nerdexam
Salesforce

ARC-300 · Question #9

ARC-300 Question #9: Real Exam Question with Answer & Explanation

The correct answer is A. Ensure the CSRF protection is validated on form submission. D. Only use POST methods over HTTPS.. See the full explanation below for the reasoning.

Question

A B2C Commerce Developer has just finished implementing a new promotion code form on checkout. During review, an Architect notes that the form it not using CSRF validation correctly. Which two options are best practice recommendations for dealing with CSRF validation? Choose 2 answers

Exhibit

ARC-300 question #9 exhibit

Options

  • AEnsure the CSRF protection is validated on form submission.
  • BOnly use GET methods over HTTPS.
  • CAutomatically renew the CSRF Token if expired.
  • DOnly use POST methods over HTTPS.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full ARC-300 Practice