Question #1
Which command is used to convert a JKS keystore to PKCS12?
- A . Keytool-importkeystore Csrckeystore keystore p12-srcstoretype PKCS12 Cdestkeystore keystore.jks Cdeststoretype JKS
- B . Keytool-importkeystore Csrckeystore keystore p12-srcstoretype JKS Cdestkeystore keystore.p12 Cdeststoretype PKCS12
- C . Keytool-importkeystore Csrckeystore keystore jks-srcstoretype JKS Cdestkeystore keystore.p13 Cdeststoretype PKCS12
- D . Keytool-importkeystore Csrckeystore keystore jks-srcstoretype PKCS12 Cdestkeystore keystore.p12 Cdeststoretype JKS
Correct Answer: B
B
Explanation:
To convert a JKS keystore to PKCS12, the developer needs to use the keytool-importkeystore command with the following options: -srckeystore keystore.jks -srcstoretype JKS -destkeystore keystore.p12 -deststoretype
PKCS12. This command imports all entries from a source JKS keystore (keystore.jks) into a destination
PKCS12 keystore (keystore.p12).
References: https://docs.oracle.com/en/java/javase/11/tools/keytool.html#GUID-5990A2E4-78E3-47B7-AE75-6D18262595
B
Explanation:
To convert a JKS keystore to PKCS12, the developer needs to use the keytool-importkeystore command with the following options: -srckeystore keystore.jks -srcstoretype JKS -destkeystore keystore.p12 -deststoretype
PKCS12. This command imports all entries from a source JKS keystore (keystore.jks) into a destination
PKCS12 keystore (keystore.p12).
References: https://docs.oracle.com/en/java/javase/11/tools/keytool.html#GUID-5990A2E4-78E3-47B7-AE75-6D18262595
Question #2
When a client and server are exchanging messages during the mTLS handshake, what is being agreed on during the cipher suite exchange?
- A . A protocol
- B . The TLS version
- C . An encryption algorithm
- D . The Public key format
Correct Answer: C
C
Explanation:
A cipher suite is a set of cryptographic algorithms that are used to secure the communication between a client and a server. A cipher suite consists of four components: a key exchange algorithm, an authentication algorithm, an encryption algorithm, and a message authentication code (MAC) algorithm. During the cipher suite exchange, the client and the server agree on which encryption algorithm to use for encrypting and decrypting the data.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#cipher-suites
C
Explanation:
A cipher suite is a set of cryptographic algorithms that are used to secure the communication between a client and a server. A cipher suite consists of four components: a key exchange algorithm, an authentication algorithm, an encryption algorithm, and a message authentication code (MAC) algorithm. During the cipher suite exchange, the client and the server agree on which encryption algorithm to use for encrypting and decrypting the data.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#cipher-suites
Question #3
The flow is invoicing a target API. The API’s protocol is HTTPS. The TLS configuration in the HTTP Request Configuration global element is set to None. A web client submits a request to http:localhost:8081/vehicles.
If the certificate of the target API is signed by a certificate authority (CA), what is true about the HTTP Request operation when the flow executes?
- A . The HTTP Request operation will succeed if the CA’S certificate is present in the JRE’s default keystore
- B . The HTTP Request operation will succeed if the CA’s certificate is present in the JRE’s default truststore.
- C . The HTTP Request operation will always succeed regardless of the CA
- D . The HTTP Request operation will always fail regardless of the CA
Correct Answer: B
B
Explanation:
The HTTP Request operation will use the default truststore of the JRE to validate the certificate of the target API. If the CA’s certificate is present in the truststore, the operation will succeed. Otherwise, it will fail with a handshake exception.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#tls-default
B
Explanation:
The HTTP Request operation will use the default truststore of the JRE to validate the certificate of the target API. If the CA’s certificate is present in the truststore, the operation will succeed. Otherwise, it will fail with a handshake exception.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#tls-default
Question #4
Refer to the exhibit.
The flow name is ‘’implementation’’ with code for the MUnit test case.
When the MUnit test case is executed, what is the expected result?
- A . The test case fails with an assertion error
- B . The test throws an error and does not start
- C . The test case fails with an unexpected error type
- D . The test case passes
Correct Answer: A
A
Explanation:
Based on the code snippet and MUnit test case below, when the MUnit test case is executed, the expected result is that the test case fails with an assertion error. This is because the assert-equals processor compares two values for equality, and fails if they are not equal. In this case, the expected value is ‘Hello World’, but the actual value returned by the implementation flow is ‘Hello Mule’. Therefore, the assertion fails and an error is thrown.
References: https://docs.mulesoft.com/munit/2.3/assert-equals-processor
A
Explanation:
Based on the code snippet and MUnit test case below, when the MUnit test case is executed, the expected result is that the test case fails with an assertion error. This is because the assert-equals processor compares two values for equality, and fails if they are not equal. In this case, the expected value is ‘Hello World’, but the actual value returned by the implementation flow is ‘Hello Mule’. Therefore, the assertion fails and an error is thrown.
References: https://docs.mulesoft.com/munit/2.3/assert-equals-processor
Question #5
A Mule application need to invoice an API hosted by an external system to initiate a process. The external API takes anywhere between one minute and 24 hours to compute its process.
Which implementation should be used to get response data from the external API after it completes processing?
- A . Use an HTTP Connector to invoke the API and wait for a response
- B . Use a Scheduler to check for a response every minute
- C . Use an HTTP Connector inside Async scope to invoice the API and wait for a response
- D . Expose an HTTP callback API in Mule and register it with the external system
Correct Answer: D
D
Explanation:
To get response data from the external API after it completes processing, the developer should expose an
HTTP callback API in Mule and register it with the external system. This way, the external API can invoke the callback API with the response data when it is ready, instead of making the Mule application wait for a long time or poll for a response repeatedly.
References: https://docs.mulesoft.com/mule-runtime/4.3/http-listener-ref#callback
D
Explanation:
To get response data from the external API after it completes processing, the developer should expose an
HTTP callback API in Mule and register it with the external system. This way, the external API can invoke the callback API with the response data when it is ready, instead of making the Mule application wait for a long time or poll for a response repeatedly.
References: https://docs.mulesoft.com/mule-runtime/4.3/http-listener-ref#callback
Question #6
When registering a client application with an existing API instance or API Group instance, what is required to manually approve or reject request access?
- A . To configure the SLA tier for the application and have the role of Organization Administrator, API Manager Environment Administrator, or the Manage Contacts permission
- B . To configure the SLA tier for the application and have the Exchange Administrator permission
- C . To configure the SLA tier for the application
- D . To only have Exchange Administrator permission
Correct Answer: A
A
Explanation:
To manually approve or reject request access when registering a client application with an existing API
instance or API Group instance, it is required to configure the SLA tier for the application and have one of the following roles or permissions: Organization Administrator, API Manager Environment Administrator, or Manage Contracts permission. These roles or permissions allow managing client applications and contracts in API Manager.
References: https://docs.mulesoft.com/api-manager/2.x/client-applications#managing-client-applications-and-contracts
A
Explanation:
To manually approve or reject request access when registering a client application with an existing API
instance or API Group instance, it is required to configure the SLA tier for the application and have one of the following roles or permissions: Organization Administrator, API Manager Environment Administrator, or Manage Contracts permission. These roles or permissions allow managing client applications and contracts in API Manager.
References: https://docs.mulesoft.com/api-manager/2.x/client-applications#managing-client-applications-and-contracts
Question #7
A Mule application defines as SSL/TLS keystore properly ‘tis,keystore.keyPassword’’ as secure.
How can this property be referenced to access its value within the application?
- A . #{secure::tiskeystore,keyPassowrd}
- B . ${secure::tiskeystore,keyPassowrd}
- C . ${secure::tiskeystore,keyPassowrd}
- D . p{secure::tiskeystore,keyPassowrd}
Correct Answer: B
B
Explanation:
secure::tiskeystore,keyPassowrdShor : ofCorrectAnswerOnly:Toreferenceasecurepropertyvaluewithin
In this case, the property name is tiskeystore,keyPassword, so the correct syntax is ${secure::tiskeystore,keyPassowrd}.
References: https://docs.mulesoft.com/mule-runtime/4.3/secure-configuration-properties#referencing-secure-properties
B
Explanation:
secure::tiskeystore,keyPassowrdShor : ofCorrectAnswerOnly:Toreferenceasecurepropertyvaluewithin
In this case, the property name is tiskeystore,keyPassword, so the correct syntax is ${secure::tiskeystore,keyPassowrd}.
References: https://docs.mulesoft.com/mule-runtime/4.3/secure-configuration-properties#referencing-secure-properties
Question #8
Which configurations are required for HTTP Listener to enable mTLS authentication?
- A . Set an appropriate reconnection strategy and use persistent connections for the listener
- B . Set an appropriate keystore configuration and use persistent connections for the listener
- C . Set an appropriate keystore and truststore configuration for the listener
- D . Set an appropriate truststore configuration and reconnection strategy for the listener
Correct Answer: C
C
Explanation:
To enable mTLS authentication for HTTP Listener, the developer needs to set an appropriate keystore and truststore configuration for the listener. The keystore contains the certificate and private key of the Mule application that are used to prove its identity to clients. The truststore contains the certificates of trusted clients that are allowed to access the Mule application.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#mutual-authentication
C
Explanation:
To enable mTLS authentication for HTTP Listener, the developer needs to set an appropriate keystore and truststore configuration for the listener. The keystore contains the certificate and private key of the Mule application that are used to prove its identity to clients. The truststore contains the certificates of trusted clients that are allowed to access the Mule application.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#mutual-authentication
Question #9
Which statement is true about using mutual TLS to secure an application?
- A . Mutual TLS requires a hardware security module to be used
- B . Mutual TLS authenticates the identity of the server before the identity of the client
- C . Mutual TLS ensures only authorized end users are allowed to access an endpoint
- D . Mutual TLS increases the encryption strength versus server-side TLS alone
Correct Answer: B
B
Explanation:
Mutual TLS (mTLS) is an extension of TLS that requires both parties (client and server) to present their certificates to each other during the handshake process. This way, both parties can verify each other’s identity and establish a secure connection. The authentication of the server happens before the authentication of the client, as the server sends its certificate first and then requests the client’s certificate.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#mutual-authentication
B
Explanation:
Mutual TLS (mTLS) is an extension of TLS that requires both parties (client and server) to present their certificates to each other during the handshake process. This way, both parties can verify each other’s identity and establish a secure connection. The authentication of the server happens before the authentication of the client, as the server sends its certificate first and then requests the client’s certificate.
References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#mutual-authentication
Question #10
Which type of cache invalidation does the Cache scope support without having to write any additional code?
- A . Write-through invalidation
- B . White-behind invalidation
- C . Time to live
- D . Notification-based invalidation
Correct Answer: C
C
Explanation:
The Cache scope supports time to live (TTL) as a cache invalidation strategy without having to write any additional code. TTL specifies how long the cached response is valid before it expires and needs to be refreshed. The Cache scope also supports custom invalidation strategies using MEL or Data Weave expressions.
References: https://docs.mulesoft.com/mule-runtime/4.3/cache-scope#cache_invalidation
C
Explanation:
The Cache scope supports time to live (TTL) as a cache invalidation strategy without having to write any additional code. TTL specifies how long the cached response is valid before it expires and needs to be refreshed. The Cache scope also supports custom invalidation strategies using MEL or Data Weave expressions.
References: https://docs.mulesoft.com/mule-runtime/4.3/cache-scope#cache_invalidation
Question #11
Refer to the exhibit.
What action must be performed to log all the errors raised by the VM Connector?
- A . Add <AsyncLOgger name=’orgroute.extensions vm’ level=ERROR’I> inside the Logger tag
- B . Add <AsyncLOgger name=’orgroute.extensions vm’ level=ERROR’/> inside the Appenders tag
- C . Configure <Logger level-‘ERROR’/> inside the VM Connector configuration
- D . Nothing, as error-level events are automatically logged
Correct Answer: B
B
Explanation:
To log all the errors raised by the VM Connector, the developer needs to add an async logger with the name ‘org.mule.extension.vm’ and the level ‘ERROR’ inside the appenders tag of the log4j2.xml file. This will enable logging all error-level events generated by the VM Connector to the console appender.
References: https://docs.mulesoft.com/mule-runtime/4.3/logging-in-mule#configuring-custom-logging-settings
B
Explanation:
To log all the errors raised by the VM Connector, the developer needs to add an async logger with the name ‘org.mule.extension.vm’ and the level ‘ERROR’ inside the appenders tag of the log4j2.xml file. This will enable logging all error-level events generated by the VM Connector to the console appender.
References: https://docs.mulesoft.com/mule-runtime/4.3/logging-in-mule#configuring-custom-logging-settings
Question #12
A healthcare portal needs to validate the token that it sends to a Mule API. The developer plans to implement a custom policy using the HTTP Policy Transform Extension to match the token received in the header from the heathcare portal.
Which files does the developer need to create in order to package the custom policy?
- A . Deployable ZIP file, YAML configuration file
- B . JSON properties file, YAML configuration file
- C . JSON properties file, XML template file
- D . XML template file, YAML configuration file
Correct Answer: D
D
Explanation:
To package a custom policy using the HTTP Policy Transform Extension, the developer needs to create an XML template file and a YAML configuration file. The XML template file defines the policy logic using Mule components and placeholders for user-defined properties. The YAML configuration file defines the metadata of the policy, such as its name, description, category, parameters, and dependencies.
References: https://docs.mulesoft.com/api-manager/2.x/http-policy-transform#packaging-the-policy
D
Explanation:
To package a custom policy using the HTTP Policy Transform Extension, the developer needs to create an XML template file and a YAML configuration file. The XML template file defines the policy logic using Mule components and placeholders for user-defined properties. The YAML configuration file defines the metadata of the policy, such as its name, description, category, parameters, and dependencies.
References: https://docs.mulesoft.com/api-manager/2.x/http-policy-transform#packaging-the-policy
Question #13
Refer to the exhibit.
What is the result if ‘’Insecure’’ selected as part of the HTTP Listener configuration?
- A . The HTTP Listener will trust any certificate presented by the HTTP client
- B . The HTTP Lister will accept any unauthenticated request
- C . The HTTP listener will only accept HTTP requests
- D . Mutual TLS authentication will be enabled between this HTTP Listener and an HTTP client
Correct Answer: C
C
Explanation:
Based on the exhibit below, if ‘Insecure’ is selected as part of the HTTP Listener configuration, the HTTP
listener will only accept HTTP requests. This means that no TLS context will be configured for this listener
and no encryption or authentication will be applied to incoming requests. The protocol attribute of this listener will be set to HTTP instead of HTTPS.
References: https://docs.mulesoft.com/http-connector/1.6/http-listener-ref#insecure
C
Explanation:
Based on the exhibit below, if ‘Insecure’ is selected as part of the HTTP Listener configuration, the HTTP
listener will only accept HTTP requests. This means that no TLS context will be configured for this listener
and no encryption or authentication will be applied to incoming requests. The protocol attribute of this listener will be set to HTTP instead of HTTPS.
References: https://docs.mulesoft.com/http-connector/1.6/http-listener-ref#insecure
Question #14
A mule application exposes and API for creating payments. An Operations team wants to ensure that the Payment API is up and running at all times in production.
Which approach should be used to test that the payment API is working in production?
- A . Create a health check endpoint that listens on a separate port and uses a separate HTTP Listener configuration from the API
- B . Configure the application to send health data to an external system
- C . Create a health check endpoint that reuses the same port number and HTTP Listener configuration as the API itself
- D . Monitor the Payment API directly sending real customer payment data
Correct Answer: A
A
Explanation:
To test that the payment API is working in production, the developer should create a health check endpoint that listens on a separate port and uses a separate HTTP Listener configuration from the API. This way, the developer can isolate the health check endpoint from the API traffic and avoid affecting the performance or availability of the API. The health check endpoint should return a simple response that indicates the status of the API, such as OK or ERROR.
References: https://docs.mulesoft.com/api-functional-monitoring/afm-create-monitor#create-a-monitor
A
Explanation:
To test that the payment API is working in production, the developer should create a health check endpoint that listens on a separate port and uses a separate HTTP Listener configuration from the API. This way, the developer can isolate the health check endpoint from the API traffic and avoid affecting the performance or availability of the API. The health check endpoint should return a simple response that indicates the status of the API, such as OK or ERROR.
References: https://docs.mulesoft.com/api-functional-monitoring/afm-create-monitor#create-a-monitor
Question #15
A Mule API receives a JSON payload and updates the target system with the payload. The developer uses JSON schemas to ensure the data is valid.
How can the data be validation before posting to the target system?
- A . Use a DataWeave 2.09 transform operation, and at the log of the DataWeave script, add: %dw 2.0
Import.json-moduls - B . Using the DataWeave if Else condition test the values of the payload against the examples included in the schema
- C . Apply the JSON Schema policy in API Manager and reference the correct schema in the policy
configuration - D . Add the JSON module dependency and add the validate-schema operation in the flow, configured to reference the schema
Correct Answer: D
D
Explanation:
To validate the data before posting to the target system, the developer should add the JSON module dependency and add the validate-schema operation in the flow, configured to reference the schema. The JSON module provides a validate-schema operation that validates a JSON payload against a JSON schema and throws an error if the payload is invalid.
References: https://docs.mulesoft.com/json-module/1.1/json-validate-schema
D
Explanation:
To validate the data before posting to the target system, the developer should add the JSON module dependency and add the validate-schema operation in the flow, configured to reference the schema. The JSON module provides a validate-schema operation that validates a JSON payload against a JSON schema and throws an error if the payload is invalid.
References: https://docs.mulesoft.com/json-module/1.1/json-validate-schema
Question #16
Which statement is true when using XML SDK for creating custom message processors?
- A . Properties are fields defined by an end user of the XML SDK component and serve as a global configuration for the entire Mule project in which they are used
- B . An XML SDK provides both inbound and outbound operations
- C . Operations can be reused in recursive calls
- D . All operations are public
Correct Answer: C
C
Explanation:
When using XML SDK for creating custom message processors, all operations are public by default and can be used by any Mule application that imports them. There is no way to make an operation private or protected in XML SDK.
References: https://docs.mulesoft.com/mule-sdk/1.1/xml-sdk#operations
C
Explanation:
When using XML SDK for creating custom message processors, all operations are public by default and can be used by any Mule application that imports them. There is no way to make an operation private or protected in XML SDK.
References: https://docs.mulesoft.com/mule-sdk/1.1/xml-sdk#operations
Question #17
A Mule application for processing orders must log the order ID for every log message output.
What is a best practice to enrich every log message with the order ID?
- A . Use flow variables within every logger processor to log the order ID
- B . Set a flow variable and edit the log4/2.xml file to output the variable as part of the message pattern
- C . Create a custom XML SDK component to wrap the logger processor and automatically add the order ID within the connector
- D . Use the Tracing module to set logging variables with a Mapped Diagnostic Context
Correct Answer: D
D
Explanation:
To enrich every log message with the order ID, the developer should use the Tracing module to set logging variables with a Mapped Diagnostic Context (MDC). The Tracing module allows adding custom key-value pairs to log messages using MDC variables. The developer can use Set Logging Variables operation to set the order ID as an MDC variable and then use it in any logger processor within the same thread or event.
References: https://docs.mulesoft.com/tracing-module/1.0/tracing-module-reference#set-logging-variables
D
Explanation:
To enrich every log message with the order ID, the developer should use the Tracing module to set logging variables with a Mapped Diagnostic Context (MDC). The Tracing module allows adding custom key-value pairs to log messages using MDC variables. The developer can use Set Logging Variables operation to set the order ID as an MDC variable and then use it in any logger processor within the same thread or event.
References: https://docs.mulesoft.com/tracing-module/1.0/tracing-module-reference#set-logging-variables
Question #18
Refer to the exhibit.
When creating a new project, which API implementation allows for selecting the correct API version and scaffolding the flows from the API specification?
- A . Import a published API
- B . Generate a local RAML from anypoint Studio
- C . Download RAML from Design Center’
- D . Import RAML from local file
Correct Answer: A
A
Explanation:
To create a new project that selects the correct API version and scaffolds the flows from the API specification, the developer should import a published API. This option allows importing an API specification that has been published to Anypoint Exchange or Design Center, and selecting a specific version of that API specification. The developer can also choose to scaffold flows based on that API specification.
References: https://docs.mulesoft.com/apikit/4.x/apikit-4-new-project-task
A
Explanation:
To create a new project that selects the correct API version and scaffolds the flows from the API specification, the developer should import a published API. This option allows importing an API specification that has been published to Anypoint Exchange or Design Center, and selecting a specific version of that API specification. The developer can also choose to scaffold flows based on that API specification.
References: https://docs.mulesoft.com/apikit/4.x/apikit-4-new-project-task
Question #19
A company has been using CI/CD. Its developers use Maven to handle build and deployment activities.
What is the correct sequence of activities that takes place during the Maven build and deployment?
- A . Initialize, validate, compute, test, package, verify, install, deploy
- B . Validate, initialize, compile, package, test, install, verify, verify, deploy
- C . Validate, initialize, compile, test package, verify, install, deploy
- D . Validation, initialize, compile, test, package, install verify, deploy
Correct Answer: C
C
Explanation:
The correct sequence of activities that takes place during the Maven build and deployment is validate, initialize, compile, test package, verify, install, deploy. These are Maven lifecycle phases that define a sequence of goals to execute during a build process. Each phase represents a stage in the build lifecycle and can have zero or more goals bound to it.
References: https://maven.apache.org/guides/introduction/introduction-to-the-lifecycle.html
C
Explanation:
The correct sequence of activities that takes place during the Maven build and deployment is validate, initialize, compile, test package, verify, install, deploy. These are Maven lifecycle phases that define a sequence of goals to execute during a build process. Each phase represents a stage in the build lifecycle and can have zero or more goals bound to it.
References: https://maven.apache.org/guides/introduction/introduction-to-the-lifecycle.html
Question #20
Multiple individual Mute application need to use the Mule Maven plugin to deploy to CloudHub.
The plugin configuration should .. reused where necessary and anything project, specific should be property-based.
Where should the Mule Maven details be configured?
- A . A parent pom.xml
- B . Settings, xml
- C . Pom, xml
- D . A Bill of Materials (BOM) parent pm
Correct Answer: A
A
Explanation:
To reuse Mule Maven plugin configuration across multiple individual Mule applications, the developer should use a parent pom.xml file. A parent pom.xml file defines common configuration for one or more child projects that inherit from it. The developer can specify common properties and dependencies for all child projects in the parent pom.xml file, such as Mule Maven plugin configuration, and then reference them in each child project’s pom.xml file using placeholders.
References:
https://docs.mulesoft.com/mule-runtime/4.3/mmp-concept#parent-pom
https://maven.apache.org/guides/introduction/introduction-to-the-pom.html#Project_Inheritance
A
Explanation:
To reuse Mule Maven plugin configuration across multiple individual Mule applications, the developer should use a parent pom.xml file. A parent pom.xml file defines common configuration for one or more child projects that inherit from it. The developer can specify common properties and dependencies for all child projects in the parent pom.xml file, such as Mule Maven plugin configuration, and then reference them in each child project’s pom.xml file using placeholders.
References:
https://docs.mulesoft.com/mule-runtime/4.3/mmp-concept#parent-pom
https://maven.apache.org/guides/introduction/introduction-to-the-pom.html#Project_Inheritance