Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Exam - Topic 10 Question 53 Discussion

In Log Center, a developer notes a number of Cross Site Request Forgery (CSRF) log entries. The developer knows that this happens when a CSRF token is either not found or is invalid, and is working to remedy the situation as soon as possible.Which two courses of action might solve the problem?Choose 2 answers
A) Add the token in the ISML template.
B) Extend the CSRF token validity to avoid timeouts.
C) Delete the existing CSRF whitelists in Business Manager.
D) Add csrfProtection.generateToken as a middleware step in the controller.

Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Exam - Topic 10 Question 53 Discussion

Actual exam question for Salesforce's Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) exam
Question #: 53
Topic #: 10
[All Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions]

In Log Center, a developer notes a number of Cross Site Request Forgery (CSRF) log entries. The developer knows that this happens when a CSRF token is either not found or is invalid, and is working to remedy the situation as soon as possible.

Which two courses of action might solve the problem?

Choose 2 answers

Show Suggested Answer Hide Answer
Suggested Answer: A

by Daniel at Sep 03, 2023, 12:59 PM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ilona
6 months ago
Is extending token validity really safe? Seems sketchy.
upvoted 0 times
...
Timothy
7 months ago
Totally agree with A, it's a must-have!
upvoted 0 times
...
Dottie
7 months ago
Wait, deleting whitelists? That sounds risky!
upvoted 0 times
...
Viola
7 months ago
I think B could work too, but not sure if it's the best move.
upvoted 0 times
...
Iluminada
7 months ago
A and D seem like solid options!
upvoted 0 times
...
Chanel
8 months ago
Adding csrfProtection.generateToken as middleware sounds familiar. I feel like we covered that in one of our labs.
upvoted 0 times
...
Leonora
8 months ago
I think deleting the existing CSRF whitelists could cause more issues. We should be careful with that option.
upvoted 0 times
...
Hildegarde
8 months ago
I'm not entirely sure, but extending the CSRF token validity might help with timeouts. We did a similar question on that last week.
upvoted 0 times
...
Odelia
8 months ago
I remember we discussed adding the CSRF token in the ISML template during our last practice session. That seems like a solid option.
upvoted 0 times
...
Felicitas
8 months ago
Adding the token in the ISML template and extending the token validity - that's my plan. Seems like the most straightforward way to address the CSRF log entries.
upvoted 0 times
...
Stephaine
8 months ago
Okay, I think I've got this. Adding the token in the ISML template and using the csrfProtection.generateToken middleware in the controller should do the trick. Gotta remember those two options.
upvoted 0 times
...
Shonda
8 months ago
Hmm, I'm a bit confused here. Do I need to delete the existing CSRF whitelists in Business Manager as well? Or is that not the right approach?
upvoted 0 times
...
Marsha
8 months ago
This seems like a straightforward CSRF issue. I'd start by adding the token in the ISML template and extending the token validity to avoid timeouts.
upvoted 0 times
...
Suzan
8 months ago
Okay, let me see. Based on the question, I think the answer is probably B. monitor, but I'll double-check the other options just to be sure.
upvoted 0 times
...
Alyce
8 months ago
I'm a little confused by the question. What exactly is the difference between a controlled vocabulary, corporate taxonomy, and folksonomy? I want to make sure I understand the nuances before selecting an answer.
upvoted 0 times
...
Lanie
8 months ago
I'm a bit confused... implementing a punishment procedure seems harsh, but I guess it could deter the aggression? I'm unsure about that one.
upvoted 0 times
...
Roxane
1 year ago
Hold up, I've got a brilliant idea - let's just turn off CSRF protection entirely. What could possibly go wrong?
upvoted 0 times
...
Nu
1 year ago
Ah, the old 'add a middleware step' trick. Classic developer move right there.
upvoted 0 times
Tien
11 months ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Marylin
12 months ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Catarina
1 year ago
Deleting the CSRF whitelists? That's like taking a sledgehammer to a fly. Talk about overkill!
upvoted 0 times
Samira
1 year ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Maddie
1 year ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Nadine
1 year ago
Extending the CSRF token validity? Nah, that's just kicking the can down the road. Better to address the root cause.
upvoted 0 times
Destiny
1 year ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Johnetta
1 year ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Rebbecca
1 year ago
Adding the token in the ISML template is the right move. That's the standard way to include the CSRF token in the page.
upvoted 0 times
Tamra
1 year ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Chi
1 year ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Tammara
1 year ago
I'm not sure about deleting the existing CSRF whitelists in Business Manager. Maybe adding csrfProtection.generateToken as a middleware step in the controller would be more effective.
upvoted 0 times
...
Domingo
1 year ago
I agree with Dominque. Extending the CSRF token validity might also be a good idea.
upvoted 0 times
...
Dominque
1 year ago
I think adding the token in the ISML template could help.
upvoted 0 times
...

Save Cancel