In the effort of improving the code quality, Universal Containers (UC) has asked a third-party system integrator to perform some independent code reviews. One piece of the feedback is the development team is seemingly not doing enough negative unit testing. Which are three usual symptoms of inadequate negative tests Choose 3 answers
Correct Answer: B,C,D
Explanation The usual symptoms of inadequate negative tests are the ones that indicate that the code is not handling the possible errors or exceptions that may occur in different scenarios. For example, when an Apex batch job runs at a scheduled time, an increased number of Apex execution errors occur over all1, this means that the code is not handling the possible concurrency issues, governor limits, or data quality issues that may arise when the job runs. Similarly, when an Apex process runs into an un-handled exception when an HTTP callout has an unexpected status code in the response body1, this means that the code is not handling the possible network issues, authentication issues, or API errors that may occur when making the callout. Another symptom is when developers constantly ask the testers for a screenshot of the error and the exact steps of reproducing the error1, this means that the code is not logging the error details or providing meaningful error messages to the users. Option A is incorrect because turning to the debug log for details of the failed Apex executions is not a symptom of inadequate negative tests, but a normal practice of debugging the code. Option E is incorrect because the delivered user interfaces are not meeting the expectations of the business users is not a symptom of inadequate negative tests, but a symptom of poor user interface design or incomplete requirements.
Cloud Kicks is switching to Salesforce from a different CRM. They have existing datasets for all standard Salesforce objects. In which optimized order should the architect recommend these objects be loaded?
Correct Answer: A
Explanation The optimized order to load the objects is: accounts, contacts, leads, products, opportunities, opportunity line items. This order follows the dependency and relationship rules among the objects, such as: accounts must be loaded before contacts, as contacts are related to accounts; leads must be loaded before opportunities, as opportunities can be converted from leads; products must be loaded before opportunity line items, as opportunity line items are related to products; and opportunities must be loaded before opportunity line items, as opportunity line items are related to opportunities. See [Data Import Order] for more details.
Universal Containers (UC) development team is developing a managed package for AppExchange. The product team has finished developing and testing, and wants to submit a Security Review. However, the product manager has concerns on the few errors from the Checkmarx code scanner. How should the product team proceed?
Correct Answer: A
Explanation The product team should review the Checkmarx errors and determine if they need to fix them or not. If the errors are false positives, meaning that they do not indicate a real security issue, the product team should mark them as such and attach an explanation, then submit the security review. This will help the Salesforce security review team to understand the rationale behind the code and avoid unnecessary rejections. The product team should not leave the errors to the Salesforce security review team, as they may reject the request if they find any potential security issue. The product team should not leave a partner support case, as this is not the proper channel for resolving code issues. The product team should not fix all the errors before submitting the security review, as some of them may not be relevant or critical, and fixing them may introduce new bugs or delays.
Universal Containers has five development teams. The performance of the teams has been good, but the number of bugs has been increasing. After each sprint, they need more time to understand the code and make changes. What are two ways to improve the performance? Choose 2 answers
Correct Answer: B,C
Explanation To improve the performance of the development teams, the following ways can be suggested: Define and follow code standards, and implement a sprint review process. Code standards can help ensure consistency, readability, and maintainability of the code, as well as reduce errors and bugs. A sprint review process can help evaluate the work done in each sprint, demonstrate the functionality, and gather feedback from the stakeholders and users.
All AppExchange products are subject to Salesforce security reviews. What is the most common reason that the prospect AppExchange products fail the security review?
Correct Answer: A
Explanation Cross-site scripting is the most common reason that the prospect AppExchange products fail the security review. Cross-site scripting (XSS) is a type of web application vulnerability that allows an attacker to inject malicious code into a web page that is viewed by other users. XSS can compromise the security and privacy of the users, as well as the functionality and performance of the application. Salesforce has strict security standards and policies for AppExchange products, and any product that has XSS vulnerabilities will not pass the security review. CRUD/FLS, session hacking, and SOQL injection are also security issues that can affect AppExchange products, but they are not as common or severe as XSS.
