- Home
- Salesforce
- Salesforce Certified Sharing and Visibility Architect
- Salesforce.Sharing-and-Visibility-Architect.v2023-09-25.q115
- Question 59
Valid Sharing-and-Visibility-Architect Dumps shared by ExamDiscuss.com for Helping Passing Sharing-and-Visibility-Architect Exam! ExamDiscuss.com now offer the newest Sharing-and-Visibility-Architect exam dumps, the ExamDiscuss.com Sharing-and-Visibility-Architect exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Sharing-and-Visibility-Architect dumps with Test Engine here:
Access Sharing-and-Visibility-Architect Dumps Premium Version
(80 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 59/115
Which two are potential vulnerabilities in the following code snippet? <apex:page> <apex:form> <apex:outputText value="Enter Name"/> <apex:inputText value="{!name}" /> <apex:commandButton value="Query" action="{!query}" /> </apex:form> </apex:page> public class SOQLController { public String name { get { return name;} set {name=value;} } public PageReference query() { String qryString='SELECT Id FROM Contact WHERE '+ '(IsDeleted = false and Name like \'%' + name + '%\'}'; queryResult = Database.query(qryString); retunr null; } } Choose 2 answers
Correct Answer: C,D
- Question List (115q)
- Question 1: A banking company wants their customers Date of Birth Field ...
- 1 commentQuestion 2: The Architect notices that there are many duplicate Account ...
- Question 3: Universal Containers has Public Read Only sharing settings o...
- 4 commentQuestion 4: Universal Containers (UC) delivers training and courses to s...
- 1 commentQuestion 5: In order to comply with Regulatory Requirements, Universal C...
- 1 commentQuestion 6: Universal Container (UC) wants all full-time internal employ...
- 1 commentQuestion 7: Universal Containers (UC) operates worldwide with offices in...
- Question 8: Universal Containers keeps product brochures in Salesforce a...
- Question 9: Universal Containers has a set of Account Management users t...
- Question 10: Universal Containers has the following requirements: * The C...
- 1 commentQuestion 11: Universal Containers requested to leverage Lightning Web Com...
- 2 commentQuestion 12: Who can view a PDF that is uploaded to the Files Home privat...
- Question 13: Universal containers (UC) implemented a private organization...
- 3 commentQuestion 14: Universal Containers provides 24x7 support for its customers...
- Question 15: If you want to create some logic that will share certain rec...
- Question 16: Universal Containers has set the Org-Wide Sharing Default fo...
- Question 17: Which three areas should the Architect review in order to in...
- Question 18: User A at Universal Containers is in the default account tea...
- 1 commentQuestion 19: When writing test methods, what functionality is verified by...
- Question 20: A developer at Universal Container is building an integratio...
- Question 21: Universal Containers (UC) has Affiliates who sell containers...
- Question 22: Universal Container is a global Telco that has recently impl...
- 1 commentQuestion 23: Universal Containers is updating its Organization-Wide Shari...
- 1 commentQuestion 24: Sales Operations at Universal Containers (UC) has created Pu...
- Question 25: Which are two valid use cases for programmatic sharing? Choo...
- Question 26: Universal Containers has a custom Job object with a private ...
- Question 27: Universal Containers has created a custom object to store hi...
- Question 28: Universal Containers uses 75,000 distributors that have clos...
- Question 29: A sales rep at Universal Containers (UC) has manually shared...
- Question 30: The System Administrator at Universal Containers has created...
- Question 31: What advanced tool can Salesforce enable for Large-scale rol...
- Question 32: Sales managers want their team members to help each other cl...
- 2 commentQuestion 33: Sales operations at Universal Containers (UC) has created Pu...
- Question 34: Universal Containers (UC) tuned off the Customer User Visibi...
- Question 35: Universal containers (UC) has a partner community for its 20...
- Question 36: By Viewer Access you can see the data in a report or dashboa...
- 1 commentQuestion 37: Universal Containers (UC) is implementing Sales Cloud. Durin...
- 1 commentQuestion 38: A custom invoice object has been created with a master-detai...
- Question 39: In order to allow community users to collaborate on Opportun...
- 1 commentQuestion 40: Universal containers has a customer that meets criteria for ...
- Question 41: Universal Containers has recently implemented an integration...
- 1 commentQuestion 42: Universal Containers (UC) has a private Organization-Wide De...
- Question 43: Which two reasons should the Architect consider regarding th...
- Question 44: Universal Containers (UC) delivers training in 500 different...
- Question 45: Which two options can be selected to share data with when cr...
- Question 46: Users at Universal Containers are complaining that a field h...
- Question 47: Universal Containers does not want the Users in the Custom S...
- Question 48: The architect at Universal Containers is trying to ensure th...
- Question 49: Ursa Major Solar is writing test methods. Which functionalit...
- Question 50: What is the best practice for testing sharing and visibility...
- 3 commentQuestion 51: Universal Containers has a strict security model enforced th...
- Question 52: Sales Reps at Universal Containers sometimes create large fi...
- 4 commentQuestion 53: Universal Containers has a Performance Feedback custom objec...
- 1 commentQuestion 54: Universal Containers wants to store Payment Term Details on ...
- Question 55: Universal Containers (UC) has created a public group with ce...
- 1 commentQuestion 56: Universal Containers created a custom object called Defect a...
- Question 57: Universal Containers (UC) has a custom Apex class that enfor...
- Question 58: Which two objects support creating queues? Choose 2 answers....
- 2 commentQuestion 59: Which two are potential vulnerabilities in the following cod...
- Question 60: Which advanced tool should Salesforce enable for large-scale...
- Question 61: Which two settings are available in profiles, but not permis...
- Question 62: A banking company uses & VIP Flag in the Contact Object ...
- 2 commentQuestion 63: Universal Containers would like to customize the security an...
- Question 64: Bob uploads a PDF to his Files Home private library. Who can...
- 1 commentQuestion 65: Universal Containers (UC) works with a dealer network to sel...
- Question 66: What is a workaround to ownership data skew?...
- 2 commentQuestion 67: Universal Containers (UC) has a mostly private organization-...
- Question 68: The sales managers at the Universal Containers (UC) requeste...
- 2 commentQuestion 69: Universal Containers (UC) implemented Sales Cloud and reques...
- 1 commentQuestion 70: To grant Universal Containers sales managers access to shipm...
- Question 71: A Sales Rep at Universal Containers wants to create a dashbo...
- Question 72: In order to comply with regulatory requirements, Universal H...
- 1 commentQuestion 73: Which three capabilities are available with Enterprise Terri...
- Question 74: A custom invoice object has been created with a master-detai...
- 1 commentQuestion 75: Universal Container (UC) is in a legal dispute regarding sev...
- 4 commentQuestion 76: To grant Universal Containers sales manager access to shipme...
- Question 77: Dreamforce presenters need to be able to edit their presenta...
- 1 commentQuestion 78: Universal Containers uses Person Accounts to represent retai...
- 1 commentQuestion 79: What is the security vulnerability in the following code sni...
- Question 80: Universal Containers (UC) has a mostly Private organization-...
- 2 commentQuestion 81: The sales manager in Japan have asked the sales manager in A...
- 2 commentQuestion 82: Universal Containers has junction object called "Job Product...
- Question 83: Sales executives at Universal Containers (SC) want to create...
- Question 84: Below are some details regarding the organization at Univers...
- Question 85: Universal Containers has selected a small and diverse group ...
- Question 86: Universal Containers would like to store an encryption key w...
- Question 87: A sales coach at Universal Containers wants to create and sh...
- 2 commentQuestion 88: Assuming granular locking is enabled, what activity can happ...
- Question 89: Universal Containers (UC) has a team that analyzes customer ...
- Question 90: Universal Containers is implementing a community of High-Vol...
- 1 commentQuestion 91: Which method should be used to grant access to an unrelated ...
- Question 92: Universal Containers (UC) operates worldwide with offices in...
- Question 93: Universal Containers (UC) has 600 sales reps. UC has rollout...
- Question 94: Universal Containers (UC) sales managers are complaining tha...
- 1 commentQuestion 95: What vulnerability can exist when controllers use dynamic ra...
- 1 commentQuestion 96: Universal Containers has expanded to sell virtual containers...
- 1 commentQuestion 97: Universal Containers wants to create a way to store sensitiv...
- Question 98: Universal Containers (UC) enables customers to manage issues...
- Question 99: Susan posts a file to the chatter fees for a record of an ob...
- Question 100: A dummy user at Universal Containers owns more that 10,000 l...
- Question 101: Universal Containers (UC) has created a custom Invoice objec...
- Question 102: Jane, a support representative at Universal Containers, crea...
- 1 commentQuestion 103: Universal Containers has implemented a strict software archi...
- Question 104: Universal Containers has Controlled by Parent sharing settin...
- Question 105: Universal Containers (UC) has a custom object to track the i...
- 1 commentQuestion 106: Universal Container has developed a custom Visualforce page ...
- 2 commentQuestion 107: What feature in Salesforce is needed to restrict access to a...
- Question 108: Universal Containers (UC) has recently changed its internal ...
- Question 109: Universal Containers (UC) sales managers are complaining tha...
- 1 commentQuestion 110: A Visualforce controller has a requirement to be written wit...
- Question 111: Universal Containers has created a Reimbursement Custom Obje...
- Question 112: A user posts a file to the Chatter feed for a record of an o...
- Question 113: At Universal Containers there is a team of auditors distribu...
- 2 commentQuestion 114: The architect at Universal Containers would like to prevent ...
- 1 commentQuestion 115: Universal Containers created a public group with certain sal...
[×]
Download PDF File
Enter your email address to download Salesforce.Sharing-and-Visibility-Architect.v2023-09-25.q115.pdf
Recent Comments (The most recent comments are at the top.)
C. SOQL Injection: The vulnerability to SOQL Injection arises from the way the name variable is directly concatenated into the SOQL query string within the query method. This practice can allow malicious users to inject SOQL commands that could lead to unauthorized data access or manipulation. To mitigate this risk, it's recommended to use binding variables or escape single quotes in user input before including them in SOQL queries.
D. Data Access Control: The query being executed does not take into account the user's permissions on the Contact object or its fields. Salesforce recommends using the WITH SECURITY_ENFORCED clause in SOQL queries or checking object and field-level security programmatically before querying, to ensure compliance with the principle of least privilege and respect the organization's data access policies.
C. SOQL Injection
The code directly concatenates user input (name) into a SOQL query string without any form of sanitization or validation. This practice can allow malicious users to inject SOQL commands to alter the query's intention, potentially accessing unauthorized data or performing actions not intended by the application logic. For example, a user could input a string that closes the query and adds another query or condition that the developer did not intend.
B. FLS (Field-Level Security) check
The absence of Field-Level Security (FLS) checks in the code means that the application does not verify if the current user has the permissions to view or query the Name field on the Contact object. Ideally, the application should verify that the user has the appropriate permissions to ensure compliance with the organization's security policies and respect Salesforce's data protection mechanisms.