New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Salesforce Exam MuleSoft Integration Architect I Topic 7 Question 3 Discussion

Actual exam question for Salesforce's MuleSoft Integration Architect I exam
Question #: 3
Topic #: 7
[All MuleSoft Integration Architect I Questions]

A leading eCommerce giant will use MuleSoft APIs on Runtime Fabric (RTF) to process customer orders. Some customer-sensitive information, such as credit card information, is required in request payloads or is included in response payloads in some of the APIs. Other API requests and responses are not authorized to access some of this customer-sensitive information but have been implemented to validate and transform based on the structure and format of this customer-sensitive information (such as account IDs, phone numbers, and postal codes).

What approach configures an API gateway to hide sensitive data exchanged between API consumers and API implementations, but can convert tokenized fields back to their original value for other API requests or responses, without having to recode the API implementations?

Later, the project team requires all API specifications to be augmented with an additional non-functional requirement (NFR) to protect the backend services from a high rate of requests, according to defined service-level

agreements (SLAs). The NFR's SLAs are based on a new tiered subscription level "Gold", "Silver", or "Platinum" that must be tied to a new parameter that is being added to the Accounts object in their enterprise data model.

Following MuleSoft's recommended best practices, how should the project team now convey the necessary non-functional requirement to stakeholders?

Show Suggested Answer Hide Answer
Suggested Answer: A

Contribute your Thoughts:

Lauran
7 months ago
Haha, imagine if the project team just added a new 'Platinum VIP' tier that gave unlimited access to all the sensitive customer data. Talk about missing the point of security!
upvoted 0 times
Ernest
6 months ago
Haha, that would definitely defeat the purpose of protecting sensitive data!
upvoted 0 times
...
Shannon
6 months ago
A) Create and deploy API proxies in API Manager for the NFR, change the baseurl in each API specification to the corresponding API proxy implementation endpoint, and publish each modified API specification to Exchange
upvoted 0 times
...
Lizette
7 months ago
Definitely, they need to prioritize protecting customer data.
upvoted 0 times
...
Miles
7 months ago
That would be a major security breach!
upvoted 0 times
...
Jonell
7 months ago
Definitely, they need to prioritize protecting customer data.
upvoted 0 times
...
Chanel
7 months ago
That would be a major security breach!
upvoted 0 times
...
...
Veronique
7 months ago
I'm not sure about option A. Changing the base URL in the API specs seems like a bit of a hack to me. I'd prefer the more transparent approach of option C, where we can clearly document the new requirements.
upvoted 0 times
...
Helga
8 months ago
This question is all about securing sensitive customer data and implementing rate limiting for API requests. I think option C is the way to go, as it allows us to update the API specs with the necessary RAML fragments for the non-functional requirements.
upvoted 0 times
Lenna
7 months ago
Let's make sure to implement these measures to protect customer data and ensure service-level agreements are met.
upvoted 0 times
...
Trevor
7 months ago
Option C provides a clear path forward for conveying the necessary non-functional requirement to stakeholders.
upvoted 0 times
...
Carline
7 months ago
Definitely, following best practices is key in situations like this.
upvoted 0 times
...
Michel
7 months ago
Creating a shared RAML fragment for the NFR and listing each API implementation endpoint in it can help streamline the process.
upvoted 0 times
...
Vincenza
7 months ago
It's important to ensure that sensitive customer data is secured and that API requests are rate-limited.
upvoted 0 times
...
Hildred
7 months ago
Agreed, updating the API specs with the necessary RAML fragments seems like the most efficient way to convey the non-functional requirement.
upvoted 0 times
...
Wenona
7 months ago
I agree, updating the API specifications with the shared RAML fragment seems like the most efficient way to convey the non-functional requirement.
upvoted 0 times
...
Sherly
7 months ago
I think option C is the best choice here.
upvoted 0 times
...
Hermila
7 months ago
I think option C is the best choice.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77