Salesforce
CRT-450 · Question #54
CRT-450 Question #54: Real Exam Question with Answer & Explanation
Sign in or unlock CRT-450 to reveal the answer and full explanation for question #54. The question stem and answer options stay visible for context.
Question
A developer is tasked to perform a security review of the ContactSearch Apex class that exists in the system. Whithin the class, the developer identifies the following method as a security threat: List<Contact> performSearch(String lastName){ return Database.query('Select Id, FirstName, LastName FROM Contact WHERE LastName Like %'+lastName+'%); } What are two ways the developer can update the method to prevent a SOQL injection attack? Choose 2 answers
Options
- AUse variable binding and replace the dynamic query with a static SOQL.
- BUse the escapeSingleQuote method to sanitize the parameter before its use.
- CUse a regular expression on the parameter to remove special characters.
- DUse the @Readonly annotation and the with sharing keyword on the class.
Unlock CRT-450 to see the answer
You've previewed enough free CRT-450 questions. Unlock CRT-450 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.