository> <id>anyairline-exchange</id> <username><YOUR_AP_USERID></username> <password><YOUR_AP_PASSWORD></password> </repository>. Add to servers.xml <server> <id>anyairline-exchange</id> <name>AnyAirline's Anypoint Exchange</name> <url>https://maven.anypoint.mulesoft.com/api/v2/maven</url> <layout>default</layout> </server>. Add to servers.xml (AP: Anypoint Platform) <server> <id>anyairline-exchange-v2</id> <username><YOUR_AP_USERID></username> <password><YOUR_AP_PASSWORD></password> </server>. Add to pom.xml <repository> <id>anyairline-exchange-v2</id> <name>Anypoint Exchange</name> <url>https://maven.anypoint.mulesoft.com/api/v2/maven</url> <layout>default</layout> </repository>.

Multiple individual Mule applications inherit a parent pom file, which in turn inherits Bill of Material (BOM) parent pom file. Some applications use the Database module version: 1.0.0, whereas other applications do not need the dependency at all. Where should this dependency be configured so that all projects that want to inherit the database dependency inherit the same version of it?. In dependencyManagement in the BOM parent pom file. In dependencyManagement in the parent pom file. In dependencies in the parent pom file. In dependencies in the BOM parent pom file.

What is the purpose of the server configuration element of the cloudhubDeployment config in the Mule Maven plugin?. To associate a Maven server from settings.xml so the correct username/password can be used for deployment. To associate which Mule server runtime version to choose when deploying. To choose the correct customer-hosted Mule server managed by Anypoint Platform to deploy to. To choose which Cloudhub worker to deploy to.

Which authentication method is supported by the Mule Maven plugin for the deployment of a Mule application to CloudHub?. Authorization token. Multi-factor authentication. JSON Web Token. SSL certificate.

Refer to the exhibits. What is the correct code to use for an MUnit test given the Spy scope must spy any HTTP request, and also confirm that the payload is null before the component is processed but not null after it is processed?. <munit:test name="testSuite"> <munit:behavior doc:name="Spy" processor="http:request"> <munit-tools:with-attributes> <munit-tools:with-attributes whereValue="http:request" attributeName="config-ref" /> </munit-tools:with-attributes> <munit-tools:before-call> <munit-tools:assert-that expression="#[payload]" is="[MunitTools::nullValue()]" /> </munit-tools:before-call> <munit-tools:after-call> <munit-tools:assert-that expression="#[payload]" is="[MunitTools::notNullValue()]" /> </munit-tools:after-call> </munit:behavior> </munit:test>. <munit:test name="testSuite"> <munit:behavior doc:name="Spy" processor="http:request"> <munit-tools:with-attributes> <munit-tools:with-attributes whereValue="http:request" attributeName="config-ref" /> </munit-tools:with-attributes> <munit-tools:before-call> <munit-tools:assert-that is="[MunitTools::nullValue()]" /> </munit-tools:before-call> <munit-tools:after-call> <munit-tools:assert-that is="[MunitTools::notNullValue()]" /> </munit-tools:after-call> </munit:behavior> </munit:test>. <munit:test name="testSuite"> <munit:behavior doc:name="Spy" processor="http:request"> <munit-tools:with-attributes> <munit-tools:with-attributes whereValue="http:request" attributeName="config-ref" /> </munit-tools:with-attributes> <munit-tools:before-call> <munit-tools:assert-that expression="${payload}" is="[MunitTools::nullValue()]" /> </munit-tools:before-call> <munit-tools:after-call> <munit-tools:assert-that expression="${payload}" is="[MunitTools::notNullValue()]" /> </munit-tools:after-call> </munit:behavior> </munit:test>. <munit:test name="testSuite"> <munit:behavior doc:name="Spy" processor="http:request"> <munit-tools:with-attributes> <munit-tools:with-attributes whereValue="http:request" attributeName="config-ref" /> </munit-tools:with-attributes> <munit-tools:before-call> <munit-tools:assert-that expression="#[payload]" is="[nullValue()]" /> </munit-tools:before-call> <munit-tools:after-call> <munit-tools:assert-that expression="#[payload]" is="[notNullValue()]" /> </munit-tools:after-call> </munit:behavior> </munit:test>.

Refer to the exhibits. An MUnit test case defines an assert expression. Which assert expression makes the MUnit test case pass?. A. B. C. D.

The security team at a bank needs to be able to audit and trace HTTP requests. They require all downstream API requests from Mule applications be intercepted and the client IP address be injected as a HTTP request header. How can this be accomplished using API policies?. Create a custom outbound API policy. Use the mule-http-policy-transform-extension to pass the consumer IP address information as a custom HTTP header before the “execute-next” statement. Create a custom outbound API policy. Use the mule-http-policy-transform-extension to pass the consumer IP address information as a custom HTTP header after the “execute-next” statement. Use the out-of-the-box HTTP Header Injection policy. Add an outbound header to pass the consumer IP address information. Use the out-of-the-box HTTP Header Injection policy. Add an inbound header to pass the consumer IP address information.

A developer has created a custom policy with version 1.0.0-SNAPSHOT. The developer attempts to publish the policy to Exchange using the Exchange Maven Facade API version 3 and then apply the policy in API Manager. What will happen?. The policy will not successfully deploy to Exchange. The policy will deploy successfully but will not be available to be applied in API Manager. The policy will deploy successfully and will be available to be applied in API Manage. The policy will deploy successfully, but the Mule API implementation will fail to apply the policy.

Refer to the exhibits. A Mule application contains two policies: Policy A and Policy B. Policy A has order 1, and Policy B has order 2. Policy A, Policy B, and a flow are defined by the configurations below. When an HTTP request arrives at the Mule application’s endpoint, what will be the execution order?. A1, A2. A1, F1, A2. A1, A2, F1, B1, B2. A1, A2, B1, B2, F1.

ELEGIR 2 Refer to the exhibits. A Mule application named "apps-commons" defines two mule configuration files: common-error-handlers.xml and common-health-probes.xml. Which two configurations must be done to bundle "apps-commons" as a library and reuse its functionality in a different Mule application named "check-in-papi"? (Choose two.). Use the mule-plugin classifier in "apps-commons" to bundle it as a reusable library. <plugin> <groupId>org.mule.tools.maven</groupId> <artifactId>mule-maven-plugin</artifactId> <configuration> <classifier>mule-plugin</classifier> </configuration> </plugin>. The "check-in-papi" application must add dependency for "apps-commons" and import both of its xml files. <dependency> <groupId>com.mulesoft.training.anyairline</groupId> <artifactId>apps-commons</artifactId> <version>1.0.0</version> <classifier>mule-plugin</classifier> </dependency> <import doc:name="Import" file="common-error-handler.xml" /> <import doc:name="Import" file="common-health-probes.xml" />. Use the mule-application classifier in "apps-commons" to bundle it as a reusable library. <plugin> <groupId>org.mule.tools.maven</groupId> <artifactId>mule-maven-plugin</artifactId> <configuration> <classifier>mule-application</classifier> </configuration> </plugin>. The "check-in-papi" application must add dependency for "apps-commons" and import both of its xml files. <dependency> <groupId>com.mulesoft.trainig.anyairline</groupId> <artifactId>apps-commons</artifactId> <version>1.0.0</version> <classifier>mule-application</classifier> </dependency> <import doc:name="Import" file="common-error-handler.xml" /> <import doc:name="Import" file="common-health-probes.xml" />. The "check-in-papi" application must add dependency for "apps-commons" and import both of its xml files. <dependency> <groupId>com.mulesoft.trainig.anyairline</groupId> <artifactId>apps-commons</artifactId> <version>1.0.0</version> </dependency> <import doc:name="Import" file="common-error-handler.xml" /> <import doc:name="Import" file="common-health-probes.xml" />.

Refer to the exhibits. Why is the expanded error handler area empty?. The error handler references a pre-defined error handler named "api-error-handler". main.xml is missing a reference to the Error Handler module XML schema. The error handler reference is not configured properly. error.xml is not included as part of the project's build path.

A common error handler needs to be reused across multiple Mule projects. Which component is best suited for this task?. A library-style Mule plugin. A custom module created using the XML SDK. A custom module created using the Java SDK. A custom outbound policy.

A custom logger Mule XML SDK module is being developed to log the current payload in a particular format. Which code syntax is required to automatically accept the payload as a parameter to an XMLSDK operation?. <parameter name="payload" role="PRIMARY"/>. <parameter name="payload" role="REQUIRED"/>. <parameter name="payload" role="STATIC"/>. <parameter name="payload" role="SECONDARY"/>.

Which case naming convention must operation names within an XML SDK component follow in order to prevent errors while generating XML tags?. "example-operation". "ExampleOperation". "example_operation". "Exampleoperation".

Refer to the exhibits. A custom SDK module with an operation to perform math calculations executes a DataWeave expression that results in an expression error in the "random-number" operation. What is the resulting error type that any Mule application using the module's operation can expect?. MULE:EXPRESSION. MATH-MODULE:EXPRESSION. MATH-MODULE:CUSTOM_ERROR. MULE:CUSTOM_ERROR.

A customer is building APIs for a digital transformation program and wants to monitor the health of their APIs. Which two methods or tools can be used to check the health of these APIs? (Choose two.). API Functional Monitoring. Dedicated health check endpoints. API mocking service. API Manager policies. Existing resource endpoints.

What is the correct ordering of the log4j levels from most verbose to least verbose?. DEBUG, INFO, WARN, ERROR, FATAL, OFF. WARN, ERROR, INFO, OFF, DEBUG, FATAL. ERROR, INFO, DEBUG, WARN, OFF, FATAL. INFO, ERROR, WARN, DEBUG, FATAL, OFF.

Refer to the exhibit. Loggers in a Mule application have been set to DEBUG level with details of the flow name and correlation ID. When deployed locally in Studio, the DEBUG level logs are displayed, but when the application is deployed to CloudHub, the DEBUG level logs do not appear. What action will allow the DEBUG level logs to appear in Runtime Manager Logs?. In Runtime Manager > Application > Settings > Logging, change the logging level to DEBUG with the package.name=org.mule. Apply changes. The DEBUG level (and higher) logs will appear in the logs on Runtime Manager. In Anypoint Studio, change the logging level to ALL in the log4j2.xml file. Redeploy to CloudHub. The DEBUG logs will appear on Runtime Manager. In Runtime Manager > Application > Settings > Logging, change the logging level to DEBUG with the package.name=log4j2.xml. Apply changes. The DEBUG level (and higher) logs will appear in the logs on Runtime Manager. In Anypoint Studio, change the logging level to TRACE in the log4j2.xml file. Redeploy to CloudHub. The DEBUG logs will appear on Runtime Manager.

A Mule application uses Web Service Consumer module's Consume operation to invoke an external SOAP request. During development, what should the developer do to view the request and response traffic to and from the SOAP service?. Set an async logger for org.mule.service.http.impl.service.HttpMessageLogger to log at DEBUG level in the log4j2.xml file. Set an async logger for org.mule.runtime.core.internal.processor.LoggerMessageProcessor to log at DEBUG level in the log4j2.xml file. Set an async logger for org.mule.connector.webservice.consumer to log at DEBUG level in the log4j2.xml file. Set an async logger for org.apache.soap.wire to log at DEBUG level in the log4j2.xml file.

A Mule application is configured to dynamically accept the package name it needs to log, as well as the package's log level, during application startup. Which two steps are required to make these actions happen? (Choose two.). Set <AsyncLogger name="${sys:log.package}" level="${sys:log.level}" /> in the log4j2.xml file. Start Mule server by passing command-line arguments -Dlog.package=org.mule.runtime.logging and -Dlog.level=INFO. Set <AsyncLogger name="${log.package}" level="${log.level}" /> in the log4j2.xml file. Start Mule server by passing command-line arguments -Dsys:log.package=org.mule.runtime.logging and -Dsys:log.level=INFO. Set <AsyncLogger name="${sys.log.package}" level="${sys.log.level}" /> in the log4j2.xml file.

Which widgets can be added to a custom dashboard in Anypoint Monitoring?. Graphs, singlestats, text. Graphs, tables, labels. Labels, singlestats, tables. Text, values, tables.

A Platinum customer hosts API applications in a data center in Europe and has mobile-device users all over the world. In order to monitor latency between the clients and the API, they have deployed API proxies into CloudHub regions in each continent and configured the mobile application to use their nearest proxy. Which chart should the customer use in their dashboard to understand their customers' experience?. Requests by Performance. Request Volume. Requests by Location. Slow Requests.

A scheduled batch processing Mule application interacting with multiple other Mule applications over HTTP must send a custom correlation ID in the format of "application name"-UUID to each application. What is required to configure the client application to send this custom correlation ID?. Set a value for HTTP header x-correlation-id with each request with the value: #['x-correlation-id':myapp-$(uuid())']. Set the global configuration correlationIdGeneratorExpression attribute with the value: "#['myapp-$(uuid())']. Use the set-variable processor to set a variable with name: correlationId and value: "#['myapp-$(uuid())']. Set a global property with name: correlationId and value: "#['myapp-$(uuid())'].

With respect to correlation ID, what will happen when a client application invokes a Mule API?. Mule will automatically generate a random Correlation ID. No Correlation ID will be generated or set. Mule will raise an error. Mule will look for another header with the key "X-Mule-Transaction-Id".

A developer stores static data in Object Store v2 in an application implemented using the latest version of Mule. What should the developer do to guarantee unlimited Time to Live (TTL) of all Object Store entries?. Maintain the default TTL setting and access the data at least once a week. Set the entry TTL value to the maximum value. Set the entry TTL value to -1 and access the data at least once a month. Configure Object Store to use partitions.

A call to an external API is wrapped within a Cache scope that uses an Object Store to store response data. This Object Store data must not be accessible or manipulated by other connectors within the same application. Which Object Store configuration supports this requirement?. Define a nested private Object Store within the Cache scope. Create a global Object Store configuration and mark it as private. Hash the data before storing it in an Object Store. Use an in-memory Object Store.

Refer to the exhibit. A Mule Object Store is configured with an entry TTL of one second and an expiration interval of 30 seconds. If processing between os:store and os:retrieve takes 12 seconds, what is the result of the flow?. testPayload. testKey. nullPayload. OS:KEY_NOT_FOUND.

Refer to the exhibit. During nonfunctional requirements (NFRs) gathering, a team determined that the API responsible for account deposits must have high-availability and high-reliability messaging with no message loss. Which steps should the developer take to ensure that the API can meet these NFRs?. Set the VM queue to persistent. Configure a redelivery policy on the VM Listener. Add an error handler that catches errors of type REDELIVERY-EXHAUSTED and sends messages to a dead-letter queue. Set the VM queue to persistent. Configure a redelivery policy on the Anypoint MQ Publish operation. Add an error handler that catches errors of type REDELIVERY-EXHAUSTED and sends messages to a dead-letter queue. Set the VM queue to transient. Configure a retry policy to the VM Listener. Add an error handler that catches errors of type RETRY-EXHAUSTED and sends messages to a dead-letter queue. Set the VM queue to transient. Configure a retry policy on the Anypoint MQ Publish operation. Add an error handler that catches errors of type RETRY-EXHAUSTED and sends messages to a dead-letter queue.

Which Anypoint MQ consumer configuration provides protection against repeated delivery failures?. Circuit breaker. Acknowledgement mode. Redelivery policy. Dead-letter queue.

What is the result if a non-text-based payload is uploaded to Anypoint MQ?. Anypoint MQ converts it to a string before sending it to the MQ. Anypoint MQ generates an "Unsupported format" error. Anypoint MQ puts the binary file into the queue without conversion. Anypoint MQ converts it to a JSON Object before sending it to the MQ.

A customer experience API (customer-eapi) is calling a system API (oracle-sapi) to create and update customers in a database via HTTP. If the customer data sent via customer-eapi does not exist in the database, then oracle-sapi raises an exception with a 404 status code. This error code should not stop flow processing, but any other HTTP error codes must stop flow processing. Which configuration is needed in customer-eapi on an HTTP Request processor to accept only the 404 status code and standard HTTP success status codes as a successful response?. <http:success-status-code-validator values="200..299, 404"/>. <http:failure-status-code-validator values="404"/>. <http:success-status-code-validator values="200..500"/>. <http:failure-status-code-validator values="200..404"/>.

Which fault tolerance mechanism can be used to protect against an HTTP API that routinely fails with an HTTP 502 status code?. Use the First Successful router configured with a fallback API route that can be used in the event the primary API fails. Configure the circuit breaker configuration within the http:request connector. Wrap the http:request connector within a Try scope configured with a transactional action, and rely on automatic rollback and retry. Set a timeout with an allowance of time that is acceptable for the processing.

When the HTTP Requester receives the error type Remotely Closed, which HTTP methods are retried three times by default?. GET, DELETE. PUT, PATCH. GET, POST. POST, HEAD.

Refer to the exhibit. What is the final result of the "validation-test" flow?. Error with message "The input collection is not empty". Flow succeeds; invalid message is silently dropped with payload [""]. Flow succeeds with payload "complete". Flow succeeds with payload true.

An application reads data in from a CSV file containing up to 100 orders. Each order must have a numeric ID, a customer ID string, an alphanumeric product number with a specific format, and a quantity with a two-digit decimal place. What can be done to efficiently ensure the data is correct before saving it to a database?. Transform the CSV file into a JSON message and validate it against a JSON Schema. Use a parallel For Each scope with a Validate:All scope and include a validation for each field in the CSV file. Use DataWeave to transform the CSV file, using functions to test each field in the CSV file and raising an exception whenever one fails. Use a For Each scope with a Validate:Any scope and include a validation for each field in the CSV file.

Refer to the exhibit. What value of counter is logged by the Logger processor?. [2, 2]. [3]. [3, 3]. 1.

Which configuration of the Scatter-Gather router executes routes in a sequential manner?. Set maxConcurrency of Scatter-Gather to 1. Use the Batch scope inside Scatter-Gather. Set maxConcurrency of the flow containing Scatter-Gather to 1. Use the Anypoint MQ Connector inside Scatter-Gather.

An energy trading organization has a legacy system that captures commodity trades. A project is initiated to capture these trades and automatically initiate manual backend processes. Previous API-led initiatives have left system APIs. The backend systems include the ERP for invoicing, a confirmation system for confirming the trade, and a CRM system for updating the sales dashboard. If successful, the results should be retained in a data warehouse where each system has a reporting table. Which approach should the developer use to deliver this API?. Use a Scatter-Gather router and in each route call a backend API. After the Scatter-Gather routes complete, save the resulting payload in the data warehouse. Call the first backend API, and use a variable to capture each payload. Combine the results and save them to the data warehouse. Use a Scatter-Gather router and in each route call a backend API. Save the individual result sets to the data warehouse. Call the first backend API in sequence. Save the results to the data warehouse before calling the next backend API.

A Mule flow uses the Scatter-Gather router to execute requests in parallel to two external web APIs using HTTP. If one route fails, all routes must be returned to their original states. Which implementation will return the routes to their original states?. Extract the successful route from the Scatter-Gather result, and execute logic required to undo the successful route. Wrap the Scatter-Gather router in a Try scope with a transactional action; all routes will automatically roll back. Set the Scatter-Gather concurrency to a value of "1" so that only one route is executed at a time, and stop processing before executing any subsequent routes. Extract the failed route from the Scatter-Gather result, and execute logic required to undo the failed route.

Refer to the exhibit. A flow makes an outbound call to an HTTP endpoint that returns a 200 HTTP response status code. The HTTP Request operation is placed within a Cache scope for performance. What is the result of the Logger outside of the Cache scope after executing this flow twice with identical requests?. 200, null. 200, 200. null, null. 200, error.

Some Mule application property values can be displayed in clear text (e.g., DB driver, JMS Queue, HTTP Port, etc.), while some must be encrypted (e.g., DB Password, SSL/TLS Keystore Password, etc.). Which statement is true about clear text and encrypted properties?. Clear text and encrypted property values can be defined in the same property file and clear text properties require the secure prefix. Clear text and encrypted property values must be defined in separate property files. Clear text and encrypted property values can be defined in the same property file and clear text properties do not require the secure prefix. Files containing encrypted property values must end with "-secure.yaml" or "-secure.properties".

A DataWeave transformation needs to read a property named database.password from a secure property placeholder file. What is the correct syntax to read such a property?. p('secure::database.property'). p('database.property'). "${secure::database.property}". ![secure::database.property].

The values of some properties used by a Mule application deployed in CloudHub 2.0 display as text under the Properties tab in Runtime Manager's settings. How can the value of these properties be hidden?. In the Mule Maven Plugin configuration, under the secureProperties element, list the property names to safely hide as a individual elements. Restrict access to the Properties tab in Runtime Manager to Administrator only. Define a global property with name set to Property and value set to Hidden. Define a configuration properties tag and put the values in the properties file.

A Mule developer needs to call a SOAP web service to post energy spot prices. API architecture standards require two-way SSL authentication. What should the developer do to achieve two-way SSL authentication?. Click the Transport tab on the WSC configuration and specify an HTTP transport. Create an HTTP Request Configuration. Configure the keystore and truststore. Click the Advanced tab on the WSC configuration and specify SOAP transport. Create the SOAP connector. Add the keystore and truststore configuration. In the flow, click the WSC Consume operation. Specify the transport configuration inline to add a keystore and truststore configuration. Configure an HTTP Request Connector with a keystore and truststore configuration. Move the WSC configuration inside the HTTP configuration.

An HTTPS-based web application is being built and the TLS context must be configured. Which keystores are supported by MuleSoft?. JCEKS, PKCS12, JKS. JCEKS, PKCS12. JKS, JCEKS, PKCS12, BKS. JKS, JCEKS, BKS.

A developer wants to expose their HTTPS API Mule applications using TLS. Which configuration is needed in the HTTPS Listener?. A TLS context with a mandatory keystore and an optional truststore. An HTTPS context with a truststore. A TLS context with a mandatory keystore and a mandatory truststore. An HTTPS context with a keystore.

Refer to the exhibits. The process-api-flow calls the system-api-flow over HTTPS. Self-signed certificates are used to set up SSL/TLS connection. What is the minimum TLS configuration required to make the call work?. system-api-flow's HTTPS Listener needs a keystore. system-api-flow's HTTPS Listener needs a keystore and process-api-flow's HTTPS Request needs a truststore. process-api-flow's HTTPS Listener needs a keystore and system-api-flow's HTTPS Listener needs a keystore. process-api-flow's HTTPS Listener needs a keystore.

A Mule application makes HTTPS requests to an external API that uses a certificate signed by a public Certificate Authority already in the JDK truststore. Two-way authentication is required for this API invocation. What needs to be configured on the client side to enable the Mule application?. A TLS context with a keystore and a truststore. No configuration is needed; the server should enable mutual authentication using a Dedicated Load Balancer. A TLS context with a keystore. A TLS context with a truststore.

At minimum, what is required in the client-side keystore in order to enable mTLS?. A private key, a public key, and the known authority certificate. A private key. A client certificate signed by the server certificate. A matching private key and self-signed certificate.

A company has deployed an Orders System API to a CloudHub 2.0 shared space and made it accessible via the default ingress. Which action (if any) is required to implement HTTP mTLS authentication for this API?. No action is required; a CloudHub shared space does not support mTLS authentication. Configure a CA-signed certificate in the API's HTTP Listener and in the client's HTTP Requester. Configure a CA-signed certificate in the API's HTTP Listener and a self-signed certificate in the client's HTTP Requester. No action is required; mTLS authentication is enabled by default for this API.

After obtaining an authorization code for the OAuth 2.0 Authorization Code grant type, which additional fields must be used to obtain an access token?. The client ID, client secret, and redirect URL as specified on the client application. The client ID and client secret. The client ID, client secret, and scopes to be authorized. The client ID and redirect URL as specified on the client application definition.

Which security scheme is not supported by HTTP Connector?. OAuth 2.0 Implicit flow. OAuth 2.0 Client Credentials. Digest authentication. Pass-through authentication.