• Home
  • Articles
  • Changing the Concept of MCD-Level-2 Exam Preparation 2024 [Q20-Q42]

Changing the Concept of MCD-Level-2 Exam Preparation 2024 [Q20-Q42]

Share

Changing the Concept of MCD-Level-2 Exam Preparation 2024

Getting MCD-Level-2 Certification Made Easy! Get professional help from our MCD-Level-2 Dumps PDF

NEW QUESTION # 20
Refer to the exhibits.
Bioinfo System API is implemented and published to Anypoint Exchange. A developer wants to invoke this API using its REST Connector.
What should be added to the POM?

  • A.
  • B.
  • C.
  • D.
  • E.

Answer: A

Explanation:
Explanation
To invoke Bioinfo System API using its REST Connector, option E should be added to the pom.xml file. This option adds a dependency for Bioinfo System API REST Connector with its group ID, artifact ID, version, classifier, and type. The classifier specifies that it is a REST Connector (raml-client), and the type specifies that it is a Mule plugin (mule-plugin). References:
https://docs.mulesoft.com/apikit/4.x/apikit-4-generate-from-rest-api-task#add-the-api-dependency-to-the-pom-fil


NEW QUESTION # 21
An API has been developed and deployed to CloudHub Among the policies applied to this API is an allowlist of IP addresses. A developer wants to run a test in Anypoint Studio and does not want any policies applied because their workstation is not included in the allowlist.
What must the developer do in order to run this test locally without the policies applied?

  • A. Create a properties file specifically for local development and set the API instance ID to a value that is not used in API Manager
  • B. Deactivate the API in API Manager so the Autodiscovery element will not find the application when it runs in Studio
  • C. Run the test as-s, with no changes because the Studio runtime will not attempt to connect to API Manager
  • D. Pass in the runtime parameter ''-Danpow.platform.gatekeeper=disabled''

Answer: A

Explanation:
Explanation
To run a test locally without the policies applied, the developer should create a properties file specifically for local development and set the API instance ID to a value that is not used in API Manager. This way, the developer can use different configuration properties for different environments and avoid triggering API autodiscovery when running tests locally. API autodiscovery is a mechanism that associates an API implementation with its corresponding API specification and policies in API Manager based on its API instance ID. By setting this ID to a value that does not exist in API Manager, the developer can prevent API autodiscovery from finding and applying any policies to the local test. References:
https://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concept#configuring-api-autodiscovery
https://docs.mulesoft.com/mule-runtime/4.3/configuring-properties


NEW QUESTION # 22
Refer to the exhibit.
What is the result if ''Insecure'' selected as part of the HTTP Listener configuration?

  • A. The HTTP listener will only accept HTTP requests
  • B. The HTTP Lister will accept any unauthenticated request
  • C. The HTTP Listener will trust any certificate presented by the HTTP client
  • D. Mutual TLS authentication will be enabled between this HTTP Listener and an HTTP client

Answer: A

Explanation:
Based on the exhibit below, if 'Insecure' is selected as part of the HTTP Listener configuration, the HTTP listener will only accept HTTP requests. This means that no TLS context will be configured for this listener and no encryption or authentication will be applied to incoming requests. The protocol attribute of this listener will be set to HTTP instead of HTTPS.
References:https://docs.mulesoft.com/http-connector/1.6/http-listener-ref#insecure


NEW QUESTION # 23
Which configurations are required for HTTP Listener to enable mTLS authentication?

  • A. Set an appropriate keystore configuration and use persistent connections for the listener
  • B. Set an appropriate reconnection strategy and use persistent connections for the listener
  • C. Set an appropriate keystore and truststore configuration for the listener
  • D. Set an appropriate truststore configuration and reconnection strategy for the listener

Answer: C

Explanation:
Explanation
To enable mTLS authentication for HTTP Listener, the developer needs to set an appropriate keystore and truststore configuration for the listener. The keystore contains the certificate and private key of the Mule application that are used to prove its identity to clients. The truststore contains the certificates of trusted clients that are allowed to access the Mule application. References:
https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#mutual-authentication


NEW QUESTION # 24
Which statement is true about using mutual TLS to secure an application?

  • A. Mutual TLS ensures only authorized end users are allowed to access an endpoint
  • B. Mutual TLS increases the encryption strength versus server-side TLS alone
  • C. Mutual TLS requires a hardware security module to be used
  • D. Mutual TLS authenticates the identity of the server before the identity of the client

Answer: D

Explanation:
Mutual TLS (mTLS) is an extension of TLS that requires both parties (client and server) to present their certificates to each other during the handshake process. This way, both parties can verify each other's identity and establish a secure connection. The authentication of the server happens before the authentication of the client, as the server sends its certificate first and then requests the client's certificate.
References:https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#mutual-authentication


NEW QUESTION # 25
A Mule API receives a JSON payload and updates the target system with the payload. The developer uses JSON schemas to ensure the data is valid.
How can the data be validation before posting to the target system?

  • A. Add the JSON module dependency and add the validate-schema operation in the flow, configured to reference the schema
  • B. Using the DataWeave if Else condition test the values of the payload against the examples included in the schema
  • C. Use a DataWeave 2.09 transform operation, and at the log of the DataWeave script, add:
    %dw 2.0
    Import.json-moduls
  • D. Apply the JSON Schema policy in API Manager and reference the correct schema in the policy configuration

Answer: A

Explanation:
To validate the data before posting to the target system, the developer should add the JSON module dependency and add the validate-schema operation in the flow, configured to reference the schema. The JSON module provides a validate-schema operation that validates a JSON payload against a JSON schema and throws an error if the payload is invalid.
References:https://docs.mulesoft.com/json-module/1.1/json-validate-schema


NEW QUESTION # 26
A developer is working on a project that requires encrypting all data before sending it to a backend application. To accomplish this, the developer will use PGP encryption in the Mule 4 Cryptography module.
What is required to encrypt the data before sending it to the backend application?

  • A. The application needs the private key from the backend service to encrypt the data
  • B. The application needs to both the private and public keys to encrypt the data
  • C. The application needs the public key from the backend service to encrypt the data
  • D. The application needs to configure HTTPS TLS context information to encrypt the data

Answer: C

Explanation:
Explanation
To encrypt the data before sending it to the backend application using PGP encryption, the application needs the public key from the backend service. PGP encryption uses a public-key cryptography system, which means that each party has a pair of keys: a public key and a private key. The public key is used to encrypt data, and the private key is used to decrypt data. Therefore, to encrypt data for a specific recipient (the backend service), the application needs to use the recipient's public key. The recipient can then use its own private key to decrypt the data. References: https://docs.mulesoft.com/mule-runtime/4.3/cryptography-pgp


NEW QUESTION # 27
An API has been developed and deployed to CloudHub Among the policies applied to this API is an allowlist of IP addresses. A developer wants to run a test in Anypoint Studio and does not want any policies applied because their workstation is not included in the allowlist.
What must the developer do in order to run this test locally without the policies applied?

  • A. Create a properties file specifically for local development and set the API instance ID to a value that is not used in API Manager
  • B. Deactivate the API in API Manager so the Autodiscovery element will not find the application when it runs in Studio
  • C. Run the test as-s, with no changes because the Studio runtime will not attempt to connect to API Manager
  • D. Pass in the runtime parameter ''-Danpow.platform.gatekeeper=disabled''

Answer: D

Explanation:
To run a test locally without the policies applied, the developer should create a properties file specifically for local development and set the API instance ID to a value that is not used in API Manager. This way, the developer can use different configuration properties for different environments and avoid triggering API autodiscovery when running tests locally. API autodiscovery is a mechanism that associates an API implementation with its corresponding API specification and policies in API Manager based on its API instance ID. By setting this ID to a value that does not exist in API Manager, the developer can prevent API autodiscovery from finding and applying any policies to the local test. References:
https://docs.mulesoft.com/api-manager/2.x/api-auto-discovery-new-concept#configuring-api-autodiscoveryhttps:


NEW QUESTION # 28
The Center for Enablement team published a common application as a reusable module to the central Nexus repository.
How can the common application be included in all API implementations?

  • A. Add a Maven dependency in the POM file with jar as <classifier>
  • B. Add a Maven dependency in the PCM file with multiple-plugin as <classifier>
  • C. Copy the common application's source XML file and out it in a new flow file in the src/main/mule folder
  • D. Download the common application from Naxus and copy it to the src/main/resources folder in the API

Answer: A

Explanation:
Explanation
To include a common application as a reusable module in all API implementations, the developer should add a Maven dependency in the POM file with jar as <classifier>. This way, the developer can reuse Mule code from another application by packaging it as a JAR file and adding it as a dependency in the POM file of the API implementation. The classifier element specifies that it is a JAR file. References:
https://docs.mulesoft.com/mule-runtime/4.3/mmp-concept#add-a-maven-dependency-to-the-pom-file


NEW QUESTION # 29
In a Mule project, Flow-1 contains a flow-ref to Flow-2 depends on data from Flow-1 to execute successfully.
Which action ensures the test suites and test cases written for Flow-1 and Flow-2 will execute successfully?

  • A. Chain together the test suites and test cases for Flow-1 and Flow-2
  • B. Use ''Before Test Case'' To collect data from Flow-1 test cases before running Flow-2 test cases
  • C. Use ''Set Event to pass the input that is needed, and keep the test cases for Flow-1 and Flow-2 independent
  • D. Use 'After Test Case' to produce the data needed from Flow-1 test cases to pass to Flow-2 test cases

Answer: C

Explanation:
To ensure the test suites and test cases written for Flow-1 and Flow-2 will execute successfully, the developer should use a Set Event processor to pass the input that is needed by Flow-2, and keep the test cases for Flow-1 and Flow-2 independent. This way, the developer can isolate the testing of each flow and avoid coupling them together. References:https://docs.mulesoft.com/munit/2.3/munit-test-flow


NEW QUESTION # 30
When a client and server are exchanging messages during the mTLS handshake, what is being agreed on during the cipher suite exchange?

  • A. The TLS version
  • B. A protocol
  • C. The Public key format
  • D. An encryption algorithm

Answer: D

Explanation:
Explanation
A cipher suite is a set of cryptographic algorithms that are used to secure the communication between a client and a server. A cipher suite consists of four components: a key exchange algorithm, an authentication algorithm, an encryption algorithm, and a message authentication code (MAC) algorithm. During the cipher suite exchange, the client and the server agree on which encryption algorithm to use for encrypting and decrypting the data. References: https://docs.mulesoft.com/mule-runtime/4.3/tls-configuration#cipher-suites


NEW QUESTION # 31
When implementing a synchronous API where the event source is an HTTP Listener, a developer needs to return the same correlation ID back to the caller in the HTTP response header.
How can this be achieved?

  • A. Configure a custom correlation policy
  • B. Enable the CorrelationID checkbox in the HTTP Listener configuration
  • C. NO action is needed as the correlation ID is returned to the caller in the response header by default
  • D. Enable the auto-generate CorrelationID option when scaffolding the flow

Answer: C

Explanation:
Explanation
When implementing a synchronous API where the event source is an HTTP Listener, Mule automatically propagates some message attributes between flows via outbound and inbound properties. One of these attributes is correlation ID, which is returned to the caller in the response header by default as MULE_CORRELATION_ID. References:
https://docs.mulesoft.com/mule-runtime/4.3/about-mule-message#message-attributes


NEW QUESTION # 32
The HTTP Request operation raises an HTTP CONNECTIVITY error.
Which HTTP status code and body are returned to the web client?

  • A. HTTP Status Code:500.
    Body 'Error in processing your request
  • B. HTTP Status Code:200.
    Body 'Error in processing your request
  • C. HTTP Status Code:500.
    Body 'Error in processing your request
  • D. HTTP Status Code:500.
    Body 'The HTTP CONNECTIVITY Error description

Answer: C

Explanation:
When the HTTP Request operation raises an HTTP CONNECTIVITY error, it triggers an on-error-continue handler that sets a payload with 'Error in processing your request'. Since no status code is explicitly set in this handler, it defaults to 500 (INTERNAL SERVER ERROR). Therefore, the web client receives an HTTP response with status code 500 and body 'Error in processing your request'.
References:https://docs.mulesoft.com/mule-runtime/4.3/error-handling#on-error-continue


NEW QUESTION # 33
What is the MuleSoft recommended method to encrypt sensitive property data?

  • A. The encryption key should be different for each environment and the sensitive data should be the same for all environments
  • B. The encryption key should be identical for all environments
  • C. The encryption key and sensitive data should be different for each environment
  • D. The encryption key should be identical for all environments and the sensitive data should be different for each environment

Answer: C

Explanation:
The MuleSoft recommended method to encrypt sensitive property data is to use the Secure Properties Tool that comes with Anypoint Studio. This tool allows encrypting properties files with a secret key and then decrypting them at runtime using the same key. The encryption key and sensitive data should be different for each environment to ensure security and avoid accidental exposure of sensitive data.
References:https://docs.mulesoft.com/mule-runtime/4.3/secure-configuration-properties


NEW QUESTION # 34
A system API that communicates to an underlying MySQL database is deploying to CloudHub. The DevOps team requires a readiness endpoint to monitor all system APIs.
Which strategy should be used to implement this endpoint?

  • A. Create a dedicated endpoint that responds with the API status and reachability of the underlying systems
  • B. Use an existing resource endpoint of the API
  • C. Create a dedicated endpoint that responds with the API status and health of the server
  • D. Create a dedicated endpoint that responds with the API status only

Answer: A

Explanation:
To implement a readiness endpoint to monitor all system APIs, the developer should create a dedicated endpoint that responds with the API status and reachability of the underlying systems. This way, the DevOps team can check if the system API is ready to receive requests and if it can communicate with its backend systems without errors.
References:https://docs.mulesoft.com/mule-runtime/4.3/deployment-strategies#readiness-probes


NEW QUESTION # 35
Refer to the exhibit.
What required changes can be made to give a partial successful response in case the United Airlines API returns with a timeout?

  • A. Add Flow Reference components inside a Try scope.
    Set the payload to a default value'' insider the error handler using the ON Error Continue scope
  • B. Add a Scatter-gather component inside a Try scope.
    Set the payload to a default value 'Error' inside the error handler using the On Error Propagate scope.
  • C. Add a Scatter-Gather component inside a Try scope.
    Set the payload to a default value 'Error'' inside the error handler using the On Error Continue scope.
  • D. Add Flow Reference components inside a Try scope
    Set the payload to a default value '' inside the error handler using the On Error Propagate scope

Answer: C

Explanation:
Explanation
To give a partial successful response in case the United Airlines API returns with a timeout, the developer should add a Scatter-Gather component inside a Try scope, and set the payload to a default value 'Error' inside the error handler using the On Error Continue scope. A Scatter-Gather component allows sending multiple requests concurrently and aggregating the responses into an array. A Try scope allows handling errors that occur within it using an error handler. An On Error Continue scope allows continuing the flow execution after handling an error. Therefore, by using these components, the developer can send requests to both APIs in parallel, handle any timeout errors from United Airlines API, and return a partial response with a default value for that API. References: https://docs.mulesoft.com/mule-runtime/4.3/scatter-gather-concept
https://docs.mulesoft.com/mule-runtime/4.3/try-scope-concept
https://docs.mulesoft.com/mule-runtime/4.3/on-error-continue-concept


NEW QUESTION # 36
A heathcare customer wants to use hospital system data, which includes code that was developed using legacy tools and methods. The customer has created reusable Java libraries in order to read the data from the system.
What is the most effective way to develop an API retrieve the data from the hospital system?

  • A. Install libraries in a local repository and refer to it in the pm.xml file
  • B. Refer to JAR files in the code
  • C. Include the libraries writes deploying the code into the runtime
  • D. Create the Java code in your project and invoice the data from the code

Answer: A

Explanation:
Explanation
To develop an API that retrieves data from a hospital system using reusable Java libraries, the developer should install libraries in a local repository and refer to it in the pom.xml file. This way, the developer can use Maven to manage dependencies and invoke Java code from Mule applications using Java Module operations.
References:
https://docs.mulesoft.com/mule-runtime/4.3/java-module-reference#add-the-java-module-to-your-project
https://docs.mulesoft.com/mule-runtime/4.3/java-module-reference#invoke-java-code


NEW QUESTION # 37
Which plugin or dependency is required to unit test modules created with XML SDK?

  • A. Junit
  • B. XMLUnit
  • C. MUnit Extensions Maven plugin
  • D. MUnit Maven plugin

Answer: C

Explanation:
Explanation
To unit test modules created with XML SDK, the developer needs to use the MUnit Extensions Maven plugin.
This plugin allows testing XML SDK modules using MUnit by adding a dependency to the module under test and using a custom processor tag to invoke it. References:
https://docs.mulesoft.com/mule-sdk/1.1/xml-sdk#testing


NEW QUESTION # 38
Which properties are mandatory on the HTTP Connector configuration in order to use the OAuth 2.0 Authorization Code grant type for authentication?

  • A. External callback URL, access token URL, client ID response access token
  • B. External callback URL, access token URL, client ID, response refresh token
  • C. External callback URL, access token URL, local authorization URL, authorization URL, client ID,client secret
  • D. Token URL, authorization URL, client ID, client secret local callback URL

Answer: C

Explanation:
To use the OAuth 2.0 Authorization Code grant type for authentication, the HTTP Connector configuration requires the following properties: token URL, authorization URL, client ID, client secret, and local callback URL. The token URL is the endpoint of the authorization server that provides access tokens. The authorization URL is the endpoint of the authorization server that initiates the user consent flow. The client ID and client secret are the credentials of the Mule application registered with the authorization server. The local callback URL is the endpoint of the Mule application that receives the authorization code from the authorization server.
References:https://docs.mulesoft.com/http-connector/1.6/http-authentication#oauth-2-0


NEW QUESTION # 39
A custom policy needs to be developed to intercept all cutbound HTTP requests made by Mule applications.
Which XML element must be used to intercept outbound HTTP requests?

  • A. http-policy:source
  • B. http-policy:processor
  • C. It is not possible to intercept outgoing HTTP requests, only inbound requests
  • D. htt-policy:operation

Answer: A

Explanation:
The http-policy:processor element is used to intercept outbound HTTP requests made by Mule applications. It allows customizing the request before it is sent to the target API and modifying the response after it is received from the target API.
References:https://docs.mulesoft.com/api-manager/2.x/policy-mule4-custom-policy#policy-xml-file


NEW QUESTION # 40
Refer to the exhibit.
What is the result if ''Insecure'' selected as part of the HTTP Listener configuration?

  • A. The HTTP listener will only accept HTTP requests
  • B. The HTTP Lister will accept any unauthenticated request
  • C. The HTTP Listener will trust any certificate presented by the HTTP client
  • D. Mutual TLS authentication will be enabled between this HTTP Listener and an HTTP client

Answer: A

Explanation:
Explanation
Based on the exhibit below, if 'Insecure' is selected as part of the HTTP Listener configuration, the HTTP listener will only accept HTTP requests. This means that no TLS context will be configured for this listener and no encryption or authentication will be applied to incoming requests. The protocol attribute of this listener will be set to HTTP instead of HTTPS. References:
https://docs.mulesoft.com/http-connector/1.6/http-listener-ref#insecure


NEW QUESTION # 41
A Flight Management System publishes gate change notification events whenever a flight's arrival gate changes. Other systems, including Baggage Handler System. Inflight Catering System and Passenger Notifications System, must each asynchronously receive the same gate change notification to process the event according.
Which configuration is required in Anypoint MQ to achieve this publish/subscribe model?

  • A. Publish the gate change notification to an Anypoint MQ exchanhe.
    Create different Anypoint MQ queues meant for each of the other subscribing systems.
    Bind the exchange with each of the queues.
  • B. Publish each client subscribe directly to the exchange.
    Have each client subscribe directly to the queue.
  • C. Publish the gate change notification to an Anypoint MC queue
    Have each client subscribe directly to the queue
  • D. Publish the gate change notification to an Anypoint MQ queue.
    Create different anypoint MQ exchange meant for each of the other subscribing systems Bind the queue with each of the exchanges

Answer: A

Explanation:
To achieve a publish/subscribe model using Anypoint MQ, where each system receives the same gate change notification event, the developer should publish the gate change notification to an Anypoint MQ exchange, create different Anypoint MQ queues meant for each of the other subscribing systems, and bind the exchange with each of the queues. An exchange is a message routing agent that can send messages to different queues based on predefined criteria. By binding an exchange with multiple queues, each queue receives a copy of every message sent to that exchange. Therefore, each system can subscribe to its own queue and receive every gate change notification event. References:https://docs.mulesoft.com/anypoint-mq/3.x/anypoint-mq-exchanges


NEW QUESTION # 42
......

MCD-Level-2 Exam Crack Test Engine Dumps Training With 62 Questions: https://pass4sure.practicedump.com/MCD-Level-2-exam-questions.html

Related Articles

more
MuleSoft MCD-Level-2 Certification Practice Exam

Copyright © 2026 PracticeDump NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
SAP, Microsoft, Google, Amazon, Certiport, Qualtrics are Registered Trade Mark.
PracticeDump offers only Probable Questions and Answers.
PracticeDump offer learning materials and practice tests created by subject matter experts to assist and help learner prepare for those exams.
All Certification Brands used on the website are owned by the respective brand owners.
PracticeDump does not own or claim any ownership on any of the brands.
The site pass4sure.practicedump.com is in no way affiliated with SAP SE.