Free Practice Questions for Salesforce Integration-Architect Exam

The message durability considerations that an Integration Architect should make when designing a solution to meet these business requirements are:

When subscribing to Salesforce Event bus, ReplayID is used with a value of -2 to be able to see old and new events.

High-volume event messages are stored for 72 hours (three days).

A Salesforce Event bus is a messaging service that allows you to publish and subscribe to events inSalesforce or from external sources. ReplayID is a property of an event message that indicates its position in the event stream. By using ReplayID with a value of -2, you can replay all events stored in the retention window, which can help you see the stages of order processing in Salesforce. High-volume event messages are a type of event message that can handle large volumes of data and are optimized for performance and scalability. High-volume event messages are stored for 72 hours (three days) in the event bus, which means they can be replayed within that time frame. The other options are not correct. Using ReplayID with a value of -1 means you can only see new events that are published after your subscription. High-volume event messages are not stored for 24 hours (one day), but for 72 hours (three days).

The integration consultant should implement monitoring by identifying criticalbusiness processes and establishing automation to monitor performance against established benchmarks. This approach can help detect and diagnose any degradation in Salesforce performance, such as slow response time, high error rate, or low availability. The automation can use various tools and methods, such as platform events, event monitoring, health check, or third-party monitoring services123

References: Proactive Monitoring - Salesforce.com, 17 Free Ways to Monitor Your Salesforce Org | Salesforce Ben, Measure Lightning Experience Performance and Experienced … -Trailhead

The integration consultant should consider the following authorization and authentication needs while integrating the DMS and ESB with Salesforce:

Users should be authorized to view information specific to the customer they are servicing without a need to search for customer. This means that the integration should providea seamless and contextual access to the customer billing information and generated bills from the DMS and ESB, based on the customer record or case that the user is working on in Salesforce.

Consider Enterprise security needs for access to DMS and ESB. This means that the integration should comply with the security policies and standards of the Enterprise, such as encryption, auditing, logging, monitoring, etc.

Users should be authenticated into DMS and ESB without having to enter username and password. This means that the integration should use a single sign-on (SSO) mechanism that allows users to access multiple systems with one login credential, such asOAuth or SAML34

References: Authorization Through Connected Apps and OAuth 2.0, Single Sign-On for Desktop and Mobile Applications using SAML and OAuth

Using request and reply is the recommended integration pattern for this use case because it allows the support agents to send a request to the core banking system and receive a response with the bank account ID in real-time. This way, the support agents can inform the customers with the newly created bank account ID without anydelay or inconsistency. Using streaming API to generate push topic is not a good solution because it is used for event-driven integration, not for web-service integration. Using outbound message is also not a good solution because it is a Salesforce-specific feature that uses SOAP web services, which may not be compatible with the core banking system. Using Salesforce platform event is also not a good solution because it is used for event-driven integration, not for web-service integration. Reference: Salesforce Integration Architecture Designer ResourceGuide, page 29-30

The recommendations that the Salesforce integration architect should make to fulfill the requirements around caching, queuing, error handling, alerts, retries, event handling, etc. arebased on the best practices and capabilities of the middleware tools. The recommendation B is valid because middleware tools can provide true message queueing for integration scenarios that require asynchronous processing, guaranteed delivery, load balancing, etc. The recommendation D is valid because middleware tools can handle various events that may occur during the integration process, such as logging errors, sending notifications, triggering recovery actions, etc. The recommendation E is valid becausemiddleware tools can support the publish/subscribe pattern for event-driven integration, where the middleware can route messages from publishers to subscribers based on topics or filters. The recommendation A is not valid because transforming a fire-and-forget mechanism to request-reply does not improve performance, but rather increases the latency and complexity of the integration. The recommendation C is not valid because message transformation and protocol translation are tasks that are better suited for middleware tools than Salesforce, as they can handle different formats and protocols more efficiently and flexibly23

1: Integration Architecture Designer Resource Guide 2: Integration Patterns and Practices 3: Salesforce Integration Architecture Designer Certification Exam Guide

 Reducing the batch size of asynchronous BULK API and submitting the legacy system in parallel mode are two recommendations that can improve the integration performance. The BULK API is designed to handle large-scale data loads, but it can also cause latency issues if the batch size is too large or the network bandwidth is insufficient. Reducing the batch size can help to avoid timeouts and improve throughput. Submitting the legacy system in parallel mode can also speed up the integration process by allowing multiple batches to be processed concurrently, as long as there are no dependencies or conflicts between them. Reference: Salesforce Integration Architecture Designer Resource Guide, page 21

Theintegration architect should recommend enforcing separate security protocols and return formats at the first tier of the API-led architecture. The first tier is also known as the experience layer, which is responsible for providing a tailored interface for each system of engagement. By enforcing security and format at this layer, the integration architect can ensure that each system of engagement can access the data in a secure and consistent way, without affecting the other layers.

References: [API-ledConnectivity]

Timing aspects, real-time/near real-time (synchronous or asynchronous), batch and update frequency are relevant details that an integration architect should seek to specifically solve for integration architecture needs of the program. These details help to determine the appropriate integration pattern, technology, and solution for the business requirements. Core functional and non-functional requirements for User Experience design, Encryption needs, Community and license choices are important for the overall program design, but not specific to the integration architecture needs. Integration skills, SME availability, and Program Governance details are also important for the program execution, but not specific to the integration architectureneeds.

Answer A is valid because creating an Auth provider in the package and setting the consumer key and consumer secretof the connected app in the central org can allow the package to authenticate with the central org using OAuth 2.0. An Auth provider is a configuration that specifies how to connect to an external service that uses a specific identity protocol. A connectedapp is an application that can access Salesforce resources using APIs and standard protocols. The consumer key and consumer secret are credentials that identify the connected app to Salesforce.

Answer C is valid because creating a connected app in the central org and adding the callback URL of each org the package is installed in to redirect to after successful authentication can enable the package to obtain an access token from the central org using OAuth 2.0. The callback URL is a parameter that specifies where the user should be redirected after granting or denying permission to access Salesforce resources. The access token is a credential that can be used to invoke the custom Apex REST endpoint in the central org.

Answer E is valid because using the Auth Provider configured and selecting the identity type as Named Principal with OAuth 2.0 as the protocol and selecting Start Authentication Flow on Save can initiate the authentication flow when installing the package. The identity type determines how the package accesses Salesforce resources on behalf of users or an application. The Named Principal identity type means that the package uses a single credential, such as a username and password or an access token, to access Salesforce resources for all users.TheStart Authentication Flow on Save option means that the package will prompt the user to enter the credential when saving the Auth Provider configuration.

Answer B is not valid because contacting Salesforce support and creating a case to temporarily enable API access for managed packages is not a necessary or recommended action. API access for managed packages is enabled by default and does not require any special permission or configuration from Salesforce support. Moreover, this action does not addressthe security requirement of using a specific integration account in the central org that will be authorized after installation of the package.

Answer D is not valid because using an encrypted field to store the password that the security team enters and using password management for external orgs and setting the encryption method to TLS 1.2 is not a secure or reliable solution. An encrypted field is a custom field that encrypts sensitive data at rest and masks it on the user interface. However, this fielddoes not prevent unauthorized access or leakage of data, as it can be decrypted by users who have the View Encrypted Data permission or by Apex code that runs in system mode. Moreover, this field does not support encryption methods such as TLS 1.2, which are used for securing data in transit, not at rest.

References: Auth Provider: Connected Apps : OAuth 2.0 Web Server Authentication Flow : Named Credentials as Callout Endpoints : API Access in Packages : Encrypted Fields : Encryption Methods Available in Salesforce

11of30