Examice

Exam MCIA - Level 1 All QuestionsBrowse all questions from this exam

Question 19

Refer to the exhibit. An organization deploys multiple Mule applications to the same customer-hosted Mule runtime. Many of these Mule applications must expose an HTTPS endpoint on the same port using a server-side certificate that rotates often.

What is the most effective way to package the HTTP Listener and package or store the server-side certificate when deploying these Mule applications, so the disruption caused by certificate rotation is minimized?

Package the HTTPS Listener configuration in a Mule DOMAIN project, referencing it from all Mule applications that need to expose an HTTPS endpoint Store the server-side certificate in a shared filesystem location in the Mule runtime's classpath, OUTSIDE the Mule DOMAIN or any Mule APPLICATION

Package the HTTPS Listener configuration in a Mule DOMAIN project, referencing it from all Mule applications that need to expose an HTTPS endpoint Package the server-side certificate in ALL Mule APPLICATIONS that need to expose an HTTPS endpoint

Package an HTTPS Listener configuration in all Mule APPLICATIONS that need to expose an HTTPS endpoint Package the server-side certificate in a NEW Mule DOMAIN project

Correct Answer: A

To minimize disruption caused by frequent certificate rotations, it is effective to package the HTTPS Listener configuration in a Mule DOMAIN project. This allows all Mule applications to reference the same configuration, simplifying the management of the HTTPS endpoints. To handle the server-side certificate, storing it in a shared filesystem location in the Mule runtime's classpath, but outside the domain or any Mule application, ensures that updates to the certificate can be made without needing to repackage and redeploy the applications or domain project. This approach centralizes the certificate management while keeping application deployment processes streamlined.

Discussion

[Removed]Option: A

Both A & C will work, but A is better as it does not require to repackage to the domain project at all. A is correct

anonymouse69420Option: A

I'll go with A. "...disruption caused by certificate rotation is minimized?" so we can assume they frequently change the certificate. since it's on-prem, they can configure the domain to look up on the file system outside the mule project.

Outdoor25Option: C

I think it should be C. Mule domain has HTTPS connector settings, so certificate should be packaged with Domain rather than individual mule applications. Mule applications are just referencing domain's https connector. All connector settings should be in Domain.

bkahramanOption: A

store certificate seperately that is the key

gilofernandesOption: A

Customer-hosted mule runtimes should externalize certificates in a secure external directory. Mules domains provides centralized point of all shared resources. A is the correct answer

madgeezerOption: A

A. Package the HTTPS Listener configuration in a Mule DOMAIN project, referencing it from all Mule applications that need to expose an HTTPS endpoint Store the server-side certificate in a shared filesystem location in the Mule runtime's classpath, OUTSIDE the Mule DOMAIN or any Mule APPLICATION

rodriguescontOption: A

A HTTPS Listener in Mule Domain allows resource optimization and all apps can access it It’s a best practice to store server certificate in an external secure repository