Which components of Edge used to configure HTTPS inbound communication?

A.

TLS Store

B.

Virtual Hosts

C.

Certificate Manager

D.

Keystores and Truststores

An API product in Apigee can be used to

A.

restrict access to a set of APIs

B.

configure the quota limits for APIs

C.

restrict access to APIs in different environments

D.

all of the above

Your APIs are configured as a relying party on an OpenID Connect platform. You need to inspect and verify
the OpenID Connect identity. What two actions should you take?
Choose 2 answers

A.

Verify the signature of the JWT using a shared secret.

B.

Parse the JWT to extract the exp: nbf and iat properties to determine if the token is still valid

C.

Pass the JWT to a preconfigured 3rd party for verification of the signature, exp, nbf and iat properties

D.

Use the OpenID Connect URL to locate a trusted 3rd party for verification the signature, exp, nbf and iat properties

E.

Using the JKWS URL in the OpenID Connect configuration, fetch the signing key to verify the JWT ignature and parameters

You are using Apigee Edge as the OAuth Resource Server. The product owner asks you to create an API that logs a user out by revoking OAuth tokens. What should you do?

A.

Use the InvalidateToken operation with cascade=true

B.

Use the InvalidateToken operation with cascade=false

C.

Store a list of revoked tokens in Firebase. On each access, check the list and only allow unrevoked tokens through

D.

Store a list of revoked tokens in Key-Value Maps. On each access, check the list and only allow
unrevoked tokens through

Which is a benefit of 2-way TLS (mutual TLS) for target endpoint connections?

A.

Sensitive data presented to end users will be encrypted

B.

Certificates can be used to verify the identity of both Apigee Edge and the target endpoint

C.

End users can use the name of the system to verify that they are connecting to a trusted system.

D.

All of the above

Which use case best fits the authorization code grant type?

A.

The client app is also the resource owner.

B.

The client app was developed internally and is highly trusted

C.

The client app was developed by an untrusted third party

D.

The client app runs on the end user's browser

If a custom analytics report needs to filter based on data from the request payload, which policy would be
used?

A.

Custom Report

B.

Message Logging

C.

StatisticsCollector

D.

AssignMessage

What is the purpose of a refresh token?

A.

To extend the amount of time an existing access token can be used by resetting the token's expiration time

B.

To request that Apigee re-issue a new access token to replace an expired access token.

C.

To reset an application to its default configuration.

D.

To notify the application that a new access token is required.

How many times can an authorization code be used to obtain an access token?

A.

1

B.

2

C.

5

D.

Unlimited until it expires

You need to make multiple target system calls in parallel for a single inbound request The response should return to the client app as a single object What should you do?

A.

Use Apigee service callouts

B.

Create route rules for each target endpoint

C.

Create multiple target proxy xmls for each endpoint

D.

Use the Node JS async module to invoke target systems

You need to log certain data to a custom logging service while processing the response You want to avoid
processing delays due to logging during the logic flow What should you do?

A.

Use a Node.JS target to implement a nonblocking call.

B.

Attach a Message Logging policy to the Post Client Flow

C.

Implement a Java Extension Callout with a worker thread

D.

Use an asynchronous Service Callout policy in your proxy (low as soon

Which policy can be used to restrict access to API resources based on the client IP?

A.

Regular Expression Protection policy

B.

Basic Authentication policy

C.

Access Control policy

D.

Raise Fault policy