Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam

2. The safer , easier way to help you pass any IT exams. 1.How many times can an authorization code be used to obtain an access token? A. 1 B. 2 C. 5 D. Unlimited until it expires E. Unlimited as long as requests come within specified time of authorization code creation Answer: A 2.When is it appropriate to use query parameters in RESTful API design? Select all that are correct A. When passing username and passwords. B. When providing the ability to return different levels of detail in the response. C. When requesting that an entire collection be deleted. D. When filtering the response based upon a query Answer: B,D Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam C. can be used to reset crederfflals D. may be reused multiple times to create new access tokens Answer: A,B,D 3.What does the variable "message.content" represent? A. the request content in the request flow B. the response content in the response flow C. the request content when in the request flow and the response content when in the response flow D. neither the request content nor the response content Answer: C 4.Which features are supported in the OAulhV2 policy'? Select all that are correct. Choose 3 answers A. setting custom attributes for generated access tokens B. storing external access tokens C. credentials validation when password grantjype is used D. setting different expiration for refresh and access tokens Answer: B,D 5.Which describe OAuth 2.0 Refresh Tokens'? Select all that are correct A. can be used to generate or renew access tokens B. is always issued with every access token 6.The performance testing team would like to improve the transactions per second for an API you recently developed. The API retrieves partner names and contact information. What should you do? A. Add Caching Policies B. Add a Spike Arrest Policy C. Add an Assign Message Policy D. Add a Statistics Collector Policy 2 / 8

3. The safer , easier way to help you pass any IT exams. Answer: D 7.Which feature can be used to automatically distribute traffic across multiple target servers'? A. use a concurrent rate limiting policy B. use a LoadBalancer entry in the HTTPTargelConnection session C. use RouteRules with multiple TargetEndpoints D. use an AssignMessage policy Answer: A 8.Which features are supported in the OAuthV2 policy? Choose 3 answers A. Storing of external access tokens B. Setting custom attributes for generated access tokens C. Credentials validation when password grant type is used D. Setting different expiration for refresh and access tokens. Answer: B,C,D Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam entity UPDATE /api/trucks/42/status HTTP/1.1 {status: 5} D. Create a new service that uses the PATCH verb designed to update only given fields. PATCH /api/trucks/42 HTTP/1.1 {status: 5} Answer: A 9.As an API Engineer your team is deploying code to production tonight. The test team will spend most of the night ensuring there are no bugs in the new release. After you deploy you want to go home. What is the best way to quickly verify a complete deployment? A. Unit tests B. Smoke tests. C. Integration tests. D. Code quality analysis. Answer: A 10.You are working on a project that adheres strictly to the Roy Fielding REST concepts. You need to update a single property named "status" of a complicated entity. What should you do? A. Fetch the full entity, update the status value locally. DELETE the original entity and POST the new version. B. Fetch the full entity. Change only the status value and then send the whole object in the request body of the PUT service C. Create a new service that uses the UPDATE verb that accepts the "status* property and updates the 11.You are using Apigee Edge as the OAuth Resource Server. The product owner asks you to create an API that logs a user out by revoking OAuth tokens. What should you do? A. Use the InvalidateToken operation with cascade=true B. Use the InvalidateToken operation with cascade=false C. Store a list of revoked tokens in Firebase. On each access, check the list and only allow unrevoked 3 / 8

4. The safer , easier way to help you pass any IT exams. tokens through D. Store a list of revoked tokens in Key-Value Maps. On each access, check the list and only allow unrevoked tokens through Answer: B 12.When retrieving a value from an encrypted KVM. the variable name to which it is assigned must be prefixed with which value to prevent it from being readable in tracing sessions? A. encrypted B. mask C. kvm D. private E. hidden Answer: C Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam A. specify using the secuntyDefinrtions name property B. specify using the secuntySchemas name property C. specify using the security Variables name properly D. specify using the securityParams name property Answer: C 13.Which Edge Microgateway plugin does not need to be explicitly added to the plugin sequence attribute configuration for execution? A. analytics B. oauth C. quota D. spike arrest Answer: D 14.Which approaches can be used for extracting data from a SOAP body and returning it as a JSON response in Apigee Edge? Select all that are correct. Choose 3 answers A. Use XSLT to transform the XML payload and then use a XML to JSON policy B. Use XML to JSON policy first to convert to JSON and then ExtractVariables with a JSONPath to extract the body from the converted SOAP envelope C. Use ExtractVariables with an XPath first to extract the SOAP body and then use XML to JSON policy D. Use an AssignMessage policy to convert the SOAP response to a JSON response, using XPath expressions to retrieve the data Answer: D 15.How can we specrfy the type of Security (basic auth, oauth) used by the API in OpenAPI Specification 2.0? 16.You need to log certain data to a custom logging service while processing the response You want to avoid processing delays due to logging during the logic flow. What should you do? A. Use a Node.JS target to implement a nonblocking call. 4 / 8

5. The safer , easier way to help you pass any IT exams. B. Attach a Message Logging policy to the Post Client Flow C. Implement a Java Extension Callout with a worker thread D. Use an asynchronous Service Callout policy in your proxy (low as soon as you have enough data to log Answer: A 17.As an API Engineer you are approached late in the day with an emergency request to configure a 2 way TLS connection between Apigee and the backend server. All existing certificates have been revoked. The security team provides you the PEM file for the backend server and your new Apigee TLS certificate. What minimum steps are required to reconfigure 2-way TLS? Choose 2 answers A. Add your Apigee TLS certificate to the key store. B. Add the backend servers PEM file to the key store. C. Add the backend certificate chain to the trust store D. Add the backend servers PEM file to the trust store. E. Use the KVM to store the contents of the PEM file. F. Use the Access Control Policy to reference the PEM file Answer: B,E Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam 20.Which protocols are supported by the Message Logging policy? Select all that are correct A. FTP B. HTTP C. SCP D. TCP E. UDP Answer: B,D 18.When using a Shared Flow from a Flow Hook, which proxies will call the Shared Flow? A. All proxies in the environment where the Flow Hook is configured B. Only proxies that contain a Flow Callout policy C. All proxies within an Organization D. Only proxies with the Flow Hook checkbox checked Answer: B 19.Which are NOT a step in the OAuth 2 0 authorization code grant process? Select all that are correct A. generate an authorization code B. generate an access token C. verify the device ID D. validate the client API key E. obtain the end user's consent for the application to request the user's protected resources F. validate the developer name Answer: A,E,F 21.You have a single back end that needs to be exposed to customers using different API request and response payloads You need to allow these different request types without breaking existing implementations. 5 / 8

6. The safer , easier way to help you pass any IT exams. What should you do? A. Create a new API proxy for new customers and invoke backend target system with required parameters. B. Configure the API as a pass-through proxy and invoke backend target system with client request parameters. C. Create a new proxy xml and base path with upgraded version and invoke backend target system with required parameters D. Include a new customer requirement in an existing API proxy and invoke backend target system with required parameters. Answer: C Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam D. Create another target endpoint with SSL configured and define route rule to pick that depends on available variables. Answer: D 22.Which JavaScript statement can be used to raise a fault from a JavaScript policy named "Weather"? A. return-1; B. return false; C. contextsetVariablefWeather.Fauir, "true*); D. throw "Bad Data", Answer: C 23.Which policies can be used to create or modify a request message for a service callout? Select all that are correct A. ServiceCallout B. AssignMessage C. RequestMessage D. Message Validation Answer: C 24.You need to interact with two different back end systems, depending on inbound request data One backend is a default target URL without SSL and another one is a dynamic target URL with 2-Way SSL. What should you do? A. Use service callouts configuration for each target, and use a condition to decide which to invoke. B. Use a Key-Value Map configuration to access SSL and URL information to invoke target systems C. Use an AssignMessage policy to override default target URL and define 2-way SSL configuration at runtime 25.When implementing a node js application in Edge, what is the only supported configuration for running the application? A. ScriptTarget in a ServiceCallout policy B. ScriptTarget in a TargetEndpotnt C. NodeApp policy D. ResourceURL in a Javascript policy Answer: A 6 / 8

7. The safer , easier way to help you pass any IT exams. 26.You have created an OpenAPl specification and begun a sample implementation of the API Proxy in Apigee Edge Another team is asking for early access for interactive documentation. What should you do1? A. Publish using SwaggerUI B. Generate web documents using SmartDocs C. Send the requesting team the OpenAPl spec. D. Create a sample web app that uses your API, and publish the source code. Answer: D 27.If a string value is put in both a cache and a key value map (KVM) using the same key, which one is true? A. The object will expire from both locations after the TimeToLive has passed. B. The object will be stored in Cassandra twice C. When object is retrieved from KVM, the object with the same key will be returned from the cache instead to improve performance D. One of the inserts (either to cache or to KVM) will fail as you cant insert the same key twice Answer: A Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam 5. A single Quota policy is reused across all the products 6. Each app is assigned to exactly one product. You need to limit the number of requests during weekends for specific products without modifying this design. What should you do? A. Add custom attributes for counts for every product. Create custom quota policies for every product which references these custom attributes B. Set custom attributes for weekday and weekend count at every product Reference these How variables in the count property of Quota policy at runtime C. Add custom attributes at the API Product with counts to use for weekdays and weekends. Using flow 28.In an API Proxy flow we need to orchestrate two XML services - Service A and Service B Data fields from each response must be returned in the response to the client. Which identifies a set of Apigee policies that, when used together, could be used to implement this? A. AccessEntity,XSL,ExtractVariable B. ServiceCallout, ExtractVanable, AssignMessage C. XMLToJSON, ExtractVanables, APIKeyValidation D. MessageValidation, ServiceCallout, AccessControl Answer: D 29.Your implementation has the following characteristics 1. There are multiple API Products 2. Some API proxies are part of more than one API Product. 3. Quotas are configured at the API Product level 4. In the Quota policy the count, time interval and unit is referenced using Verify API Key flow variables at runtime. 7 / 8

8. The safer , easier way to help you pass any IT exams. variables, reference the custom counts in the Quota policy D. Add custom attributes for count at Product level Use a JS Policy to determine which count to use in Quota policy at runtime Use this count attribute in the Quota Policy. Answer: B 30.You are implementing several flows in Apigee Edge and realize that there is common functionality used across many different APIs and flows You want to use Apigee Edge to minimize the number of releases. What should you do? A. Use a Shared Flow and a Flow Callout where needed. B. Use Proxy Chaining and a Service Callout where needed C. Use a template build process to compose flows from flow fragments. D. Use a Shared Flow and Flow Hooks to enforce all APIs call the shared flow Answer: A Apigee API Engineer Practice Exam V8.02 Killtest Google Apigee Certification Exam 31.Your team has the following requirements in building an API: • Adhere to Pragmatic REST. • Model the API to the consumption use case. • Require API Key authentication • Implement CORS • Validate inputs. You have begun migrating a SOAP-based web service to a REST API by using the SOAP to REST function in Apigee Edge. Which two of the above-listed requirements could be satisfied by this action? Choose 2 answers A. Adhere to Pragmatic REST B. Model the API to the consumption use case C. Require API Key authentication D. Implement CORS. E. Validate inputs. Answer: B,C 8 / 8