Salesforce Integration-Architect - Salesforce Certified Integration Architect (SP25)

The integration consultant should implement monitoring by identifying criticalbusiness processes and establishing automation to monitor performance against established benchmarks. This approach can help detect and diagnose any degradation in Salesforce performance, such as slow response time, high error rate, or low availability. The automation can use various tools and methods, such as platform events, event monitoring, health check, or third-party monitoring services123

References: Proactive Monitoring - Salesforce.com, 17 Free Ways to Monitor Your Salesforce Org | Salesforce Ben, Measure Lightning Experience Performance and Experienced … -Trailhead

The maximum calloutsin a single Apex transaction is one of the factors that should be considered when choosing Apex code to make callouts to an external system. The limit is 100 callouts per transaction, and if this limit is exceeded, a LimitException is thrown. Therefore, the integration architect should evaluate the expected volume and frequency of the callouts and design the solution accordingly2

References: Salesforce API Limits and Usage

Event Monitoring is used to track user activity, such as loginsand running reports, but it is not related to Platform Events. Subscribe to an AssetTokenEvent stream to monitor OAuth 2.0 authentication activity is also not related to Platform Events. When an event definition is deleted, it’s permanently removed and can’t berestored. This means that the event definition and its associated data are no longer available for subscribers or queries.

The considerations that an Integration Architect should do prior to the implementation of Shield Platform Encryption are:

Review shield platform encryptionconfigurations.

Encrypt all the data so that it is secure.

Shield Platform Encryption is a feature that allows you to encrypt sensitive data at rest in Salesforce, such as social security numbers, without compromising critical platform functionality. Before implementing Shield Platform Encryption, you should review the shield platform encryption configurations, such as the encryption key management, the encryption policy, and the encrypted fields and files. You should also encrypt all the data that is subject to encryption, not just the data using the most current key. Encrypting all the data ensures that your data is secure and compliant with your business requirements. Encrypting the data using the most current key is not a valid consideration because Shield Platform Encryption uses a deterministic encryption scheme that does not allow you to rotate or re-encrypt your data with a new key. Using Shield Platform Encryption as a user authentication or authorization tool is not a valid consideration because Shield Platform Encryption is not designed for that purpose. Shield Platform Encryption only encrypts data at rest, not in transit or in use.

The recommendations that the Salesforce integration architect should make to fulfill the requirements around caching, queuing, error handling, alerts, retries, event handling, etc. arebased on the best practices and capabilities of the middleware tools. The recommendation B is valid because middleware tools can provide true message queueing for integration scenarios that require asynchronous processing, guaranteed delivery, load balancing, etc. The recommendation D is valid because middleware tools can handle various events that may occur during the integration process, such as logging errors, sending notifications, triggering recovery actions, etc. The recommendation E is valid becausemiddleware tools can support the publish/subscribe pattern for event-driven integration, where the middleware can route messages from publishers to subscribers based on topics or filters. The recommendation A is not valid because transforming a fire-and-forget mechanism to request-reply does not improve performance, but rather increases the latency and complexity of the integration. The recommendation C is not valid because message transformation and protocol translation are tasks that are better suited for middleware tools than Salesforce, as they can handle different formats and protocols more efficiently and flexibly23

1: Integration Architecture Designer Resource Guide 2: Integration Patterns and Practices 3: Salesforce Integration Architecture Designer Certification Exam Guide

 The integration architect should require bulk load for Einstein Analytics and callouts to RESTful services for the Community Cloud portal and Einstein Analytics. Bulk load is a capability that allows loading large volumes of data into Einstein Analytics from external sources, such as the Patient Prescriptions System. This can be done securely by using encryption in transit and at rest, and by masking or removing any identifiable patient information from the data. Callouts to RESTful services are a capability that allows making requests to external web services from Salesforce, such as the Patient Prescriptions System. This can be done securely by using identity tokens or certificates for authentication and authorization, and by using encryption in transit and at rest12

References: How to Load Data into Einstein Analytics, Strengthen Your Data’s Security with Shield Platform Encryption

A microservice architecture is a way of designing software applications as a collection of loosely coupled services, each of which implements a specific business function.Microservices enable modularity, scalability, and agility in software development, as well as easier testing and deployment. By breaking up the monolithic web service into smaller pieces, each responsible for a single integration, UC can decouple the systems and improve the performance of the integrations. For example, UC can use Salesforce Platform Events to publish and subscribe to events from Salesforce to the legacy billing application, the ERP application, and the data lake. This way, UC can avoid point-to-point integrations and leverage an event-driven architecture that reduces coupling and increases reliability12.

The other options are not as effective as option B. Option A does not address the root cause of the tight interdependencies between systems, and may not result in significant performance improvement. Option C may improve the throughput of data loading into Salesforce, but it does not solve the problem of coupling between systems. Option D mayreduce the latency and maintenance costs of the web service, but it does not change the design of the web service or the integrations.

References: 1: Microservice Architectures With Sales and Service Cloud - Salesforce Live 2: 6 Fundamental Principles of Microservice Design | Salesforce

Option A is correct because external gateway products in use can affect the performance and security of outbound integrations from Salesforce to on-premise servers. External gateway products are software or hardwaredevices that act as intermediaries between Salesforce and the on-premise servers, such as firewalls, proxies, load balancers, or VPNs. They can have different configurations, features, and limitations that can impact the speed, reliability, and security ofthe data transmission. For example, some external gateway products may require authentication, encryption, or compression of the data, which can add overhead and latency to the integration. Some external gateway products may also have bandwidth or throughput limits, which can affect the scalability and availability of the integration. Therefore, the architect should consider the external gateway products in use before recommending a solution.

Option B is incorrect because a default gateway restriction is not a factor that can affect the performance and security of outbound integrations from Salesforce to on-premise servers. A default gateway restriction is a feature that allows administrators to restrict outbound requests from Salesforce to a specific IP address or domain name. This can help prevent unauthorized or malicious requests from Salesforce to external systems. However, this feature does not affect the performance or security of the outbound requests themselves, as it only acts as a filter for the destination of the requests.

Option C is incorrect because considerations for using deterministic encryption are not relevant for outbound integrations from Salesforce to on-premise servers. Deterministic encryption is a type of encryption that produces thesame ciphertext for the same plaintext input. This can help preserve some functionality and performance of encrypted data in Salesforce, such as filtering, sorting, and indexing. However, deterministic encryption is not applicable for outbound integrations from Salesforce to on-premise servers, as it is only supported for custom fields and not for standard fields or attachments. Moreover, deterministic encryption does not affect the security of the data transmission itself, as it only encrypts the data atrest in Salesforce.

Option D is incorrect because Shield Platform Encryption limitations are not relevant for outbound integrations from Salesforce to on-premise servers. Shield Platform Encryption is a feature that allows administrators to encrypt sensitive data at rest in Salesforce using AES 256-bitencryption. This can help protect data from unauthorized access or theft. However, Shield Platform Encryption limitations are not relevant for outbound integrations from Salesforce to on-premise servers, as they only affect the functionality and performance of encrypted data in Salesforce, such as searching, reporting, or validation rules. Shield Platform Encryption does not affect the security of the data transmission itself, as it only encrypts the data at rest in Salesforce.

References: Salesforce Integration Patterns and Practices : Salesforce Integration Guide : Restrict Outbound Requests with a Default Gateway : Deterministic Encryption : Shield Platform Encryption Considerations : Shield PlatformEncryption : Shield Platform Encryption Architecture