Summer Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

Apigee-API-Engineer PDF

$38.5

$109.99

3 Months Free Update

Add to Cart
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

Apigee-API-Engineer PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

Add to Cart
  • Exam Name: Google Cloud - Apigee Certified API Engineer
  • Last Update: Oct 16, 2025
  • Questions and Answers: 126
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

Apigee-API-Engineer Engine

$46.2

$131.99

3 Months Free Update

Add to Cart
  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

Apigee-API-Engineer Practice Exam Questions with Answers Google Cloud - Apigee Certified API Engineer Certification

Question # 6

Which is a use of OAuth 2 0 scopes'?

A.

govern the level of access for client applications

B.

select API products for the request

C.

implement SAML security assertions

D.

issue OAuth 2 0 refresh tokens

Full Access
Question # 7

In which place can outbound SSL be configured?

A.

ProxyEndpoint

B.

HTTPProxyConnection

C.

VirtualHost

D.

TargetEndpoint

Full Access
Question # 8

You are working on a new design for an API. The backend API will set the customer to a deleted status. The customer will remain in the backend database for later cleanup. The customer can no longer be retrieved by the API once the status is set. Which method should be used at the Apigee proxy to set the deleted status?

A.

GET

B.

PUT

C.

POST

D.

DELETE

E.

OPTIONS

Full Access
Question # 9

What capabilities are provided when using the apigee-access node js module? Select all that apply

A.

Object caching

B.

Analytics Storage

C.

XML and JSON conversions

D.

Edge flow variable access

Full Access
Question # 10

Which protocols are supported by the Message Logging policy? Select all that are correct

A.

FTP

B.

HTTP

C.

SCP

D.

TCP

E.

UDP

Full Access
Question # 11

An API product in Apigee can be used to

A.

restrict access to a set of APIs

B.

configure the quota limits for APIs

C.

restrict access to APIs in different environments

D.

all of the above

Full Access
Question # 12

Which is true about DefaultFaultRule"?

A.

DefaultFaultRule can be used lo handle an error that is not explicitly handled by a FaultRule.

B.

DefaultFaultRules are a fixed set of fault rules defined in the product

C.

You cannot use both FaultRule and DefaultFaultRules in the same API proxy

D.

DefaultFaultRule is used when the fault happens during communication with the target

Full Access
Question # 13

Which feature can be used to limit application consumption to a particular group of API proxy resources?

A.

Virtual host

B.

API product

C.

Developer app

D.

RBAC (Role-based Access Control)

Full Access
Question # 14

What happens to the API request processing when more than one of the conditional flows in a proxy is matched''

A.

Only the first matching flow from the top runs

B.

Only the first matching flow from the bottom runs.

C.

All matching flows run. in order from the top to the bottom.

D.

A fault is raised and this should be handled in the FaultRules.

Full Access
Question # 15

Which is the recommended solution lo specify a different backend target for each environment?

A.

Java/JavaScript/Python callout

B.

TargetEndpoint configuration

C.

RouteRules

D.

TargetServer

Full Access
Question # 16

You are using the Apigee ExtractVariables policy JSONPath feature, and discover that the query is not returning the expected result for the payload you are providing What should you do?

A.

Check that the Accept header is set to text/json

B.

Check that the Accept header is set to application/json.

C.

Check that the Content-Type header is set to text/json

D.

Check that the Content-Type header is set to application/json

Full Access
Question # 17

You need to make multiple target system calls in parallel for a single inbound request The response should return to the client app as a single object What should you do?

A.

Use Apigee service callouts

B.

Create route rules for each target endpoint

C.

Create multiple target proxy xmls for each endpoint

D.

Use the Node JS async module to invoke target systems

Full Access
Question # 18

You have the following requirements for your API:

• Authenticate users.

• Identify applications.

• Log update events to StackDriver

• Enforce quotas based on Product configurations

• Alert when total API latency exceeds 500 milliseconds

Your Apigee Edge API proxy is currently implemented with the following Proxy Endpoint configuration

Apigee-API-Engineer question answerWhich above 2 requirements have been met with this configuration? Choose 2 answers

A.

Authenticate users.

B.

Authenticate applications

C.

Log update events to StackDriver

D.

Enforce quotas based on Product configurations

E.

Alert when total API latency exceeds 500 milliseconds

Full Access
Question # 19

You need to log certain data to a custom logging service while processing the response You want to avoid processing delays due to logging during the logic flow What should you do?

A.

Use a Node.JS target to implement a nonblocking call.

B.

Attach a Message Logging policy to the Post Client Flow

C.

Implement a Java Extension Callout with a worker thread

D.

Use an asynchronous Service Callout policy in your proxy (low as soon as you have enough data to log

Full Access
Question # 20

Which describe OAuth 2.0 Refresh Tokens'? Select all that are correct

A.

can be used to generate or renew access tokens

B.

is always issued with every access token

C.

can be used to reset crederfflals

D.

may be reused multiple times to create new access tokens

Full Access
Question # 21

Your project is growing, and there have been several instances of confusion about the naming of data fields. What should you do?

A.

Enforce a naming convention using a static code analysis tool.

B.

Ask developers to do more code reviews, and focus on the names of fields.

C.

Create a basic data dictionary that covers common use cases and rules for naming

D.

Create a unified data model that attempts to model all use cases for each object type

Full Access
Question # 22

The IT security staff is concerned about unexpected increases in traffic on an API with an OAuth authorization flow You want to limit impacts of such traffic increases. What should you do?

A.

Use the Spike Arrest policy, to smooth out traffic spikes.

B.

Use a Quota policy, to ensure that no client exceeds a defined quantity of traffic.

C.

Work with operations to ensure autoscaling is set up to respond to traffic events

D.

Use the Concurrent Rate Limit policy, to ensure back-end services are not overwhelmed

Full Access
Question # 23

You are asked by the mobile app team which API should be used to populate a drop down for regions. According to pragmatic RESTful practices, which method should be used?

A.

GET

B.

HEAD

C.

POST

D.

PUT

E.

OPTIONS

Full Access
Question # 24

What is the purpose of a refresh token?

A.

To extend the amount of time an existing access token can be used by resetting the token's expiration time

B.

To request that Apigee re-issue a new access token to replace an expired access token.

C.

To reset an application to its default configuration.

D.

To notify the application that a new access token is required.

Full Access
Question # 25

Which JavaScript statement can be used to raise a fault from a JavaScript policy named 'Weather"?

A.

return-1,

B.

return false,

C.

context setVanablefWeather Fault", "true"),

D.

throw "Bad Data";

Full Access
Question # 26

You have a new set of requirements for a mobile app. The product team tells you that the user data already exists from the website version of the app. The user APIs are currently internal access only. The product team has asked for the following.

• The app requires user authentication before data should be accessed.

• The app needs to display user data once the user has logged into the mobile app.

* The app needs to allow changes to user data once the user has logged into the mobile app.

Choose three development tasks that would accomplish the requirements. Choose 3 answers

A.

Create an Oauth 2 0 Service Account API proxy

B.

Create an Oauth 2.0 Password Grant Type API proxy

C.

Create an Oauth 2.0 Client Credential Flow Grant Type API proxy

D.

Create a new API proxy for a GET /v1/customers/{customerid}

E.

Create a new API proxy for a PUT/v1/customers/{customerid}

F.

Create a new API proxy for a POST /v1/customers/{customerid}

G.

Create a new API proxy for a DELETE/v1/customers/{customerid}

Full Access
Question # 27

Which of the following statements are true for the out-of-the-box Apigee Edge Analytics Dashboard? Select all that apply Choose 3 answers

A.

Visualize API proxy error metrics

B.

Visualize API traffic metrics

C.

Visualize Developer Engagement metrics

D.

Visualize API Deployment metrics

E.

Visualize Management API traffic metrics

Full Access
Question # 28

Which plugins are not enabled as part of the default Edge Microgateway installation? Choose 2 answers

A.

analytics

B.

oauth

C.

quota

D.

spike arrest

Full Access
Question # 29

In Apigee Edge APIs, what is fault.name?

A.

An out-of-the-box variable populated by Edge when a policy fails

B.

Custom variable that you populate before you Raise Fault

C.

System errors that are only populated in script callouts

D.

Backend error names that are populated along with error code

E.

None of the above

Full Access
Question # 30

Which feature can be used to automatically distribute traffic across multiple target servers'?

A.

use a concurrent rate limiting policy

B.

use a LoadBalancer entry in the HTTPTargelConnection session

C.

use RouteRules with multiple TargetEndpoints

D.

use an AssignMessage policy

Full Access
Question # 31

The backend API team has asked for metrics on the performance of an API. Which two pieces of data should you provide? Choose 2 answers

A.

The internet latency

B.

The network latency

C.

The backend latency

D.

The Apigee proxy latency

E.

The backend database latency

Full Access
Question # 32

The AssignMessage policy can be used to

A.

add headers

B.

remove the payload

C.

assign a value to a variable

D.

all of the above

Full Access
Question # 33

You are designing an API that allows a consumer to fetch all orders associated to a given customer. You want to use a RESTful design Which design should you use?

A.

GET/customers/{customer-id)/orders

B.

GET/orders7customer-id={customer-id}

C.

GET /getOrdersForCustomer?customer-id={customer-id}

D.

POST /orders with a post-body of customer-id={customer-id}

Full Access
Question # 34

Your APIs are configured as a relying party on an OpenID Connect platform. You need to inspect and verify the OpenID Connect identity. What two actions should you take?

Choose 2 answers

A.

Verify the signature of the JWT using a shared secret.

B.

Parse the JWT to extract the exp: nbf and iat properties to determine if the token is still valid

C.

Pass the JWT to a preconfigured 3rd party for verification of the signature, exp, nbf and iat properties

D.

Use the OpenID Connect URL to locate a trusted 3rd party for verification the signature, exp, nbf and iat properties

E.

Using the JKWS URL in the OpenID Connect configuration, fetch the signing key to verify the JWT signature and parameters

Full Access
Question # 35

Which components of Edge used to configure HTTPS inbound communication?

A.

TLS Store

B.

Virtual Hosts

C.

Certificate Manager

D.

Keystores and Truststores

Full Access
Question # 36

You are composing logs created from user input that contains confidential user information You need to record the presence of all fields, while ensuring that confidential information is not recorded in any log Which approach should you take?

A.

Use a data masking configuration to hide sensitive data from logs

B.

Use conditions to skip logging for data that might contain confidential information.

C.

Work with the administrators of the log aggregators to mask confidential data contents.

D.

Sanitize all data on entry using regular expressions that search for confidential data formats.

Full Access
Question # 37

When populating the Quota configuration for an API product, which statement is true?

A.

The Quota specified will automatically be enforced for any Developer App Keys assigned to the API product.

B.

After validating an API key or access token, flow variables are automatically populated with the Quota configuration for later use in a Quota policy

C.

Rate limiting will be enforced precise to the seconds level, even if you configure a per-minute or higher interval

D.

The Quota configuration specified on the API product enforces a global rate limit across all API proxies

Full Access