ExamTopics Logo
Mail Us[email protected]
Menu
Salesforce Discussions
exam questions

Exam Certified Platform Developer II All Questions

View all questions & answers for the Certified Platform Developer II exam
Go to Exam

Exam Certified Platform Developer II topic 1 question 103 discussion

Actual exam question from Salesforce's Certified Platform Developer II
Question #: 103
Topic #: 1
[All Certified Platform Developer II Questions]

Which statement is true regarding the use of user input as part of a dynamic SOQL query?

  • A. Free text input should not be allowed, to avoid SOQL injection
  • B. The String.format() method should be used to prevent injection
  • C. Quotes should be escaped to protect against SOQL injection
  • D. The string should be URL encoded by the input form to prevent errors
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by lorenac2 at Dec. 30, 2022, 3:03 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
lorenac2
11 months, 1 week ago
Selected Answer: C
Use the escapeSingleQuotes method to sanitize user-supplied input. Reference: https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/pages_security_tips_soql_injection.htm
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel