Salesforce CCM-101 Quiz 5 Topic 10 Questions 21-25

Question: 1

An Architect is performing an audit of production logs via Log Center and finds some potentially dangerous custom log output.

q1_CCM-101

In which two ways It this log output Improper In a production environment? Choose 2 answers

AThe log information includes the customer s card name as it appears along with the credit card number (PAN), which violates PCI.

BThe log information includes the customer's card CW (card security code) and expiration date, which violates PCI.

CInformation logs should not be used in a production environment

DThe log information includes the order number and customer s email, which violates PCI.

Show Answer

Question: 2

During implementation, the team found that there is a notification controller exposed for an external service that marks the order as paid when notification is received. The notification URL is sent to the service together with the payment request and contains only the URL with orderlD as the parameter.

What should the Architect recommend to the team in order to prevent the unauthorized usage of the controller to mark the orders as paid?

AAdd a customer number in the callback URL and match the customer number against the one stored on the order.

BAdd HTTPS restriction to the controller start node.

CAdd an order token in the callback URL and match the token against the one stored on the order.

DAdd a session attribute and validate it on the callback.

Show Answer

Question: 3

A developer is checking for Cross Site Scripting (XSS) and found that the quick search is not escaped (allows inclusion of Javascript) in the following script:

q3_CCM-101

How would the developer resolve this issue?

AReplace ' with double Quote*

BUse <isprint value='${searchPhrase}* encoding-'jshtmr />

CUse <isprint value='${searchPhrase} encoding-'jsblock' />

DUse <toprint value='${searchPhrase}' />

Show Answer

Question: 4

An Architect is documenting the technical design for a single B2C Commerce storefront. The Client has a business requirement to provide pricing that is customized to specific groups:

* 50 different pricing groups of customers

* 30 different pricing groups of employees

* 10 different pricing groups of vendors

Which items should the Architect include in the design in order to set applicable price books based on these requirements''

Choose 2 answers

A- 50 customer groups for customers
- 30 customer groups for employees
- 10 customer groups for vendors

B- One customer group and SO subgroups for customers
- One customer group and 30 subgroups for employees
- One customer group and 10 subgroups for vendors

C- One campaign and multiple promotions for each customer group

D- One promotion and 50 campaigns for customers
- One promotion and 30 campaigns for employees
- One promotion and 10 campaigns for vendors

Show Answer

Question: 5

An Architect to notify by the Business that order conversion dramatically dropped a few hours after go live. Further investigation points out that customers cannot proceed to checkout anymore. The Architect is aware that a custom inventory checks with a third-party API is enforced at the beginning of checkout, and that customers are redirected to the basket page when items are no longer in stock

Which tool can dearly confirm that the problem is indeed caused by the inventory check?

Salesforce CCM-101 Quiz:5 Topic:10 Questions:21-25