Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Salesforce
  4. Developers
  5. CRT-450 Discussions
  6. CRT-450 Exam Topic 3 Question 27 Discussion
 Salesforce Discussions
Exam CRT-450 All Questions
Exam CRT-450 All Questions

View all questions & answers for the CRT-450 exam

Go to Exam

Salesforce Developers CRT-450 Question # 27 Topic 3 Discussion

CRT-450 Exam Topic 3 Question 27 Discussion:
Question #: 27
Topic #: 3

A developer is tasked to perform a security review of the ContactSearch Apex class that exists in the system. Within the class, the developer identifies the following method as a security threat:

ist performSearch (String lastName} [

return Database.query('SELECT Id, FirstName, LastName FROM Contact WHERE LastName Like

s'+lastName+'s'")?;

What are two ways the developer can update the method to prevent a SOQL injection attack?

Choose 2 answers
A.

Use variable binding and replace the dynamic query with a static SOQL.

B.

Use the sacapeSingleQuotes method to sanitize the parameter before its use.

C.

Use the ¢Readonly annotation and the with sharing keyword on the class.

D.

Use a regular expression on the parameter to remove special characters.

Get Premium CRT-450 Questions
Actual exam question for Salesforce CRT-450 exam by Lyric47879 at Apr 28, 2026, 1:07:16 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit