Evaluate the Current System Flashcards
Which web standards must be supported for SOAP API calls
WSDL 1.1, SOAP 1.1, WSI-Basic Profile 1.1, and HTTP
When using outbound messaging, what should the remote listener be able to participate in?
Contract-first implementation
What must exist in a remote system for Change Data Capture
Integration App
What will be used when a remote timeout setting is not found for a connected app
It uses the session timeout value in the user’s profile, if available. Otherwise, it refers to the Session Settings in the org.
What transpires in mutual authentication
The server and client validates each other’s identity in what is called an SSL handshake
What can negatively affect an integration in a system landscape
Constraints and Pain Points
What should be assessed when an issue is found with a user’s record access?
Salesforce features that grant record access, such as organization-wide defaults and sharing rules
If there is an issue with the creation of orders in an ERP system based on closed opportunity data in Salesforce, what would be the most likely reason
The outbound integration that sends the opportunity data to the ERP system, such as an Apex callout or Enhanced External Service
BThe development team of a company is building an internal application that needs to be integrated with its Salesforce org. It is required that the application communicates with Salesforce using HTTPS to ensure that data is encrypted over their private network. Furthermore, the SSL certificate should be easy to manage and have a long lifespan to minimize the number of renewals in a given period. Which of the following are valid considerations related to the requirement?
“A. When creating the certificate in Salesforce, the selected key size should be defined as 2048-bit keys”
“B. A self-signed certificate should be used to secure the communication between Salesforce and the application”
“C. A CA-signed certificate should be used to secure the communication between Salesforce and the application”
“D. When creating the certificate in Salesforce, the selected key size should be defined as 4096-bit keys”
B & D
A large enterprise maintains an on-premises billing management system and backup data center protected by a firewall. Its sales team uses Salesforce to collect orders from customers and needs to be able to send data to the billing management system for generating invoices. Also, to ensure that Salesforce data are always backed up and recoverable, their data center should be able to initiate a backup process regularly on a scheduled basis. In this integration requirement, which of the following statements are valid considerations?\nChoose 2 answers.
A. Opening the firewall to allow inbound requests from Salesforce is a high-security risk
B. Using allowlisted IPs, 2-way SSL, and basic HTTP authentication are not recommended
C. An OAuth 2.0 authorization flow can be used in the automated data backup process
D. A middleware can be used by the data backup process using the REST API for efficiency
A & D
Cosmic Tools recently started using Salesforce to manage its sales operations. The company has other enterprise systems, including an ERP (Enterprise Resource Planning) system and an SCM (Supply Chain Management) system. The company’s Salesforce developer has taken specific steps to improve the business processes utilized by Salesforce users, which are as follows:
A. The record-triggered flow on the Account object has been updating accounts using invalid data from the ERP system.
B. The integration via the third-party app is adding incomplete data to lead records.
C. Certain custom fields have been omitted from the Account and Lead page layouts.
D. Validation rules have been adding invalid data on accounts and leads.
A & B
A developer is required to integrate a Salesforce certificate with a callout to a SOAP web service for authentication. Which of the following steps are required if a self-signed certificate has already been generated?\nChoose 3 answers.
A. Assign the certificate to a serverCertName_x variable on the instance of the stub class.
B. Assign the certificate to a clientCertName_x variable on the instance of the stub class.
C. Send the certificate to a certificate authority for signature.
D. Configure remote site setting for the callout.
E. Share the certificate with the third-party keystore.
B, D, E
Cosmic Grocery uses Salesforce for opportunity management and an ERP system that supports REST API for order management. The following automated processes have been implemented:
A. Scheduled Apex
B. Apex REST Service
C. Lightning Web Component
D. Asynchronous Apex
A
A company maintains a database system that is used for storing and managing application user credentials of all its employees. The company recently purchased Salesforce licenses and wants its employees to be able to access the org automatically when they are logged in to an application that is integrated with their database system. A solution architect of the company proposes to implement the authorization using the credentials that are already stored in the database system. This avoids users from having to manually log in the first time they want to use Salesforce. Which OAuth 2.0 flow best fits the requirement?\nChoose 1 answer.
A. OAuth 2.0 refresh token flow
B. OAuth 2.0 JSON web token flow
C. OAuth 2.0 username-password flow
D. OAuth 2.0 user credentials flow
D
The Salesforce org of a financial company needs to be integrated with a public external system which adheres to the ‘zero trust’ model for heightened security. The ‘zero trust’ model is a security framework that requires strict identity verification and philosophically assumes that any user or device it interacts with is a potential threat. Which of the following is a valid statement regarding the type of certificate that should be used in the communication?\nChoose 1 answer.
A. A ‘Zero Trust’ certificate should be used to meet policies and regulations required by the security framework
B. A CA-signed certificate that is verified and validated by the external system should be used for enhanced security
C. A self-signed certificate is recommended so that both systems can easily identify themselves regardless of the request type
D. A mutual authentication certificate is best used so that both systems verify each other’s identity in any exchange
D