Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Exam - Topic 10 Question 53 Discussion

Actual exam question for Salesforce's Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) exam
Question #: 53
Topic #: 10
[All Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions]

In Log Center, a developer notes a number of Cross Site Request Forgery (CSRF) log entries. The developer knows that this happens when a CSRF token is either not found or is invalid, and is working to remedy the situation as soon as possible.

Which two courses of action might solve the problem?

Choose 2 answers

Show Suggested Answer Hide Answer
Suggested Answer: A

by Daniel at Sep 03, 2023, 12:59 PM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ilona
5 months ago
Is extending token validity really safe? Seems sketchy.
upvoted 0 times
...
Timothy
5 months ago
Totally agree with A, it's a must-have!
upvoted 0 times
...
Dottie
5 months ago
Wait, deleting whitelists? That sounds risky!
upvoted 0 times
...
Viola
6 months ago
I think B could work too, but not sure if it's the best move.
upvoted 0 times
...
Iluminada
6 months ago
A and D seem like solid options!
upvoted 0 times
...
Chanel
6 months ago
Adding csrfProtection.generateToken as middleware sounds familiar. I feel like we covered that in one of our labs.
upvoted 0 times
...
Leonora
6 months ago
I think deleting the existing CSRF whitelists could cause more issues. We should be careful with that option.
upvoted 0 times
...
Hildegarde
6 months ago
I'm not entirely sure, but extending the CSRF token validity might help with timeouts. We did a similar question on that last week.
upvoted 0 times
...
Odelia
6 months ago
I remember we discussed adding the CSRF token in the ISML template during our last practice session. That seems like a solid option.
upvoted 0 times
...
Felicitas
6 months ago
Adding the token in the ISML template and extending the token validity - that's my plan. Seems like the most straightforward way to address the CSRF log entries.
upvoted 0 times
...
Stephaine
6 months ago
Okay, I think I've got this. Adding the token in the ISML template and using the csrfProtection.generateToken middleware in the controller should do the trick. Gotta remember those two options.
upvoted 0 times
...
Shonda
6 months ago
Hmm, I'm a bit confused here. Do I need to delete the existing CSRF whitelists in Business Manager as well? Or is that not the right approach?
upvoted 0 times
...
Marsha
7 months ago
This seems like a straightforward CSRF issue. I'd start by adding the token in the ISML template and extending the token validity to avoid timeouts.
upvoted 0 times
...
Suzan
7 months ago
Okay, let me see. Based on the question, I think the answer is probably B. monitor, but I'll double-check the other options just to be sure.
upvoted 0 times
...
Alyce
7 months ago
I'm a little confused by the question. What exactly is the difference between a controlled vocabulary, corporate taxonomy, and folksonomy? I want to make sure I understand the nuances before selecting an answer.
upvoted 0 times
...
Lanie
7 months ago
I'm a bit confused... implementing a punishment procedure seems harsh, but I guess it could deter the aggression? I'm unsure about that one.
upvoted 0 times
...
Roxane
11 months ago
Hold up, I've got a brilliant idea - let's just turn off CSRF protection entirely. What could possibly go wrong?
upvoted 0 times
...
Nu
11 months ago
Ah, the old 'add a middleware step' trick. Classic developer move right there.
upvoted 0 times
Tien
10 months ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Marylin
10 months ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Catarina
12 months ago
Deleting the CSRF whitelists? That's like taking a sledgehammer to a fly. Talk about overkill!
upvoted 0 times
Samira
11 months ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Maddie
11 months ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Nadine
1 year ago
Extending the CSRF token validity? Nah, that's just kicking the can down the road. Better to address the root cause.
upvoted 0 times
Destiny
11 months ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Johnetta
12 months ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Rebbecca
1 year ago
Adding the token in the ISML template is the right move. That's the standard way to include the CSRF token in the page.
upvoted 0 times
Tamra
12 months ago
D) Add csrfProtection.generateToken as a middleware step in the controller.
upvoted 0 times
...
Chi
12 months ago
A) Add the token in the ISML template.
upvoted 0 times
...
...
Tammara
1 year ago
I'm not sure about deleting the existing CSRF whitelists in Business Manager. Maybe adding csrfProtection.generateToken as a middleware step in the controller would be more effective.
upvoted 0 times
...
Domingo
1 year ago
I agree with Dominque. Extending the CSRF token validity might also be a good idea.
upvoted 0 times
...
Dominque
1 year ago
I think adding the token in the ISML template could help.
upvoted 0 times
...

Save Cancel