Real IT Certification Exams Questions & Dumps | Get Certified with CertQuestionsBank.com

Latest Salesforce Certified MuleSoft Platform Architect Exam Practice Questions

The practice questions for Salesforce Certified MuleSoft Platform Architect exam was last updated on 2025-09-15 .

Viewing page 1 out of 11 pages.

Viewing questions 1 out of 55 questions.

Question#1

Refer to the exhibit. An organization is running a Mule standalone runtime and has configured Active Directory as the Anypoint Platform external Identity Provider. The organization does not have budget for other system components.
What policy should be applied to all instances of APIs in the organization to most effecuvelyKestrict access to a specific group of internal users?

A. Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users

B. Apply a client ID enforcement policy; the specific group of users will configure their client applications to use their specific client credentials

C. Apply an IP whitelist policy; only the specific users' workstations will be in the whitelist

D. Apply an OAuth 2.0 access token enforcement policy; the internal Active Directory will be configured as the OAuth server

Explanation:
Correct Answer Apply a basic authentication - LDAP policy; the internal Active Directory will be configured as the LDAP source for authenticating users. >> IP Whitelisting does NOT fit for this purpose. Moreover, the users workstations may not necessarily have static IPs in the network.
>> OAuth 2.0 enforcement requires a client provider which isn't in the organizations system components.
>> It is not an effective approach to let every user create separate client credentials and configure those for their usage.
The effective way it to apply a basic authentication - LDAP policy and the internal Active Directory will be configured as the LDAP source for authenticating users.
Reference: https://docs.mulesoft.com/api-manager/2.x/basic-authentication-ldap-concept

Question#2

What are 4 important Platform Capabilities offered by Anypoint Platform?

A. API Versioning, API Runtime Execution and Hosting, API Invocation, API Consumer Engagement

B. API Design and Development, API Runtime Execution and Hosting, API Versioning, API Deprecation

C. API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement

D. API Design and Development, API Deprecation, API Versioning, API Consumer Engagement

Explanation:
Correct Answer API Design and Development, API Runtime Execution and Hosting, API Operations and Management, API Consumer Engagement
>> API Design and Development - Anypoint Studio, Anypoint Design Center, Anypoint Connectors
>> API Runtime Execution and Hosting - Mule Runtimes, CloudHub, Runtime Services
>> API Operations and Management - Anypoint API Manager, Anypoint Exchange
>> API Consumer Management - API Contracts, Public Portals, Anypoint Exchange, API Notebooks

Question#3

How can the application of a rate limiting API policy be accurately reflected in the RAML definition of an API?

A. By refining the resource definitions by adding a description of the rate limiting policy behavior

B. By refining the request definitions by adding a remaining Requests query parameter with description, type, and example

C. By refining the response definitions by adding the out-of-the-box Anypoint Platform rate-limit-enforcement security Scheme with description, type, and example

D. By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example

Explanation:
Correct Answer By refining the response definitions by adding the x-ratelimit-* response headers with description, type, and example
Reference:
https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling#response-headers
https://docs.mulesoft.com/api-manager/2.x/rate-limiting-and-throttling-sla-based-policies#response-headers

Question#4

Which statement is true about identity management and client management on Anypoint Platform?

A. If an external identity provider is configured, the SAML 2.0 bearer tokens issued by the identity provider cannot be used for invocations of the Anypoint Platform web APIs

B. If an external client provider is configured, it must be configured at the Anypoint Platform organization level and cannot be assigned to individual business groups and environments

C. Anypoint Platform supports configuring one external identity provider

D. Both client management and identity management require an identity provider

Explanation:
Anypoint Platform allows organizations to integrate one external identity provider (IdP) for identity and access management (IAM), supporting SSO and centralized user authentication.
Identity Provider Limit:
Anypoint Platform supports configuring a single IdP for the organization, which can be used to authenticate all users across business groups and environments within that Anypoint organization. of Correct Answer (C):
Configuring one IdP ensures centralized and secure identity management, aligned with MuleSoft’s architecture.
of Incorrect Options:
Option A is incorrect because SAML 2.0 bearer tokens from external IdPs can indeed be used for invoking Anypoint Platform APIs.
Option B is incorrect as client providers can be assigned to specific business groups and environments.
Option D is incorrect since only identity management strictly requires an IdP; client management
does not.
Reference
For further details on identity management options, consult MuleSoft documentation on Anypoint Platform’s IAM capabilities.

Question#5

Refer to the exhibit.

An organization needs to enable access to their customer data from both a mobile app and a web application, which each need access to common fields as well as certain unique fields.
The data is available partially in a database and partially in a 3rd-party CRM system.
What APIs should be created to best fit these design requirements?
A) A Process API that contains the data required by both the web and mobile apps, allowing these applications to invoke it directly and access the data they need thereby providing the flexibility to add more fields in the future without needing API changes
B) One set of APIs (Experience API, Process API, and System API) for the web app, and another set for the mobile app
C) Separate Experience APIs for the mobile and web app, but a common Process API that invokes separate System APIs created for the database and CRM system

D) A common Experience API used by both the web and mobile apps, but separate Process APIs for the web and mobile apps that interact with the database and the CRM System

A. Option A

B. Option B

C. Option C

D. Option D

Explanation:
Correct Answer Separate Experience APIs for the mobile and web app, but a common Process API that invokes separate System APIs created for the database and CRM system As per MuleSoft's API-led connectivity:
>> Experience APIs should be built as per each consumer needs and their experience.
>> Process APIs should contain all the orchestration logic to achieve the business functionality.
>> System APIs should be built for each backend system to unlock their data.
Reference: https://blogs.mulesoft.com/dev/api-dev/what-is-api-led-connectivity/

Exam Code: Salesforce Certified MuleSoft Platform ArchitectQ & A: 152 Q&AsUpdated: 2025-09-15

Get All Salesforce Certified MuleSoft Platform Architect Q&As

Salesforce Certified MuleSoft Platform Architect Online Practice Questions

Question#1

Question#2

Question#3

Question#4

Question#5

Top 20 Exams

Important Links

Know Us

Follow Us