Evaluate the Current System

Question 1

Which web standards must be supported for SOAP API calls

Answer 1

WSDL 1.1, SOAP 1.1, WSI-Basic Profile 1.1, and HTTP

Question 2

When using outbound messaging, what should the remote listener be able to participate in?

Answer 2

Contract-first implementation

Question 3

What must exist in a remote system for Change Data Capture

Answer 3

Integration App

Question 4

What will be used when a remote timeout setting is not found for a connected app

Answer 4

It uses the session timeout value in the user’s profile, if available. Otherwise, it refers to the Session Settings in the org.

Question 5

What transpires in mutual authentication

Answer 5

The server and client validates each other’s identity in what is called an SSL handshake

Question 6

What can negatively affect an integration in a system landscape

Answer 6

Constraints and Pain Points

Question 7

What should be assessed when an issue is found with a user’s record access?

Answer 7

Salesforce features that grant record access, such as organization-wide defaults and sharing rules

Question 8

If there is an issue with the creation of orders in an ERP system based on closed opportunity data in Salesforce, what would be the most likely reason

Answer 8

The outbound integration that sends the opportunity data to the ERP system, such as an Apex callout or Enhanced External Service

Question 9

BThe development team of a company is building an internal application that needs to be integrated with its Salesforce org. It is required that the application communicates with Salesforce using HTTPS to ensure that data is encrypted over their private network. Furthermore, the SSL certificate should be easy to manage and have a long lifespan to minimize the number of renewals in a given period. Which of the following are valid considerations related to the requirement?

“A. When creating the certificate in Salesforce, the selected key size should be defined as 2048-bit keys”
“B. A self-signed certificate should be used to secure the communication between Salesforce and the application”
“C. A CA-signed certificate should be used to secure the communication between Salesforce and the application”
“D. When creating the certificate in Salesforce, the selected key size should be defined as 4096-bit keys”

Answer 9

B & D

Question 10

A large enterprise maintains an on-premises billing management system and backup data center protected by a firewall. Its sales team uses Salesforce to collect orders from customers and needs to be able to send data to the billing management system for generating invoices. Also, to ensure that Salesforce data are always backed up and recoverable, their data center should be able to initiate a backup process regularly on a scheduled basis. In this integration requirement, which of the following statements are valid considerations?\nChoose 2 answers.

A. Opening the firewall to allow inbound requests from Salesforce is a high-security risk
B. Using allowlisted IPs, 2-way SSL, and basic HTTP authentication are not recommended
C. An OAuth 2.0 authorization flow can be used in the automated data backup process
D. A middleware can be used by the data backup process using the REST API for efficiency

Answer 10

A & D

Question 11

Cosmic Tools recently started using Salesforce to manage its sales operations. The company has other enterprise systems, including an ERP (Enterprise Resource Planning) system and an SCM (Supply Chain Management) system. The company’s Salesforce developer has taken specific steps to improve the business processes utilized by Salesforce users, which are as follows:

A. The record-triggered flow on the Account object has been updating accounts using invalid data from the ERP system.
B. The integration via the third-party app is adding incomplete data to lead records.
C. Certain custom fields have been omitted from the Account and Lead page layouts.
D. Validation rules have been adding invalid data on accounts and leads.

Answer 11

A & B

Question 12

A developer is required to integrate a Salesforce certificate with a callout to a SOAP web service for authentication. Which of the following steps are required if a self-signed certificate has already been generated?\nChoose 3 answers.

A. Assign the certificate to a serverCertName_x variable on the instance of the stub class.
B. Assign the certificate to a clientCertName_x variable on the instance of the stub class.
C. Send the certificate to a certificate authority for signature.
D. Configure remote site setting for the callout.
E. Share the certificate with the third-party keystore.

Answer 12

B, D, E

Question 13

Cosmic Grocery uses Salesforce for opportunity management and an ERP system that supports REST API for order management. The following automated processes have been implemented:

A. Scheduled Apex
B. Apex REST Service
C. Lightning Web Component
D. Asynchronous Apex

Answer 13

A

Question 14

A company maintains a database system that is used for storing and managing application user credentials of all its employees. The company recently purchased Salesforce licenses and wants its employees to be able to access the org automatically when they are logged in to an application that is integrated with their database system. A solution architect of the company proposes to implement the authorization using the credentials that are already stored in the database system. This avoids users from having to manually log in the first time they want to use Salesforce. Which OAuth 2.0 flow best fits the requirement?\nChoose 1 answer.

A. OAuth 2.0 refresh token flow
B. OAuth 2.0 JSON web token flow
C. OAuth 2.0 username-password flow
D. OAuth 2.0 user credentials flow

Answer 14

D

Question 15

The Salesforce org of a financial company needs to be integrated with a public external system which adheres to the ‘zero trust’ model for heightened security. The ‘zero trust’ model is a security framework that requires strict identity verification and philosophically assumes that any user or device it interacts with is a potential threat. Which of the following is a valid statement regarding the type of certificate that should be used in the communication?\nChoose 1 answer.

A. A ‘Zero Trust’ certificate should be used to meet policies and regulations required by the security framework
B. A CA-signed certificate that is verified and validated by the external system should be used for enhanced security
C. A self-signed certificate is recommended so that both systems can easily identify themselves regardless of the request type
D. A mutual authentication certificate is best used so that both systems verify each other’s identity in any exchange

Answer 15

D

Question 16

A design firm has partnered with a marketing company that also uses Salesforce, and there is a requirement to allow sharing and accessing of records from each other’s orgs. In addition, the design firm needs to allow its Salesforce users to view and process data from a cloud based Enterprise Resource Planning (ERP) system. Which of the following considerations is valid in this integration requirement?\nChoose 1 answer.

A. A middleware should be used to handle the communication between the two orgs
B. Integration with the external application should be handled by Apex when possible
C. A REST-based Apex web service cannot be used when integrating two orgs together
D. A middleware is recommended for data transformation and error handling & retries

Answer 16

A

Question 17

Cosmic Smart Solutions recently completed a Salesforce implementation. The company uses an external application to streamline the security and sharing management of the data stored in multiple enterprise systems, including Salesforce. Certain authorized users can access the external application to view, create, and update profiles, permission sets, and sharing rules via SOAP API. However, the data steward has received complaints that the external application could be causing data security issues in Salesforce. Some associates in the sales department who should not have access can view accounts and contacts. Which of the following should be assessed to identify and eliminate the issue?\nChoose 2 answers.

A. Profiles
B. Permission Sets
C. Organization-Wide Defaults
D. Sharing Rules

Answer 17

A, B

Question 18

Cosmic Harvest uses an SCM (Supply Chain Management) system that stores information about the storage and movement of raw materials required by the company to manufacture food products. Certain Salesforce users should be able to access this information in real time using a Lightning web component created by a Salesforce developer. If a user must receive an immediate response from the SCM system, which of the following considerations are applicable for the use of Apex REST callouts for this use case?\nChoose 3 answers.

A. The SCM system must be able to participate in a contract-first implementation.
B. If the system landscape includes a middleware, it must support synchronous transport protocols.
C. The total number of callouts in a single Apex transaction initiated by the component should not exceed 100.
D. An Apex transaction consisting of REST callouts cannot span across multiple API calls.
E. The SCM system must be able to receive HTTP calls and be accessible over the public Internet.

Answer 18

B, C, E

Question 19

Cosmic Innovation uses Salesforce for managing its sales operations. Sales reps can access and update records such as accounts, contacts, and opportunities. System administrators have access to an external security management app that allows them to change sharing settings and give specific users ‘Read’ or ‘Read/Write’ access to records. However, it has been noticed that the sales reps who have not been given record access can suddenly edit all the opportunity records. All the sales reps have ‘Edit’ access to the Opportunity object via the same profile. Which of the following should be assessed to identify and eliminate the issue?\nChoose 2 answers.

A. Organization-wide default setting
B. Profile assigned to the sales reps
C. Permission sets assigned to the sales reps
D. Account and opportunity teams

Answer 19

A, C