Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Exam B2C Commerce Architect Topic 1 Question 59 Discussion

Actual exam question for Salesforce's B2C Commerce Architect exam
Question #: 59
Topic #: 1
[All B2C Commerce Architect Questions]

During implementation, the team found that there is a notification controller exposed for an external service that marks the order as paid when notification is received. The notification URL is sent to the service together with the payment request and contains only the URL with orderlD as the parameter.

What should the Architect recommend to the team in order to prevent the unauthorized usage of the controller to mark the orders as paid?

Show Suggested Answer Hide Answer
Suggested Answer: C

In the given scenario, where the Email Marketing System (EMS) requires order data to send product recommendations based on stock availability, it is crucial that the most up-to-date and relevant data is used. Here's why the chosen data sources are appropriate:

Order and Customer Data from Production: Since order and customer interactions occur in real-time, exporting this data from the Production environment ensures that the most current information is used for the email marketing campaigns. This accuracy is vital for personalization and timeliness of the communications sent to customers.

Product and Inventory Data from Staging: Given that the staging environment is typically one step behind production and is used for testing before changes go live, it provides a stable dataset that reflects what is currently live without the risk of including any unvetted changes. This setup is suitable for inventory and product data, which are less susceptible to minute-by-minute changes compared to order data and can be pre-validated before use in marketing efforts.

This configuration helps ensure that the EMS has access to reliable data reflecting current stock levels and product details, which is essential for crafting accurate marketing messages based on product availability.


by Svetlana at Feb 12, 2025, 02:02 PM

Limited Time Offer

25%

Off

Get Premium B2C Commerce Architect Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Cheryl
1 days ago
I'm not a fan of option A. Tying the customer number to the order seems like an unnecessary complication. Option C is the clear winner here.
upvoted 0 times
...
Olene
2 days ago
I think option A is also a good choice. Adding a customer number in the callback URL and matching it against the one stored on the order can also help prevent unauthorized usage. It's important to have multiple layers of security measures in place.
upvoted 0 times
...
Donette
5 days ago
I agree with Odette. Adding an order token in the callback URL is a good idea to prevent unauthorized usage of the controller. It's important to have that extra validation step.
upvoted 0 times
...
Odette
7 days ago
I think the Architect should recommend adding an order token in the callback URL and match the token against the one stored on the order. This way, it adds an extra layer of security.
upvoted 0 times
...
Deandrea
10 days ago
Option C sounds like the way to go. Adding an order token to the callback URL and verifying it against the stored token is a simple yet effective way to prevent unauthorized access.
upvoted 0 times
...

Save Cancel