Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Salesforce Exam MuleSoft Platform Architect I Topic 2 Question 26 Discussion

Actual exam question for Salesforce's MuleSoft Platform Architect I exam
Question #: 26
Topic #: 2
[All MuleSoft Platform Architect I Questions]

A Mule 4 API has been deployed to CloudHub and a Basic Authentication - Simple policy has been applied to all API methods and resources. However, the API is still accessible

by clients without using authentication.

How is this possible?

Show Suggested Answer Hide Answer
Suggested Answer: B

When a Basic Authentication policy is applied to an API on CloudHub but clients can still access the API without authentication, the likely cause is a missing Autodiscovery element. Here's how this affects API security:

Autodiscovery in MuleSoft:

The Autodiscovery element is essential for linking an API implementation deployed in CloudHub with its API instance defined in API Manager. This connection allows the policies applied in API Manager, such as Basic Authentication, to be enforced on the deployed API.

Why Option B is Correct:

Without Autodiscovery, the deployed application does not 'know' about the policies configured in API Manager, resulting in unrestricted access. Adding Autodiscovery enables the API to enforce the policies correctly.

of Incorrect Options:

Option A (incorrect Exchange version) would not cause bypassing of security policies.

Option C (missing client applications) does not impact authentication policy enforcement.

Option D (worker restart) is irrelevant to policy enforcement.

Reference Refer to MuleSoft documentation on Autodiscovery configuration and linking API Manager policies for additional information on setting up secure API policies.


by Barrett at Mar 08, 2025, 01:43 PM

Limited Time Offer

25%

Off

Get Premium MuleSoft Platform Architect I Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Rhea
1 months ago
Maybe one of the CloudHub workers restarted causing the authentication to fail.
upvoted 0 times
...
Raylene
1 months ago
This is a classic case of 'if it's not broke, don't fix it' gone wrong. I bet someone left the API wide open as a 'temporary' solution and forgot to secure it. *shakes head*
upvoted 0 times
Oneida
7 days ago
B: That could be the reason why the API is still accessible without authentication.
upvoted 0 times
...
Doretha
16 days ago
A: The Autodiscovery element is not present, in the deployed Mule application
upvoted 0 times
...
...
Dottie
1 months ago
I agree with Tayna, that could be the reason why authentication is not working.
upvoted 0 times
...
Bok
1 months ago
I don't think the APE Router component or the Autodiscovery element are the issue here. The most likely explanation is that no client applications have been created, so the API is still open to the public. C is my pick.
upvoted 0 times
...
Tayna
1 months ago
I think the issue might be with the Autodiscovery element missing.
upvoted 0 times
...
Sue
1 months ago
Hmm, this is a tricky one. I'm leaning towards D - one of the CloudHub workers restarted, which could have caused the authentication to stop working.
upvoted 0 times
Cecil
24 days ago
C: I believe it's possible that no client applications have been created for this API.
upvoted 0 times
...
Annmarie
29 days ago
B: Maybe the APE Router component is pointing to the incorrect Exchange version of the API.
upvoted 0 times
...
Kanisha
1 months ago
A: I think it could be because the Autodiscovery element is missing in the deployed Mule application.
upvoted 0 times
...
...
Alpha
2 months ago
Wait, the API is still accessible without authentication? That's a big security risk! I'm pretty sure the correct answer is C - no client applications have been created for this API.
upvoted 0 times
Hermila
19 days ago
We should definitely create client applications to secure the API access.
upvoted 0 times
...
Belen
24 days ago
I don't think so, I believe it's because no client applications have been created for this API.
upvoted 0 times
...
Gilberto
26 days ago
But what about the Autodiscovery element? Could that be the problem?
upvoted 0 times
...
Stephen
1 months ago
I think the issue is with the client applications not being created for this API.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77