Examice

Exam MCIA - Level 1 All QuestionsBrowse all questions from this exam

Question 69

An organization has previously provisioned its own AWS VPC hosting various servers. The organization now needs to use CloudHub to host a Mule application that will implement a REST API. Once deployed to CloudHub, this Mule application must be able to communicate securely with the customer-provisioned AWS

VPC resources within the same region, without being interceptable on the public Internet.

What Anypoint Platform features should be used to meet these network communication requirements between CloudHub and the existing customer-provisioned

AWS VPC?

Add a Mulesoft-hosted Anypoint VPC configured with VPC Peering to the AWS VPC

Add default API Whitelisting policies to API Manager to automatically whitelist the customer-provisioned AWS VPC IP ranges needed by the Mule application

Use VM queues in the Mule application to allow any non-Mule assets within the customer-provisioned AWS VPC to subscribe to and receive messages

Configure an external identity provider (IdP) in Anypoint Platform with certificates from the customer-provisioned AWS VPC

Correct Answer: A

To meet the requirement of securely communicating between a Mule application hosted on CloudHub and customer-provisioned AWS VPC resources, the appropriate solution is to use VPC Peering. By adding a Mulesoft-hosted Anypoint VPC configured with VPC Peering to the AWS VPC, the communication occurs within AWS's private network infrastructure, ensuring that it does not traverse the public Internet and is thus not interceptable. This configuration allows secure and direct network traffic flow between the two VPCs.

Discussion

AlandtOption: A

According to the practice exam, the correct answer is A

gilofernandesOption: A

Options B, C, and D are not directly related to setting up secure network communication between CloudHub and the customer-provisioned AWS VPC: Option B mentions API Whitelisting policies, which are typically used for controlling access to APIs but do not address VPC communication. Option C discusses VM queues in the Mule application, which are used for messaging within the application but do not establish secure network communication between VPCs. Option D talks about configuring an external identity provider (IdP) but doesn't address the requirement for private, secure network communication between CloudHub and the AWS VPC.

madgeezerOption: A

Connecting to your Anypoint VPC extends your corporate network and allows CloudHub workers to access resources behind your corporate firewall. * You can connect on-premises data centers through a secured VPN tunnel, or a private AWS VPC through VPC peering, or by using AWS Direct Connect. MuleSoft Doc Reference : https://docs.mulesoft.com/runtime-manager/virtual-private-cloud

madgeezerOption: A

A. Add a Mulesoft-hosted Anypoint VPC configured with VPC Peering to the AWS VPC

Outdoor25Option: A

Should be A. VPC Peering. Cannot be C because being able to communicate securely with customer-provisioned AWS VPC has nothing to do with VM queues. Cannot be D because identity provider has nothing to do with secure communication Cannot be B because IP Whitelisting does not mean it is secure, it can still be intercepted and manipulated in transit.

Muley1028Option: A

A. VPC peering.