Salesforce Certified Administrator Plat-Arch-204 Real Exam Questions and Answers FREE Updated on May 12, 2026 Plat-Arch-204 Ultimate Study Guide - RealValidExam Salesforce Plat-Arch-204 Exam Syllabus Topics: TopicDetailsTopic 1Maintain Integration: This domain focuses on monitoring integration performance, defining error handling and recovery procedures, implementing escalation processes, and establishing [...]

Salesforce Certified Administrator Real Exam Questions and Answers FREE Plat-Arch-204 Updated on May 12, 2026 [Q33-Q50]

Share

Salesforce Certified Administrator Plat-Arch-204 Real Exam Questions and Answers FREE Updated on May 12, 2026

Plat-Arch-204 Ultimate Study Guide - RealValidExam


Salesforce Plat-Arch-204 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Maintain Integration: This domain focuses on monitoring integration performance, defining error handling and recovery procedures, implementing escalation processes, and establishing reporting needs for ongoing integration health monitoring.
Topic 2
  • Build Solution: This domain covers implementing integrations including API design considerations, choosing outbound methods, building scalable solutions, implementing error handling, creating security solutions, and ensuring resilience during system updates.
Topic 3
  • Evaluate Business Needs: This domain addresses gathering functional and non-functional requirements, classifying data by sensitivity, identifying CRM success factors, and understanding how business growth and regulations impact integration choices.

 

NEW QUESTION # 33
Service agents at Northern Trail Outfitters use Salesforce to manage cases and B2C Commerce for ordering.22 Which integration solution should an architect recommend in order for the service agents to see order history from a business-to-consumer (B2C) Commerce system?

  • A. Salesforce B2C Commerce to Service Cloud Connector
  • B. MuleSoft Anypoint Platform
  • C. REST API offered by Commerce Platform

Answer: A

Explanation:
For organizations using both Salesforce Service Cloud and B2C Commerce (formerly Demandware), Salesforce provides a specialized, pre-built integrat25ion known as the Salesforce B2C Commerce to Service Cloud Connector. This connector is part of the Salesforce B2C Solution Architecture and is the recommended choice because it offers "out-of-the-box" cross-cloud functionality.
The connector enables several critical business processes for service agents:
Unified Customer Profile: Synchronizes customer data between the two platforms, ensuring agents have the most current contact information.
Order History Visibility: Allows agents to view real-time order data and status from the Commerce system directly within the Service Console.
Service Actions: Enables agents to perform commerce-related tasks, such as "Order on Behalf Of," without leaving the Salesforce interface.
While an architect could build a custom integration using the Commerce REST API (Option A) or MuleSoft (Option C), these approaches require significant development, testing, and long-term maintenance effort. The B2C Connector reduces time-to-market and leverages Salesforce's own engineering to handle complex synchronization logic and API versioning. Recommending the standard connector aligns with the architectural principle of "clicks before code" and ensures that the integration remains supported by Salesforce as both platforms evolve.


NEW QUESTION # 34
An enterprise customer with more than 10 million customers has a landscape including an Enterprise Billing System (EBS), a Document Management System (DMS), and Salesforce CRM. Customer Support needs seamless access to customer billing information from the EBS and generated bills from the DMS. Which authorization and authentication need should an integration consultant consider while integrating the DMS and EBS with Salesforce?

  • A. Consider Enterprise security needs for access to DMS and EBS.
  • B. Identify options to maintain DMS and EBS authentication and authorization details in Salesforce.
  • C. Consider options to migrate DMS and EBS into Salesforce.

Answer: A

Explanation:
When integrating Salesforce with high-security enterprise systems like an Enterprise Billing System (EBS) and a Document Management System (DMS), the primary architectural concern is respecting the Enterprise security needs for access control. These systems often contain highly sensitive financial data and are governed by strict regulatory requirements (e.g., PCI-DSS or GDPR).
The integration consultant must evaluate how to extend existing enterprise identity and authorization policies to Salesforce users. This often involves a Identity Federation strategy using protocols like SAML 2.0 or OpenID Connect. Instead of maintaining separate credentials in Salesforce (which Option A suggests and is generally an "anti-pattern" for 10 million records), the consultant should consider using a central Identity Provider (IdP).
By considering enterprise security needs, the architect ensures that when a support agent clicks a link in Salesforce to view a bill, the request is authenticated against the enterprise's security gateway. This allows for Single Sign-On (SSO) while ensuring that authorization (who can see what) remains mastered in the source systems or the central IdP. Migration (Option C) is physically and technically unfeasible for systems handling 10 million customers' historical bills and real-time processing. The focused objective is to build a "window" into these systems from Salesforce while maintaining the integrity of the enterprise's existing security perimeter.


NEW QUESTION # 35
The director of customer service at Northern Trail Outfitters (NTO) wants to capture and trend specific business events that occur in Salesforce in real time. The metrics will be accessed in an ad-hoc manner using an external analytics system. The events include product exchanges, authorization clicks, subscription cancellations, and refund initiations via Cases. Which solution should meet these business requirements?

  • A. Case Workflow Rule that sends an Outbound Message
  • B. Case Trigger after insert, after update to publish the platform event
  • C. Case after insert Trigger that executes a callout

Answer: B

Explanation:
To meet a requirement for real-time event capture that supports an external analytics system, the arc14hitect must choose a pattern that is scalable, decoupled, and reliable. Platform Events are the modern standard for this use case.
By using a Case Trigger to publish a specific Platform Event, NTO creates a highly decoupled Publish/Subscribe architecture. The external analytics system (or a middleware layer feeding it) acts as a subscriber to the event channel. This is superior to standard callouts or outbound messaging for several reasons:
Durability: Platform Events offer a 72-hour retention window. If the analytics system is momentarily offline, it can use the Replay ID to retrieve missed events.
Atomic Transactions: Triggers can be configured to publish events only after the database transaction successfully commits ("Publish After Commit"), ensuring the analytics system doesn't receive data for transactions that were eventually rolled back.
Event Volume: Platform Events are designed to handle much higher volumes of real-time messages than standard synchronous callouts.
Option A (Apex Callouts) is a point-to-point, synchronous pattern that would block Case processing and risk hitting "Concurrent Long-Running Request" limits. Option B (Outbound Messaging) is reliable but is limited to a single object per message and uses a rigid SOAP format that is less flexible for ad-hoc external analytics than the modern JSON/CometD/gRPC structures used by the event bus. By implementing Option C, the architect ensures that every specific business milestone (refund, exchange, cancellation) is broadcasted immediately, providing the customer service director with the accurate, real-time visibility required for trending and metrics.


NEW QUESTION # 36
A customer is evaluating the Platform Events solution and would like help in comparing/contrasting it with Outbound Messaging for real-time/near-real time needs. They expect 3,000 customers to view messages in Salesforce. What should be evaluated and highlighted when deciding between the solutions?

  • A. Message sequence is possible in Outbound Messaging, but not guaranteed with Platform Events. Both offer very high reliability. Fault handling and recovery are fully handled by Salesforce.
  • B. In both Platform Events and Outbound Messaging, the event messages are retried by and delivered in sequence, and only once. Salesforce ensures there is no duplicate message delivery.
  • C. Both Platform Events and Outbound Messaging offer declarative means for asynchronous near-real time needs. They aren't best suited for real-time integrations.

Answer: C


NEW QUESTION # 37
What should an integration architect consider when recommending Platform Events as an integration solution?

  • A. When an event definition is deleted, it's permanently removed and can't be restored.
  • B. Event Monitoring is used to track user activity, such as logins and running reports.
  • C. Subscribe to an AssetTokenEvent stream to monitor OAuth 2.0 authentication activity.

Answer: A

Explanation:
When recommending Platform Events, an architect must account for the metadata lifecycle and the permanence of administrative actions. Unlike standard or custom objects, which can often be recovered from the Recycle Bin for a limited time, Platform Event definitions are handled with stricter permanence. Once a Platform Event definition is deleted, it is permanently removed from the organization's metadata, and it cannot be restored. This deletion also immediately invalidates any associated triggers, subscriptions, and stored events in the bus.
Beyond metadata management, the architect must consider the Event Retention window. High-volume platform events are stored for 72 hours, allowing subscribers to use a Replay ID to recover missed messages. However, this durability is predicated on the definition existing; if the definition is deleted, the historical data in the bus becomes inaccessible. Option A refers to Real-Time Event Monitoring, which is a separate product feature used for security auditing rather than general integration. Option B describes a specific system event (AssetTokenEvent) used for IoT device authentication, which is a niche use case and not a general consideration for platform event architecture. Therefore, understanding the permanent nature of metadata deletion is a fundamental "Maintenance" and "Governance" consideration that the architect must highlight to ensure the stability of the enterprise's event-driven landscape.


NEW QUESTION # 38
An architect decided to use Platform Events for integrating Salesforce with an external system for a company. What should an architect consider when proposing this type of integration mechanism?

  • A. Salesforce needs to be able to store information about the external system in order to know which event to send out.
  • B. External system needs to have the same uptime in order to be able to keep up with Salesforce Platform Events.
  • C. To subscribe to an event, the integration user in Salesforce needs Read access to the event entity.

Answer: C

Explanation:
When proposing Platform Events as an integration mechanism, an architect must ensure that the security model is correctly configured to allow for the publication and subscription of events. Unlike standard objects, Platform Events have specific permission requirements for the "Integration User" or any system entity interacting with the event bus.
For an external system to subscribe to a Platform Event stream (via CometD or the Pub/Sub API), the user account used to authenticate the connection must have the "Read" permission on the specific Platform Event entity. Similarly, if the external system needs to publish events back into Salesforce, the user must have "Create" permissions. These permissions are typically managed through a Profile or a Permission Set assigned to the Integration User.
Regarding the other options, Option A is incorrect because Platform Events are designed for asynchronous communication. They are inherently decoupled; the external system does not need the same uptime as Salesforce. High-volume platform events are stored in the event bus for 72 hours, allowing an external system to "catch up" using a Replay ID once it comes back online. Option C is also incorrect because Platform Events follow a Publish/Subscribe pattern. Salesforce "broadcasts" the event to the bus without needing to know which specific external systems are listening. This decoupling is a primary advantage of event-driven architecture, as it allows for a "one-to-many" distribution model where multiple systems can consume the same message without additional configuration within Salesforce. Thus, ensuring the correct object-level permissions (Read/Create) is the most critical technical consideration for the architect to guarantee successful message delivery.


NEW QUESTION # 39
A company that is a leading provider of courses and training delivers courses using third-party trainers. The trainer for the company has to be verified by 10 different training accreditation verification agencies before providing training for the company. Each training accreditation agency has its own response time, which means it could take days to confirm a trainer. The company decided to automate the trainer accreditation verification process by integrating it with the agency's web service1s. What is the recommended approach to automa2te this process?3456

  • A. Use middleware to handl7e the callout to the 10 different verific8ation services; the middleware will handle the business logic of con9solidating the verification resu10lt from the 10 services. Then, make a call-in to Salesforce and update the verification status to "verified".
  • B. Use Salesforce External Service to make the callout; Salesforce External Service should check the verification agencies until the result is verified. Then, update the trainer status to "verified".
  • C. Make an Apex callout using @future annotation to make the callout to all different agencies.

Answer: A

Explanation:
In this scenario, the primary architectural challenge is managing high-latency, multi-step orchestration involving 10 disparate external systems. Each agency has a varying response time that can span several days, making a synchronous "Request-Reply" pattern within Salesforce technically impossible due to transaction timeout limits (maximum 120 seconds).
The recommended approach is to leverage Middleware as the orchestration and state-management layer. Middleware (such as an ESB or iPaaS) is specifically designed for Process Choreography. Salesforce initiates a single "Fire and Forget" request to the middleware. The middleware then takes responsibility for:
Sequential or Parallel Callouts: Initiating the requests to all 10 verification agencies.
Callback Management: Handling the asynchronous responses from each agency as they arrive over a period of days.
Aggregation Logic: Consolidating the results and determining when the "Business Process" is complete (e.g., all 10 agencies have approved).
Once the consolidation logic is satisfied, the middleware performs a Remote Call-In to the Salesforce REST API to update the trainer's record. This pattern keeps Salesforce "clean" by moving complex, long-running orchestration logic off-platform, preventing the consumption of excessive Apex CPU time and ensuring that Salesforce only receives a single, final status update.
Option B (External Services) is unsuitable for a multi-day asynchronous process as it is designed for real-time, synchronous Flow actions. Option C (@future) is restricted by the same 120-second timeout and cannot handle the "waiting" state required for days of verification. Using middleware provides the necessary Quality of Service (QoS), durability, and error handling required for such a critical enterprise compliance process.


NEW QUESTION # 40
An enterprise customer with more than 10 million customers has a landscape including an Enterprise Billing System (EBS), a Document Management System (DMS), and Salesforce CRM. Customer Support needs seamless access to customer billing information from the EBS and generated bills from the DMS. Which authorization and authentication need should an integration consultant consider while integrating the DMS and EBS with Salesforce?

  • A. Consider Enterprise security needs for access to DMS and EBS.
  • B. Identify options to maintain DMS and EBS authentication and authorization details in Salesforce.
  • C. Consider options to migrate DMS and EBS into Salesforce.

Answer: A

Explanation:
When integrating Salesforce with high-security enterprise systems like an Enterprise Billing System (EBS) and a Document Management System (DMS), the primary architectural concern is respecting the Enterprise security needs for access control. These systems often contain highly sensitive financial data and are governed by strict regulatory requirements (e.g., PCI-DSS or GDPR).
The integration consultant must evaluate how to extend existing enterprise identity and authorization policies to Salesforce users. This often involves a Identity Federation strategy using protocols like SAML 2.0 or OpenID Connect. Instead of maintaining separate credentials in Salesforce (which Option A suggests and is generally an "anti-pattern" for 10 million records), the consultant should consider using a central Identity Provider (IdP).
By considering enterprise security needs, the architect ensures that when a support agent clicks a link in Salesforce to view a bill, the request is authenticated against the enterprise's security gateway. This allows for Single Sign-On (SSO) while ensuring that authorization (who can see what) remains mastered in the source systems or the central IdP. Migration (Option C) is physically and technically unfeasible for systems handling 10 million customers' historical bills and real-time processing. The focused objective is to build a "window" into these systems from Salesforce while maintaining the integrity of the enterprise's existing security perimeter.


NEW QUESTION # 41
Northern Trail Outfitters uses a custom Java application to display code coverage and test results for all enterprise applications. Which Salesforce API should an integration architect use to include Salesforce in this application?

  • A. Metadata API
  • B. Tooling API
  • C. Analytics REST API

Answer: B

Explanation:
The Tooling API is specifically designed for developer-centric tools that need fine-grained access to Salesforce metadata and runtime information. It exposes specialized objects like ApexCodeCoverage, ApexCodeCoverageAggregate, and ApexTestResult. These objects allow external applications to query the results of test runs and specific line-by-line coverage metrics. While the Metadata API (Option A) is used for deployments, it does not provide the same granular query access to test execution results. The Tooling API is the industry standard for integrating Salesforce into enterprise CI/CD pipelines and quality dashboards.


NEW QUESTION # 42
Northern Trail Outfitters (NTO) wants to improve the quality of callouts from Salesforce to its REST APIs by adhering to RAML (REST API Markup Language) specifications. The RAML specs serve as interface contracts. Which design specification should the integration architect include to ensure that Apex REST API Clients' unit tests confirm adherence to the RAML specs?

  • A. Call the HttpCalloutMock implementation from the Apex REST API Clients.
  • B. Call the Apex REST API Clients in a test context to get the mock response.
  • C. Require the Apex REST API Clients to implement the HttpCalloutMock.

Answer: C

Explanation:
In Salesforce, you cannot perform real HTTP callouts during unit tests. To test integration logic, developers must use the HttpCalloutMock interface to simulate the API's response. To ensure that the Apex code adheres to the RAML contract, the architect should require that the test mock implementation strictly follows the RAML specifications.
By requiring the Apex REST API Clients to implement the HttpCalloutMock (or more specifically, creating a mock class that implements it), the developer creates a controlled testing environment. The mock class should be coded to return a payload that matches the RAML-defined structure (fields, data types, and status codes). When the test runs, the Apex client receives this "contract-compliant" response. The unit test then uses assertions to verify that the Apex code correctly parses and handles this specific data structure.
Option B is technically imprecise; you don't "call" the mock from the client, you provide the mock to the test runtime using Test.setMock(). Option C describes the general process of testing but does not address the "design specification" needed to ensure contract adherence. By mandating a mock implementation that mirrors the RAML contract, the architect ensures that if the API contract changes in the RAML file, the unit tests will fail if the Apex code is not updated to match, thereby maintaining high integration quality and preventing runtime errors.


NEW QUESTION # 43
A customer's enterprise architect has identified requirements around caching, queuing, error handling, alerts, retries, event handling, etc. Which recommendation should the integration architect make?

  • A. Transform a Fire and Forget mechanism to Request and Reply, which should be handled by middleware tools (like ETL/ESB) to improve performance.
  • B. Event handling in a publish/subscribe scenario; the middleware can be used to route requests or messages to active data-event subscribers from active data-event publishers.
  • C. Message transformation and protocol translation should be done within Salesforce.

Answer: B

Explanation:
When an enterprise architect identifies complex infrastructure needs such as caching, queuing, and sophisticated event routing, it signals that a point-to-point integration architecture is insufficient. In such cases, the Integration Architect should recommend a Middleware-mediated architecture.
Middleware tools, such as an Enterprise Service Bus (ESB) or an iPaaS (Integration Platform as a Service), are specifically designed to fulfill these complex "Quality of Service" (QoS) requirements. In a publish/subscribe scenario, the middleware acts as the central orchestrator. It can receive a single "Fire and Forget" event from a publisher (like Salesforce) and then manage the technical complexities of routing that message to multiple active subscribers.
Middleware handles infrastructure-level tasks such as message queuing for offline systems, automatic retries with exponential backoff, and error handling with alerts-capabilities that are either unavailable or difficult to scale within Salesforce natively. Performing message transformation and protocol translation (e.g., SOAP to REST) within the middleware layer also protects Salesforce's Apex CPU limits. By leveraging middleware for these concerns, the architect ensures that Salesforce remains a performant engagement layer while the middleware provides the robust technical backbone for a resilient enterprise landscape.


NEW QUESTION # 44
Northern Trail Outfitters (NTO) uses a custom mobile app to interact with its customers. One of the features of the app is Salesforce Chatter Feeds. NTO wants to automatically post a Chatter item to Twitter whenever the post includes the #thanksNTO hashtag.
Which API should an integration architect use to meet this requirement?

  • A. Streaming API to generate PushTopic
  • B. REST API
  • C. Connect REST API

Answer: C

Explanation:
When designing integrations that specifically involve Chatter, social collaboration, or Experience Cloud sites, the Connect REST API (formerly known as the Chatter REST API) is the architecturally recommended choice. While the standard REST API is optimized for CRUD operations on data records, the Connect REST API is specifically designed to handle the complex, nested structures of social feeds, including posts, comments, hashtags, and mentions.
The Connect REST API provides a specialized resource for feed elements that simplifies the process of identifying specific social markers like hashtags. In this use case, the mobile app or a middleware service can subscribe to or query the feed. The Connect REST API returns structured data where hashtags are identified as distinct message segments, making it trivial for an application logic to detect the #thanksNTO tag and trigger a subsequent call to the Twitter API.
From an architectural standpoint, using the Connect REST API offers several advantages over the standard REST API or Streaming API for this requirement:
Efficiency: Connect REST API responses are structured specifically for presentation in mobile applications, providing only the relevant social metadata and localized content needed for the feed.
Feature Richness: It provides native support for social actions such as liking, sharing, and following, which are often required alongside feed monitoring.
Scalability: It is designed to handle the high-volume, real-time nature of social interactions within Experience Cloud and mobile ecosystems.
While the Streaming API (Option B) can notify an application of record changes, it does not provide the rich, formatted social context that the Connect REST API delivers. The standard REST API (Option A) could technically access FeedItem records, but it would require significant custom parsing logic to identify hashtags within the raw body text, whereas the Connect REST API handles this segmenting natively. Therefore, for building custom mobile experiences that interact with Chatter data, the Connect REST API is the superior solution.


NEW QUESTION # 45
A customer is migrating from an old legacy system to Salesforce. As part of the modernization effort, the customer would like to integrate all existing systems that currently work with its legacy application with Salesforce. Which constraint/pain-point should an integration architect consider when choosing the integration pattern/mechanism?

  • A. Reporting and usability requirements
  • B. Multi-language and multi-currency requirement
  • C. Data volume and processing volume

Answer: C

Explanation:
When migrating from a legacy environment to a multi-tenant cloud platform like Salesforce, Data volume and processing volume represent the most critical technical constraints. Legacy systems often operate without the strict governor limits found in Salesforce, meaning they may push large datasets or high-frequency updates that could easily overwhelm standard Salesforce APIs.
An integration architect must evaluate these volumes to determine the appropriate integration pattern:
Pattern Selection: If the daily volume involves millions of records, the architect must recommend the Bulk API rather than standard REST or SOAP APIs to avoid hitting daily API limits.
Synchronous vs. Asynchronous: High processing volumes often necessitate asynchronous patterns (such as Fire-and-Forget or Batch) to prevent user-interface lag and "Concurrent Request Limit" errors.
Data Virtualization: If the legacy data volume is massive but only needs to be viewed occasionally, the architect might consider Salesforce Connect to avoid consuming expensive internal data storage.
While reporting (Option A) and multi-currency (Option C) are important functional requirements, they do not fundamentally dictate the technical "plumbing" or scalability of the integration architecture. By prioritizing the analysis of volume and processing needs, the architect ensures the new modernization effort is stable, performant, and capable of scaling as the business grows within the bounds of the Salesforce platform.


NEW QUESTION # 46
The URL for a business-critical external service providing exchange rates changed without notice. Which solutions should be implemented to minimize potential downtime for users in this situation?

  • A. Named Credentials and Content Security Policies
  • B. Enterprise Service Bus (ESB) and Remote Site Settings
  • C. Remote Site Settings and Named Credentials

Answer: C

Explanation:
To minimize downtime when an external endpoint changes, an Integration Architect must ensure that the URL is not "hardcoded" within Apex code or configuration. The standard Salesforce mechanism for abstracting and managing external endpoints is Named Credentials.
Named Credentials specify the URL of a callout endpoint and its required authentication parameters in one definition. If the URL changes, an administrator simply updates the "URL" field in the Named Credential setup. This change takes effect immediately across all Apex callouts, Flows, and External Services that reference it, without requiring a code deployment or a sandbox-to-production migration.
Along with Named Credentials, Remote Site Settings (or the more modern External Website Configurations) are required. Salesforce blocks all outbound calls to URLs that are not explicitly whitelisted.
By having both in place, the remediation process is:
Update the URL in the Named Credential.
Update (or add) the new URL in the Remote Site Settings.
This approach follows the "Separation of Concerns" principle. Option B (ESB) could technically handle this, but it adds an extra layer of failure and complexity for a simple URL change. Option C (Content Security Policies) is used to control which resources (like scripts or images) a browser is allowed to load in the UI; it does not govern server-side Apex callouts. Therefore, the combination of Named Credentials and Remote Site whitelisting is the most efficient and standard way to provide architectural agility and minimize downtime.


NEW QUESTION # 47
A company uses Customer Community for course registration. The payment gateway takes more than 30 seconds to process transactions. Students want results in real time to retry if errors occur. What is the recommended integration approach?

  • A. Use Request and Reply to make an API call to the payment gateway.
  • B. Use Continuation to process payment to the payment gateway
  • C. Use Platform Events to process payment to the payment gateway.

Answer: B

Explanation:
Standard synchronous Apex callouts have a timeout limit, and more importantly, Salesforce limits the number of long-running requests (those lasting longer than 5 seconds) that can execute concurrently. If a payment gateway consistently takes 30 seconds, a few simultaneous users could easily exhaust the org's concurrent request limit, causing the entire system to stop responding.
The Continuation pattern (Option C) is designed specifically for this "long-wait" scenario. It allows the Apex request to be suspended while waiting for the external service to respond, freeing up the Salesforce worker thread to handle other users. Once the gateway responds, the suspended process resumes and returns the result to the student's browser. This provides the "real-time" experience required for the student to retry immediately without the risk of bringing down the entire community due to thread exhaustion.


NEW QUESTION # 48
Northern Trail Outfitters needs to make synchronous callouts to "available-to-promise" services to query product availability and reserve inventory during the customer checkout process. What should an integration architect consider when building a scalable integration solution?

  • A. The maximum query cursors open per user on the service
  • B. The number of batch jobs that can run concurrently
  • C. How many concurrent service calls are being placed

Answer: A


NEW QUESTION # 49
A business requires automating the check and updating of the phone number type classification (mobile vs. landline) for all incoming calls delivered to its phone sales agents. The following conditions exist:
At peak, the call center can receive up to 100,000 calls per day.
The phone number type classification is a service provided by an external service API.
Business is flexible with timing and frequency to check and update the records (throughout the night or every 6-12 hours is sufficient).
A Remote-Call-In pattern and/or Batch Synchronization (Replication via ETL: System -> Salesforce) are determined to work with a middleware hosted on customer premise. In order to implement these patterns and mechanisms, which component should an integration architect recommend?

  • A. Remote Site Settings configured in Salesforce to authenticate the middleware
  • B. An API Gateway that authenticates requests from Salesforce into the middleware (ETL/ESB)
  • C. ConnectedApp configured in Salesforce to authenticate the middleware

Answer: C

Explanation:
In this scenario, the architecture involves a Remote-Call-In pattern or Batch Synchronization, where an external system (the middleware or ETL tool) initiates communication with Salesforce to update records. For any external system to securely access Salesforce APIs and perform these updates, it must be authenticated and authorized.
The Connected App is the foundational framework that allows an external application to integrate with Salesforce using APIs and standard protocols, such as OAuth 2.0 and SAML. By configuring a Connected App, the architect can define which permissions (Scopes) the middleware has, such as the ability to access data via the REST or Bulk API. This is the correct choice because the middleware needs to "log in" to Salesforce to push the phone classification data back into the Account or Contact records.
Option B, an API Gateway, is typically used to manage and secure requests going out of an organization to external services, or to provide a facade for on-premise APIs; it does not handle the inbound authentication into Salesforce itself. Option C, Remote Site Settings, is a configuration used solely to permit Salesforce to make outbound calls to a specific external URL (for example, if Salesforce were calling the phone classification service directly via Apex).
Given that the business is flexible with timing (allowing for nightly or 12-hour syncs) and handles 100,000 calls, a Batch Synchronization pattern via an ETL tool is highly efficient. The ETL tool will authenticate against the Connected App using a secure OAuth flow (such as the JWT Bearer Flow for server-to-server integration), retrieve the new phone numbers, call the external classification API, and then bulk-update the Salesforce records. This setup ensures a secure, scalable, and manageable integration that respects Salesforce's security architecture while meeting the high-volume data requirements of the call center.


NEW QUESTION # 50
......

Ultimate Guide to Prepare Plat-Arch-204 Certification Exam for Salesforce Certified Administrator: https://officialdumps.realvalidexam.com/Plat-Arch-204-real-exam-dumps.html