MuleSoft Certified Integration Architect – Level 1 — Question 7

A popular retailer is designing a public API for its numerous business partners. Each business partner will invoke the API at the URL https://api.acme.com/ partners/v1. The API implementation is estimated to require deployment to 5 CloudHub workers.
The retailer has obtained a public X.509 certificate for the name api.acme.com, signed by a reputable CA, to be used as the server certificate.
Where and how should the X.509 certificate and Mule applications be used to configure load balancing among the 5 CloudHub workers, and what DNS entries should be configured in order for the retailer to support its numerous business partners?

Answer options

• A. Add the X.509 certificate to a CloudHub Dedicated Load Balancer (DLB), not to the Mule application Create a CNAME for api.acme.com pointing to the DLB's A record
• B. Add the X.509 certificate to the Mule application's deployable archive, then configure a CloudHub Dedicated Load Balancer (DLB) for each of the Mule application's CloudHub workers Create a CNAME for api.acme.com pointing to the DLB's A record
• C. Add the X.509 certificate to the CloudHub Shared Load Balancer (SLB), not to the Mule application Create a CNAME for api.acme.com pointing to the SLB's A record
• D. Add the X.509 certificate to the Mule application's deployable archive, then configure the CloudHub Shared Load Balancer (SLB) for each of the Mule application's CloudHub workers Create a CNAME for api.acme.com pointing to the SLB's A record

Correct answer: A

Explanation

The correct answer is A because the X.509 certificate should be added to a CloudHub Dedicated Load Balancer (DLB) to manage secure connections without needing to include it in the Mule application. The other options suggest using a Mule application for certificate management or shared load balancing, which do not align with the best practices for dedicated load balancing and security configuration.