Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Exam - Topic 2 Question 86 Discussion

In Log Center, a developer notes j number of Cross Site Request Forgery (CSRF) log entries.After adding the token in the 15ML template, which action might solve this problem'
C) Delete the existing CSRF allow list in Business Manager.
A) Add csrfProtection middleware steps in the controller
B) Extend the CSRF token validity to avoid timeouts.

Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Exam - Topic 2 Question 86 Discussion

Actual exam question for Salesforce's Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) exam
Question #: 86
Topic #: 2
[All Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions]

In Log Center, a developer notes j number of Cross Site Request Forgery (CSRF) log entries.

After adding the token in the 15ML template, which action might solve this problem'

Show Suggested Answer Hide Answer
Suggested Answer: C

by Stevie at Feb 11, 2025, 04:42 AM

Limited Time Offer

25%

Off

Get Premium Salesforce Certified B2C Commerce Cloud Developer (Comm-Dev-101) Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Richelle
6 months ago
Wait, does deleting the allow list really help? Sounds sketchy.
upvoted 0 times
...
Gaynell
6 months ago
I think adding middleware is a solid solution.
upvoted 0 times
...
Gail
7 months ago
Deleting the allow list? That sounds risky!
upvoted 0 times
...
Dino
7 months ago
I disagree, extending the token validity could just mask the issue.
upvoted 0 times
...
Erick
7 months ago
A seems like the right move to me.
upvoted 0 times
...
Izetta
7 months ago
Adding csrfProtection middleware sounds familiar, but I can't recall if we covered that as a solution specifically for log entries.
upvoted 0 times
...
Goldie
8 months ago
I feel like deleting the CSRF allow list might be too drastic. We practiced a similar question, and I think it was about adjusting settings rather than removing them.
upvoted 0 times
...
Margot
8 months ago
I think extending the CSRF token validity could help, but I wonder if it might just mask the underlying issue instead of solving it.
upvoted 0 times
...
Shaquana
8 months ago
I remember we discussed CSRF protection in class, but I'm not entirely sure if adding middleware is the right step here.
upvoted 0 times
...
Aja
8 months ago
I think the answer is A. Adding the csrfProtection middleware is the standard way to protect against CSRF attacks. The other options don't seem quite right to me.
upvoted 0 times
...
Rashida
8 months ago
I'm not entirely sure about this one. I know CSRF is a common security issue, but I'm not familiar with the specifics of how to address it in this context. I'll need to review my notes before answering.
upvoted 0 times
...
Alaine
8 months ago
Okay, I've got this. The key is to add the csrfProtection middleware in the controller, as option A suggests. That will ensure the CSRF token is properly validated for all requests.
upvoted 0 times
...
Catina
8 months ago
Hmm, I'm a bit confused by this one. I'm not sure if extending the CSRF token validity or deleting the allow list are the right approaches. I'll need to think this through carefully.
upvoted 0 times
...
Clorinda
8 months ago
This looks like a straightforward CSRF question. I think the answer is A - adding the csrfProtection middleware steps in the controller should solve the problem.
upvoted 0 times
...
Laurel
1 year ago
I'd go with option A, but only if I can also add a few extra layers of security, like a secret handshake and a decoder ring. You can never be too careful, you know?
upvoted 0 times
Isabella
11 months ago
User 4: Definitely, can't be too careful with CSRF attacks.
upvoted 0 times
...
Micaela
12 months ago
User 3: I agree, extra layers of security are always a plus.
upvoted 0 times
...
Judy
12 months ago
User 2: Yeah, adding csrfProtection middleware steps sounds like a good idea.
upvoted 0 times
...
Susana
1 year ago
User 1: I think option A is the way to go.
upvoted 0 times
...
...
Theron
1 year ago
Option A sounds like the way to go. After all, you can't spell 'CSRF' without 'CSR', so the middleware is clearly the key here.
upvoted 0 times
Marylyn
12 months ago
User 3: Definitely, adding the middleware will enhance security for sure.
upvoted 0 times
...
Dominga
1 year ago
User 2: Agreed, that seems like the best solution to prevent CSRF attacks.
upvoted 0 times
...
Rosendo
1 year ago
User 1: I think we should go with option A and add csrfProtection middleware steps in the controller.
upvoted 0 times
...
...
Leonora
1 year ago
Deleting the CSRF allow list? That's like trying to fix a leaky faucet by turning off the water supply. Not the best approach in my opinion.
upvoted 0 times
Corrina
12 months ago
C) Delete the existing CSRF allow list in Business Manager.
upvoted 0 times
...
Wenona
1 year ago
C) Delete the existing CSRF allow list in Business Manager.
upvoted 0 times
...
Jesusa
1 year ago
B) Extend the CSRF token validity to avoid timeouts.
upvoted 0 times
...
Pamela
1 year ago
B) Extend the CSRF token validity to avoid timeouts.
upvoted 0 times
...
Gerald
1 year ago
A) Add csrfProtection middleware steps in the controller
upvoted 0 times
...
Miles
1 year ago
A) Add csrfProtection middleware steps in the controller
upvoted 0 times
...
...
Freida
1 year ago
Extending the CSRF token validity might work, but that's just a temporary fix. It's better to implement the proper CSRF protection mechanisms to ensure long-term security.
upvoted 0 times
...
Tamar
1 year ago
Adding the CSRF token in the template is a good start, but we need to make sure the middleware is set up correctly to protect against CSRF attacks. Option A seems like the best solution here.
upvoted 0 times
Shay
1 year ago
I agree, setting up the csrfProtection middleware is crucial for preventing CSRF attacks.
upvoted 0 times
...
Buffy
1 year ago
C) Delete the existing CSRF allow list in Business Manager.
upvoted 0 times
...
Rodolfo
1 year ago
B) Extend the CSRF token validity to avoid timeouts.
upvoted 0 times
...
Chantay
1 year ago
A) Add csrfProtection middleware steps in the controller
upvoted 0 times
...
...
Juliann
1 year ago
I'm not sure, but extending the CSRF token validity could also be a good solution.
upvoted 0 times
...
Fidelia
1 year ago
I agree with Rachael, adding csrfProtection middleware can help prevent CSRF attacks.
upvoted 0 times
...
Rachael
1 year ago
I think the answer is A) Add csrfProtection middleware steps in the controller.
upvoted 0 times
...

Save Cancel