What is the default header name to be used when invoking an API using an API Key?
a) apikey
b) api_key
c) api-key
d) bearer
a
Which statements are true about creating APIs from an existing Open API definition?
I. Open API 3.0.0 based API definitions can be imported as an API
II. Open API 2.0 based API definitions can be imported as an API
III. SDK(Software Development Kit) generation for an API is only supported for OAS 3.0.0 based APIs
IV. Imported API definition can be modified via the Swagger editor
a) I, II and III
b) I, III and IV
c) I, II and IV
d) All of the above
c
API Gateway
Which service discovery tool is supported by the Microgateway out-of-the-box?
a) zookeeper
b) consul
c) etcd
d) marathon
c
How can message transformation be done in the API Microgateway?
a) Writing interceptor logic in Java implementing onRequest, onResponse methods and placing the file in the interceptors directory.
b) Writing interceptor logic in Java implementing interceptRequest, interceptResponse methods.
c) Place mediation sequences in the interceptors directory of the Microgateway project.
d) Microgateway does not support message transformation.
b
Throttling
Assume that tier permission is set for the Bronze tier as Deny for Internal/everyone role. Then which one of the following is true for a user whose roles are admin and Internal/everyone?
a. User cannot subscribe to an API using the Bronze tier.
b. User cannot create an API with Bronze tier.
c. User cannot create an application with the Bronze tier.
d. All of the above.
a
Security
Which statement is correct regarding the JWT header that is sent to back-end systems from the API Gateway (assume a fully distributed deployment of API Manager)?
a. The JWT is generated for all types of requests including the non-authenticated (no security) requests.
b. The JWT is decoded by the Key Manager.
c. The JWT is signed by the Gateway.
d. None of the above.
c
Analytics
What is INCORRECT regarding the real-time alerts feature of API Manager?
a. Gateways process the incoming requests and make decisions based on configured alerts.
b. Real-time alerts are notified through emails.
c. Administrative user can configure the alert types that require notifications and its subscribers through the admin portal.
d. Alert notification frequency is a configurable parameter which defines the frequency of a particular alert that needs to be sent to its subscribers.
a
Product Administration and DevOps
For which scenario is secure vault used?
a. To store generated JWT tokens.
b. To store access tokens.
c. To store private APIs.
d. To store credentials of secured endpoints.
d
Deployment
Which databases does the API Gateway need to connect to in a distributed setup?
a. AM_DB and SHARED_DB
b. Only AM_DB
c. SHARED_DB only when multi-tenancy is needed
d. None of the above
c
Published APIs
What is true regarding the definition of the API if you create a REST API from scratch in the Publisher?
a. It will create an OpenAPI 3.0 API definition for the default set of resources (/*).
b. It will create an Swagger 2.0 API definition for the default set of resources (/*).
c. No OpenAPI definition will be created unless you specify resources.
d. You can choose which OpenAPI version to use during the API creation flow.
a
Extensions
What is true about message mediation policies?
a. Mediation policies can be engaged in all three message flows (request flow, response flow and fault flow) of an API
b. Mediation policies can only be engaged in API request and response flows.
c. Mediation policies cannot be used to configure special HTTP configurations like message chunking.
d. Mediation policies will always be executed after the API's authentication flow is completed.
a
API Product
What is the content-type of the responses of a GraphQL API?
a. Can be any content-type that is defined by the user