Login
Login

Mulesoft MCPA-Level-1 Exam Questions

151 Questions


Updation Date : 15-Dec-2025



Mulesoft MCPA-Level-1 exam questions feature realistic, exam-like questions that cover all key topics with detailed explanations. You’ll identify your strengths and weaknesses, allowing you to focus your study efforts effectively. By practicing with our MCPA-Level-1 practice test, you’ll gain the knowledge, speed, and confidence needed to pass the Mulesoft exam on your first attempt.

Why leave your success to chance? Our Mulesoft MCPA-Level-1 dumps are your ultimate guide to passing the exam on your first try!

What is a key requirement when using an external Identity Provider for Client Management in Anypoint Platform?


A.

Single sign-on is required to sign in to Anypoint Platform


B.

The application network must include System APIs that interact with the Identity
Provider


C.

To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider


D.

APIs managed by Anypoint Platform must be protected by SAML 2.0 policies





C.   

To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API clients must submit access tokens issued by that same Identity Provider



Explanation: https://www.folkstalk.com/2019/11/mulesoft-integration-and-platform.html
Explanation
Correct Answer: To invoke OAuth 2.0-protected APIs managed by Anypoint Platform, API
clients must submit access tokens issued by that same Identity Provider
*****************************************
>> It is NOT necessary that single sign-on is required to sign in to Anypoint Platform
because we are using an external Identity Provider for Client Management
>> It is NOT necessary that all APIs managed by Anypoint Platform must be protected by
SAML 2.0 policies because we are using an external Identity Provider for Client
Management
>> Not TRUE that the application network must include System APIs that interact with the
Identity Provider because we are using an external Identity Provider for Client Management
Only TRUE statement in the given options is - "To invoke OAuth 2.0-protected APIs
managed by Anypoint Platform, API clients must submit access tokens issued by that same
Identity Provider"
References:
https://docs.mulesoft.com/api-manager/2.x/external-oauth-2.0-token-validation-policy
https://blogs.mulesoft.com/dev/api-dev/api-security-ways-to-authenticate-and-authorize/

A Mule application exposes an HTTPS endpoint and is deployed to the CloudHub Shared Worker Cloud. All traffic to that Mule application must stay inside the AWS VPC. To what TCP port do API invocations to that Mule application need to be sent?


A. 443


B. 8081


C. 8091


D. 8082





D.   8082

Explanation:
Correct Answer: 8082

  • 8091 and 8092 ports are to be used when keeping your HTTP and HTTPS app private to the LOCAL VPC respectively.
  • Above TWO ports are not for Shared AWS VPC/ Shared Worker Cloud.
  • 8081 is to be used when exposing your HTTP endpoint app to the internet through Shared LB
  • 8082 is to be used when exposing your HTTPS endpoint app to the internet through Shared LB
So, API invocations should be sent to port 8082 when calling this HTTPS based app.

A Platinum customer uses the U.S. control plane and deploys applications to CloudHub in Singapore with a default log configuration. The compliance officer asks where the logs and monitoring data reside?


A. Logs are held in: Singapore and monitoring data is held in the United States


B. Logs and monitoring data are held in the United States


C. Logs are held in the United States and monitoring data is held in Singapore


D. Logs and monitoring data are held in Singapore





B.   Logs and monitoring data are held in the United States

Explanation:
For applications deployed on CloudHub in a foreign region (e.g., Singapore), MuleSoft handles log and monitoring data in the region where the control plane resides. This data storage policy is standard for CloudHub deployments to maintain centralized log and monitoring data.

  • Data Location:
  • Explanation of Correct Answer (B):
  • Explanation of Incorrect Options:

Which APIs can be used with DataGraph to create a unified schema?


A. APIs 1, 3, 5


B. APIs 2, 4 ,6


C. APIs 1, 2, s5, 6


D. APIs 1, 2, 3, 4





D.   APIs 1, 2, 3, 4

Explanation:
To create a unified schema in MuleSoft's DataGraph, APIs must be exposed in a way that allows DataGraph to pull and consolidate data from these APIs into a single schema accessible to consumers. DataGraph provides a federated approach, combining multiple APIs to form a single, unified API endpoint.
In this setup:
APIs 1, 2, 3, and 4 are suitable candidates for DataGraph because they are hosted within the Customer VPC on CloudHub and are accessible either through a Shared Load Balancer (LB) or a Dedicated Load Balancer (DLB). Both of these load balancers provide public access, which is a necessary condition for DataGraph as it must access the APIs to aggregate data.
APIs 5 and 6 are hosted on Customer Hosted Server 2, which is explicitly marked as "Not public". Since DataGraph requires API access through a publicly reachable endpoint to aggregate them into a unified schema, APIs 5 and 6 cannot be used with DataGraph in this configuration.
APIs 3 and 4 on Customer Hosted Server 1 appear accessible through a Shared LB, implying public accessibility that meets DataGraph’s requirements.
By combining APIs 1, 2, 3, and 4 within DataGraph, you can create a unified schema that enables clients to query data seamlessly from all these APIs as if it were from a single source.
This setup allows for efficient data retrieval and can simplify API consumption by reducing the need to call multiple APIs individually, thus optimizing performance and developer experience.

The responses to some HTTP requests can be cached depending on the HTTP verb used
in the request. According to the HTTP specification, for what HTTP verbs is this safe to do?


A.

PUT, POST, DELETE


B.

GET, HEAD, POST


C.

GET, PUT, OPTIONS


D.

GET, OPTIONS, HEAD





D.   

GET, OPTIONS, HEAD



A large lending company has developed an API to unlock data from a database server and web server. The API has been deployed to Anypoint Virtual Private Cloud (VPC) on CloudHub 1.0. The database server and web server are in the customer's secure network and are not accessible through the public internet. The database server is in the customer's AWS VPC, whereas the web server is in the customer's on-premises corporate data center. How can access be enabled for the API to connect with the database server and the web server?


A. Set up VPC peering with AWS VPC and a VPN tunnel to the customer's on-premises corporate data center


B. Set up VPC peering with AWS VPC and the customer's on-premises corporate data center


C. Setup a transit gateway to the customer's on-premises corporate data center through AWS VPC


D. Set up VPC peering with the customer's on-premises corporate data center and a VPN tunnel to AWS VPC





A.   Set up VPC peering with AWS VPC and a VPN tunnel to the customer's on-premises corporate data center

Explanation:

  • Scenario Overview:
  • Connectivity Requirements:
  • Analysis of Options:
Conclusion:
For more detailed reference, MuleSoft documentation on Anypoint VPC peering and VPN connectivity provides additional context on best practices for setting up these connections within a hybrid network infrastructure.

A large company wants to implement IT infrastructure in its own data center, based on the corporate IT policy requirements that data and metadata reside locally. Which combination of Mule control plane and Mule runtime plane(s) meets the requirements?


A. Anypoint Platform Private Cloud Edition for the control plane and the MuleSoft-hosted runtime plane


B. The MuleSoft-hosted control plane and Anypoint Runtime Fabric for the runtime plane


C. The MuleSoft-hosted control plane and customer-hosted Mule runtimes for the runtime plane


D. Anypoint Platform Private Cloud Edition for the control plane and customer-hosted Mule runtimes for the runtime plane





D.   Anypoint Platform Private Cloud Edition for the control plane and customer-hosted Mule runtimes for the runtime plane

Explanation:

  • Understanding Control and Runtime Planes
  • Evaluating the Options
Conclusion:
 Refer to MuleSoft's documentation on Private Cloud Edition deployment and on-premise runtime configurations for further details.

Select the correct Owner-Layer combinations from below options


A.

1. App Developers owns and focuses on Experience Layer APIs
2. Central IT owns and focuses on Process Layer APIs
3. LOB IT owns and focuses on System Layer APIs


B.

1. Central IT owns and focuses on Experience Layer APIs
2. LOB IT owns and focuses on Process Layer APIs
3. App Developers owns and focuses on System Layer APIs


C.

1. App Developers owns and focuses on Experience Layer APIs
2. LOB IT owns and focuses on Process Layer APIs
3. Central IT owns and focuses on System Layer APIs





C.   

1. App Developers owns and focuses on Experience Layer APIs
2. LOB IT owns and focuses on Process Layer APIs
3. Central IT owns and focuses on System Layer APIs



Explanation: Explanation
Correct Answer:
1. App Developers owns and focuses on Experience Layer APIs
2. LOB IT owns and focuses on Process Layer APIs
3. Central IT owns and focuses on System Layer APIs

References:
https://blogs.mulesoft.com/biz/api/experience-api-ownership/
https://blogs.mulesoft.com/biz/api/process-api-ownership/
https://blogs.mulesoft.com/biz/api/system-api-ownership


Page 1 out of 19 Pages

Contact Us - Privacy Policy ... Copyright © - All Rights Reserved