Page: 1
/ 24
Total 358 questions
Refer to the exhibit. The application follows a containerized microservices architecture that has one container per microservice. The microservices communicate with each other by using REST APIs. The double-headed arrows in the diagram display chains of synchronous HTTP calls needed for a single user request.
Which action ensures the resilience of the application in the scope of a single user request?
- A. Implement retries with exponential backoff during HTTP API calls.
- B. Set up multiple instances of each microservice in active/active mode by using the Orchestrator.
- C. Redesign the application to be separated into these three layers: Presentation, API, and Data.
- D. Create two virtual machines that each host an instance of the application and set up a cluster.
Answer : B
DRAG DROP -
Drag and drop the steps on the left into the order on the right for an end-user to access an OAuth2 protected resource using the 'Authorization Code Grant' flow.
Select and Place:
Answer :
In the three-legged OAuth2 authorization workflow, which entity grants access to a protected resource?
- A. resource owner
- B. client
- C. resource server
- D. authorization server
Answer : D
Reference:
https://developer.orange.com/tech_guide/3-legged-oauth/
What are two steps in the OAuth2 protocol flow? (Choose two.)
- A. The user is authenticated by the authorization server and granted an access token.
- B. The userג€™s original credentials are validated by the resource server and authorization is granted.
- C. The user indirectly requests authorization through the authorization server.
- D. The user requests an access token by authentication and authorization grant presentation.
- E. The user requests the protected resource from the resource server using the original credentials.
Answer : AE
Reference:
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
DRAG DROP -
Drag and drop the descriptions from the left onto the related OAuth-defined roles on the right.
Select and Place:
Answer :
Refer to the exhibit. This cURL POST request creates an OAuth access token for authentication with FDM API requests.
What is the purpose of the file `@token_data` that cURL is handling?
- A. This file is given as input to store the access token received from FDM.
- B. This file is used to send authentication-related headers.
- C. This file contains raw data that is needed for token authentication.
- D. This file is a container to log possible error responses in the request.
Answer : C
What is the result of a successful OAuth2 authorization grant flow?
- A. The third-party service is provided with a token that allows actions to be performed.
- B. The user has the application rights that correspond to the user's role within the application's database.
- C. The application is provided with a token that allows actions on services on the user's behalf.
- D. The user has administrative rights to the application's backend services.
Answer : A
In the three-legged OAuth2 process, after the authorization server presents a form to the resource owner to grant access, what is the next step?
- A. The resource owner authenticates and optionally authorizes with the authorization server.
- B. The user who owns the resource initiates a request to the OAuth client.
- C. If the resource owner allows access, the authorization server sends the OAuth client a redirection.
- D. A form to allow or restrict access is submitted by the owner of the resource.
Answer : D
Which OAuth mechanism enables clients to continue to have an active access token without further interaction from the user?
- A. refresh grant
- B. JWT
- C. password grant
- D. preshared key
Answer : A
A developer is building an application to access a website. When running the application, an HTTP 403 error code has been received.
How should the application be modified to handle this code?
- A. Create a loop on cancel the operation and run a new one after the code is received.
- B. Use exponential backoff when retrying distributed services and other remote endpoints.
- C. Build a try/except around the urlopen to find errors occurring in the request.
- D. Redirect the request to an internal web server and make a new request from the internal resource.
Answer : B
Refer to the exhibit. Which API call does an engineer use to delete the FQDN object?
- A. DELETE /api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f
- B. DELETE /api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/object/fqdns/005056BB-0B24-0ed3-0000-858993545263
- C. DELETE /api/fmc_config/v1/domain?id=e276abec-e0f2-11e3-8169-6d9ed49b625f
- D. DELETE /api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/object/fqdns?id=005056BB-0B24-0ed3-0000-858993545263
Answer : A
Refer to the exhibit. Which code snippet completes this code to handle API rate-limit?
- A. response.status_code == 429
- B. response.status_code != 408
- C. response.status != 408
- D. response.status_code != 429
Answer : A
Reference:
https://developer.cisco.com/meraki/api/#!rate-limit
Refer to the exhibit. Which parameter is missing from the JSON response to confirm the API version that is used?
- A. version 4
- B. v 10
- C. 2
- D. version 2
Answer : C
Which two methods are API security best practices? (Choose two.)
- A. Use tokens after the identity of a client has been established.
- B. Use the same operating system throughout the infrastructure.
- C. Use encryption and signatures to secure data.
- D. Use basic auth credentials over all internal API interactions.
- E. Use cloud hosting services to manage security configuration.
Answer : AC
DRAG DROP -
Refer to the exhibit. The Python script is supposed to make an API call to Cisco DNA Center querying a wireless profile for the `ChicagoCampus` and then parsing out its enable FlexConnect value. Drag and drop the parts of the Python code from the left onto the item numbers on the right that match the missing sections in the exhibit.
Select and Place:
Answer :
30 days access 