Apigee-API-Engineer Exam Questions

Total 124 Questions

Last Updated Exam : 16-Dec-2024

You are generating tokens depending on a partner's service level at runtime You need to control access token expiration What should you do?


A.

Pass access token expiration values as a request query parameter


B.

Add expiration times in product custom attributes for retrieval at run time


C.

Store and fetch access token expiration times from a configuration file to use at run time


D.

Store and fetch expiration value from Key Value Maps at runtime to use for access token creation.





D.
  

Store and fetch expiration value from Key Value Maps at runtime to use for access token creation.



As an API Engineer your team would like to make sure you are simulating a user experience prior to a
deployment in a production environment. Which tests should be ran to closely resemble a consumer
interaction with a APIs?


A.

Unit tests


B.

Smoke tests.


C.

Integration tests


D.

Code quality analysis





C.
  

Integration tests



Which is true about PostClientFlow?


A.

PostClientFlow will only be executed if a payload is returned.


B.

The response is blocked until! the PostClientFlow policies are executed.


C.

PostClientFlow can only include MessageLogging policies.


D.

PostClientFlow can include any supported policy





C.
  

PostClientFlow can only include MessageLogging policies.



Your implementation has the following characteristics
1 There are multiple API Products
2 Some API proxies are part of more than one API Product.
3 Quotas are configured at the API Product level
4 In the Quota policy the count, time interval and unit is referenced using Verify API Key flow variables at
runtime.
5 A single Quota policy is reused across all the products 6. Each app is assigned to exactly one product.
You need to limit the number of requests during weekends for specific products without modifying this design
What should you do?


A.

Add custom attributes for counts for every product. Create custom quota policies for every product which references these custom attributes


B.

Set custom attributes for weekday and weekend count at every product Reference these How variables in the count property of Quota policy at runtime


C.

Add custom attributes at the API Product with counts to use for weekdays and weekends. Using flow variables, reference the custom counts in the Quota policy


D.

Add custom attributes for count at Product level Use a JS Policy to determine which count to use in Quota policy at runtime Use this count attribute in the Quota Policy.





B.
  

Set custom attributes for weekday and weekend count at every product Reference these How variables in the count property of Quota policy at runtime



Which components of Edge used to configure HTTPS inbound communication?


A.

TLS Store


B.

Virtual Hosts


C.

Certificate Manager


D.

Keystores and Truststores





D.
  

Keystores and Truststores



An API product in Apigee can be used to


A.

restrict access to a set of APIs


B.

configure the quota limits for APIs


C.

restrict access to APIs in different environments


D.

all of the above





A.
  

restrict access to a set of APIs



Your APIs are configured as a relying party on an OpenID Connect platform. You need to inspect and verify
the OpenID Connect identity. What two actions should you take?
Choose 2 answers


A.

Verify the signature of the JWT using a shared secret.


B.

Parse the JWT to extract the exp: nbf and iat properties to determine if the token is still valid


C.

Pass the JWT to a preconfigured 3rd party for verification of the signature, exp, nbf and iat properties


D.

Use the OpenID Connect URL to locate a trusted 3rd party for verification the signature, exp, nbf and iat properties


E.

Using the JKWS URL in the OpenID Connect configuration, fetch the signing key to verify the JWT ignature and parameters





B.
  

Parse the JWT to extract the exp: nbf and iat properties to determine if the token is still valid



E.
  

Using the JKWS URL in the OpenID Connect configuration, fetch the signing key to verify the JWT ignature and parameters



You are using Apigee Edge as the OAuth Resource Server. The product owner asks you to create an API that logs a user out by revoking OAuth tokens. What should you do?


A.

Use the InvalidateToken operation with cascade=true


B.

Use the InvalidateToken operation with cascade=false


C.

Store a list of revoked tokens in Firebase. On each access, check the list and only allow unrevoked tokens through


D.

Store a list of revoked tokens in Key-Value Maps. On each access, check the list and only allow
unrevoked tokens through





B.
  

Use the InvalidateToken operation with cascade=false



Which is a benefit of 2-way TLS (mutual TLS) for target endpoint connections?


A.

Sensitive data presented to end users will be encrypted


B.

Certificates can be used to verify the identity of both Apigee Edge and the target endpoint


C.

End users can use the name of the system to verify that they are connecting to a trusted system.


D.

All of the above





B.
  

Certificates can be used to verify the identity of both Apigee Edge and the target endpoint



Which use case best fits the authorization code grant type?


A.

The client app is also the resource owner.


B.

The client app was developed internally and is highly trusted


C.

The client app was developed by an untrusted third party


D.

The client app runs on the end user's browser





B.
  

The client app was developed internally and is highly trusted




Page 3 out of 13 Pages
Previous