New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Exam - Topic 2 Question 86 Discussion

Actual exam question for Salesforce's Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) exam
Question #: 86
Topic #: 2
[All Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions]

In Log Center, a developer notes j number of Cross Site Request Forgery (CSRF) log entries.

After adding the token in the 15ML template, which action might solve this problem'

Show Suggested Answer Hide Answer
Suggested Answer: C

by Stevie at Feb 11, 2025, 04:42 AM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Richelle
3 months ago
Wait, does deleting the allow list really help? Sounds sketchy.
upvoted 0 times
...
Gaynell
3 months ago
I think adding middleware is a solid solution.
upvoted 0 times
...
Gail
3 months ago
Deleting the allow list? That sounds risky!
upvoted 0 times
...
Dino
4 months ago
I disagree, extending the token validity could just mask the issue.
upvoted 0 times
...
Erick
4 months ago
A seems like the right move to me.
upvoted 0 times
...
Izetta
4 months ago
Adding csrfProtection middleware sounds familiar, but I can't recall if we covered that as a solution specifically for log entries.
upvoted 0 times
...
Goldie
4 months ago
I feel like deleting the CSRF allow list might be too drastic. We practiced a similar question, and I think it was about adjusting settings rather than removing them.
upvoted 0 times
...
Margot
4 months ago
I think extending the CSRF token validity could help, but I wonder if it might just mask the underlying issue instead of solving it.
upvoted 0 times
...
Shaquana
5 months ago
I remember we discussed CSRF protection in class, but I'm not entirely sure if adding middleware is the right step here.
upvoted 0 times
...
Aja
5 months ago
I think the answer is A. Adding the csrfProtection middleware is the standard way to protect against CSRF attacks. The other options don't seem quite right to me.
upvoted 0 times
...
Rashida
5 months ago
I'm not entirely sure about this one. I know CSRF is a common security issue, but I'm not familiar with the specifics of how to address it in this context. I'll need to review my notes before answering.
upvoted 0 times
...
Alaine
5 months ago
Okay, I've got this. The key is to add the csrfProtection middleware in the controller, as option A suggests. That will ensure the CSRF token is properly validated for all requests.
upvoted 0 times
...
Catina
5 months ago
Hmm, I'm a bit confused by this one. I'm not sure if extending the CSRF token validity or deleting the allow list are the right approaches. I'll need to think this through carefully.
upvoted 0 times
...
Clorinda
5 months ago
This looks like a straightforward CSRF question. I think the answer is A - adding the csrfProtection middleware steps in the controller should solve the problem.
upvoted 0 times
...
Laurel
9 months ago
I'd go with option A, but only if I can also add a few extra layers of security, like a secret handshake and a decoder ring. You can never be too careful, you know?
upvoted 0 times
Isabella
8 months ago
User 4: Definitely, can't be too careful with CSRF attacks.
upvoted 0 times
...
Micaela
8 months ago
User 3: I agree, extra layers of security are always a plus.
upvoted 0 times
...
Judy
9 months ago
User 2: Yeah, adding csrfProtection middleware steps sounds like a good idea.
upvoted 0 times
...
Susana
9 months ago
User 1: I think option A is the way to go.
upvoted 0 times
...
...
Theron
10 months ago
Option A sounds like the way to go. After all, you can't spell 'CSRF' without 'CSR', so the middleware is clearly the key here.
upvoted 0 times
Marylyn
8 months ago
User 3: Definitely, adding the middleware will enhance security for sure.
upvoted 0 times
...
Dominga
9 months ago
User 2: Agreed, that seems like the best solution to prevent CSRF attacks.
upvoted 0 times
...
Rosendo
9 months ago
User 1: I think we should go with option A and add csrfProtection middleware steps in the controller.
upvoted 0 times
...
...
Leonora
10 months ago
Deleting the CSRF allow list? That's like trying to fix a leaky faucet by turning off the water supply. Not the best approach in my opinion.
upvoted 0 times
Corrina
9 months ago
C) Delete the existing CSRF allow list in Business Manager.
upvoted 0 times
...
Wenona
9 months ago
C) Delete the existing CSRF allow list in Business Manager.
upvoted 0 times
...
Jesusa
9 months ago
B) Extend the CSRF token validity to avoid timeouts.
upvoted 0 times
...
Pamela
9 months ago
B) Extend the CSRF token validity to avoid timeouts.
upvoted 0 times
...
Gerald
9 months ago
A) Add csrfProtection middleware steps in the controller
upvoted 0 times
...
Miles
9 months ago
A) Add csrfProtection middleware steps in the controller
upvoted 0 times
...
...
Freida
10 months ago
Extending the CSRF token validity might work, but that's just a temporary fix. It's better to implement the proper CSRF protection mechanisms to ensure long-term security.
upvoted 0 times
...
Tamar
10 months ago
Adding the CSRF token in the template is a good start, but we need to make sure the middleware is set up correctly to protect against CSRF attacks. Option A seems like the best solution here.
upvoted 0 times
Shay
9 months ago
I agree, setting up the csrfProtection middleware is crucial for preventing CSRF attacks.
upvoted 0 times
...
Buffy
9 months ago
C) Delete the existing CSRF allow list in Business Manager.
upvoted 0 times
...
Rodolfo
10 months ago
B) Extend the CSRF token validity to avoid timeouts.
upvoted 0 times
...
Chantay
10 months ago
A) Add csrfProtection middleware steps in the controller
upvoted 0 times
...
...
Juliann
11 months ago
I'm not sure, but extending the CSRF token validity could also be a good solution.
upvoted 0 times
...
Fidelia
11 months ago
I agree with Rachael, adding csrfProtection middleware can help prevent CSRF attacks.
upvoted 0 times
...
Rachael
11 months ago
I think the answer is A) Add csrfProtection middleware steps in the controller.
upvoted 0 times
...

Save Cancel