Adobe AD0-E709 Exam Practice Test Instant Access

Question 1

Which two techniques can be used to protect a storefront POST action against Cross Site Request Forgery (CSRF) attacks? (Choose two.)

AThe form sending data to that action needs to include a fornjtey parameter with a valid form key and the action must instantiate \Manento\Framwork\Data\ForumKey\Formkey\Validator validate it.

BThe action needs to implement \Mgento\Framework\App\CSrfAwareActioninterface and include the validateForCsrf method implementing the actual protection logic.

CThe form sending data to that action needs to include a form_key parameter with a valid form key which will automatically be used in a built-in CSRF validation.

DThe action needs to implement \Magento\Framework\App\ActionvHttpPosTActioninterface to trigger built-in CSRF validation.

Answer : B, D

Question 2

An Adobe Commerce Developer is tasked with writing an importer for a custom entity. After the work is complete and deployed, they start receiving complaints from their client that the importer does not work and fails every time they use it.

The developer realizes that the client is importing a file which does not match the format required for the importer to process correctly.

What two features would the developer add to this importer to prevent this? (Choose two.)

ASet up an example file and inject it into the ExampleFileProvider .

BSet up a try/catch in the importer to display a warning the file is not in the correct format.

CSet up validation by implementing a validateRow method in their importer.

DSet $needColumnCheck = true; and add column names to the $validColumnNames class properties.

Answer : C, D

Question 3

An Adobe Commerce Developer is tasked with creating a custom form which submits its data to a (rontend controller. They have decided to create an action and have implemented the\magnto\Framework\App\Action|HttpPostInterface class, but are not seeing the data being persisted in the database, and an error message is being shown on the frontend after submission.

After debugging and ensuring that The data persistence logic is correct, what may be cause and solution to this?

AMagento does not allow POST requests to a frontend controller, therefore, the submission functionality will need to be rewritten as an API endpoint.

BThe developer forgot to implement a ValidatePostData() method in their action. They should implement this method: all non-validated POST data gets stripped out of the request and an error is thrown.

CForm key validation runs on all non-AJAX POST requests, the developer needs to add the form_key to their requests.

Answer : B

Question 4

An Adobe Commerce developer has added an iframe and included a JavaScript library from an external domain to the website. After that they found the following error in the console:

Refused to frame IURLJ because it violates the Content Security Policy directive.

In order to fix this error, what would be the correct policy ids to add to the csp_whitelist.xmi file?

Adefault-src and object-src

Bframe-src and script-src

Cframe-ancentors and connect-src

Answer : A

Question 5

A logistics company with an Adobe Commerce extension sends a list of reviewed shipment fees to all its clients every month in a CSV file. The merchant then uploads this CSV file to a "file upload" field in admin configuration of Adobe Commerce.

What are the two requirements to display the "file upload' field and process the actual CSV import? (Choose two.)

ACreate an observer that listens to the adminhtml_config_system_save_after

BAdd a new field in etc.adminhtml/system.xml in my_Module with the file type:

CAdd a custom backend model which extends /Magento\Framework\App\Config\Value and call afterSave:

DAdd a new field in etc/adminhtml\system.xml in My_Module with a new custom type:

Answer : B, C

Question 6

When paying by Bank Transfer, there is a requirement to send an email to customer service with payment details, after the order is placed successfully. Which two events can be used to send an email during the order placement process? (Choose two.)

Asales_order_payment_pay

Bsales_model_service_auote_submit_before

Csales_model_service_quote_submit_success

Dsales_order_place_after

Answer : A, D

Question 7

An Adobe Commerce developer is developing a class that is executed in both the frontend and crontab areas. When executed in the frontend \Magnto\Customer\Model\session::getCu5tonteria() is called but when executed in the crontab this section of code is skipped.

Keeping performance and best practices in mind, what would be the best approach to achieve this?

AInject the \Magento\Customer\Model\Session\Proxy class in the constructor of their class and call the getCustomer id function wherever required in the class.

BDeclare \Magento\Customer\Model\Session in the constructor dependency of their class and declare a proxy in the di.xml. Then call the getCustomerid function wherever required in the class.

CDeclare \Magento\Customer\Model\.session in the constructor of their class dependency and call the getCustomrid() function wherever required.

Answer : B

Adobe AD0-E709 Adobe Commerce Developer Expert Exam Practice Test