Free Salesforce Platform developer I Practice Exam
Try our 60 question practice exam to see if you are ready to take on the real exam.
- Professionally written questions by Salesforce Developer, Alex Crisp.
- Explanations and links to additional learning resources are included to ensure you are set for success.
- 100% free practice questions.

Start the Free Practice Questions
Click the button below to launch the exam.
There is a 105 minute time limit, 68% is the official passing score.
Quiz-summary
0 of 60 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
Information
Good luck!
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 60 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Data Modelling and Management 0%
- Process Automation and Logic 0%
- Salesforce Fundamentals 0%
- Testing, Debugging, and Deployment 0%
- User Interface 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- Answered
- Review
-
Question 1 of 60
1. Question
You are working for a large paint distributor and have been requested that whenever an Opportunity is created with a value over £10000 to automatically set the owner to the Sales Team Leader. What automation tool is best suited to this task?
Correct
While all the options presented can fulfill this task, a Before-save flow is the best option in this scenario.
While Workflow rules and Process Builders have been a tool of choice for this type of automation for many years, these two tools have been deprecated and so any new functionality should not be built on them. Instead, a Flow should be used as this is the replacement technology. An Apex Trigger is not a valid choice here since it would increase the maintenance overhead of a solution which can easily be achieved in the platform’s low-code tools.
References:
Incorrect
While all the options presented can fulfill this task, a Before-save flow is the best option in this scenario.
While Workflow rules and Process Builders have been a tool of choice for this type of automation for many years, these two tools have been deprecated and so any new functionality should not be built on them. Instead, a Flow should be used as this is the replacement technology. An Apex Trigger is not a valid choice here since it would increase the maintenance overhead of a solution which can easily be achieved in the platform’s low-code tools.
References:
-
Question 2 of 60
2. Question
As a developer, you wish to utilise scratch orgs to streamline the development process within your team. What are the requirements to do this?
Correct
To utilise scratch orgs, the Dev Hub must be enabled in an org to allow scratch orgs to be created. Each developer wishing to create scratch orgs from that Dev Hub must have a user with the correct permissions to manage scratch orgs and access the scratch org objects in that org. Using the Salesforce CLI this user can login into the Dev Hub and be used to request the creation of scratch orgs.
References:
Incorrect
To utilise scratch orgs, the Dev Hub must be enabled in an org to allow scratch orgs to be created. Each developer wishing to create scratch orgs from that Dev Hub must have a user with the correct permissions to manage scratch orgs and access the scratch org objects in that org. Using the Salesforce CLI this user can login into the Dev Hub and be used to request the creation of scratch orgs.
References:
-
Question 3 of 60
3. Question
A developer wishes to write a single Apex method which can process both Opportunity and Lead records, what would be the correct method signature?
Correct
If we wish for a method or a variable to be able accept any type of Salesforce Object, we use the SObject type class. All Salesforce Objects extend the generic SObject class and so, when a method must accept different types of objects, we must define our datatype to be the generic SObject type instead.
While it is true that we could also use 2 – Object data type – since everything in Apex extends this type, it would allow our method to take in unnecessary data types, such as Boolean or String.
Incorrect
If we wish for a method or a variable to be able accept any type of Salesforce Object, we use the SObject type class. All Salesforce Objects extend the generic SObject class and so, when a method must accept different types of objects, we must define our datatype to be the generic SObject type instead.
While it is true that we could also use 2 – Object data type – since everything in Apex extends this type, it would allow our method to take in unnecessary data types, such as Boolean or String.
-
Question 4 of 60
4. Question
A developer wishes to streamline the setting up of data for their test class. How could this be achieved? (Select 2)
Correct
When we write our unit tests, one of the most important and time-consuming steps is setting up test data. Two strategies to help reduce the effort required is to utilise a test data factory and to utilise a @TestSetup annotated method within our test class.
A test data factory is a class that we set up, which contains several different methods designed specifically to create generic records and their dependencies exclusively for use within test classes. This greatly increases the ease of setting up records for our tests.
The @TestSetup annotated method within a test class is designed entirely for the setting up of data within the test. This method is called before any tests are run and allows the test records to be created before the tests themselves are run. It also creates a snapshot of the created data which is rolled back to, so after each test method has been run each test gets a fresh set of data, much quicker than having to set it up itself.
References:
Incorrect
When we write our unit tests, one of the most important and time-consuming steps is setting up test data. Two strategies to help reduce the effort required is to utilise a test data factory and to utilise a @TestSetup annotated method within our test class.
A test data factory is a class that we set up, which contains several different methods designed specifically to create generic records and their dependencies exclusively for use within test classes. This greatly increases the ease of setting up records for our tests.
The @TestSetup annotated method within a test class is designed entirely for the setting up of data within the test. This method is called before any tests are run and allows the test records to be created before the tests themselves are run. It also creates a snapshot of the created data which is rolled back to, so after each test method has been run each test gets a fresh set of data, much quicker than having to set it up itself.
References:
-
Question 5 of 60
5. Question
A developer has an @AuraEnabled method that is frequently used in several Lightning Web Components. It performs some complex calculations based on data stored within custom metadata. Unless these values change, this method will always return the same result. How can the developer improve the runtime performance of Lightning Components utilising this method?
Correct
When we wish to flag an Apex method as cacheable, so the result should be cached client side, we must modify our Apex method to indicate so. We do this by adding the “cacheable = true” parameter to the @AuraEnabled annotation.
The setStorable method must be used if we wish for an Apex action to be cached within an Aura component, however there is no such requirement when we are working with LWCs.
References:
Incorrect
When we wish to flag an Apex method as cacheable, so the result should be cached client side, we must modify our Apex method to indicate so. We do this by adding the “cacheable = true” parameter to the @AuraEnabled annotation.
The setStorable method must be used if we wish for an Apex action to be cached within an Aura component, however there is no such requirement when we are working with LWCs.
References:
-
Question 6 of 60
6. Question
What data types can a SOQL query return? (Select 3)
Correct
The SOQL engine within Apex is incredibly flexible in how we can call it, and how it returns data for us to consume with the code. The most common return type is a List<SObjects>, this will be when a simple query is run. The SObject return type can be used when a query is known to return a single record only, for example when using a LIMIT 1 or querying for a specific ID. The integer return type is used when we use the COUNT query function.
References:
Incorrect
The SOQL engine within Apex is incredibly flexible in how we can call it, and how it returns data for us to consume with the code. The most common return type is a List<SObjects>, this will be when a simple query is run. The SObject return type can be used when a query is known to return a single record only, for example when using a LIMIT 1 or querying for a specific ID. The integer return type is used when we use the COUNT query function.
References:
-
Question 7 of 60
7. Question
What considerations must a developer make when working in a multi-tenant environment?
Correct
The multi-tenant architecture within Salesforce presents developers with several considerations that must be taken when they are writing code for the platform.
The design of the multi-tenant system prevents any data from being accessed outside it’s intended org, which means additional security considerations (outside the usual ones) aren’t required, simply because of the multi-tenant nature.
The platform resources are, however, shared and all orgs within instances are using the same CPUs and memory for all of their Apex operations and it is here where the considerations must be made. These considerations are to ensure that Apex code is performant as any code deemed to be using excessive resources (as defined by the governor limits) will be terminated to prevent it from monopolising resources and causing detrimental effects on other tenants.
References:
Incorrect
The multi-tenant architecture within Salesforce presents developers with several considerations that must be taken when they are writing code for the platform.
The design of the multi-tenant system prevents any data from being accessed outside it’s intended org, which means additional security considerations (outside the usual ones) aren’t required, simply because of the multi-tenant nature.
The platform resources are, however, shared and all orgs within instances are using the same CPUs and memory for all of their Apex operations and it is here where the considerations must be made. These considerations are to ensure that Apex code is performant as any code deemed to be using excessive resources (as defined by the governor limits) will be terminated to prevent it from monopolising resources and causing detrimental effects on other tenants.
References:
-
Question 8 of 60
8. Question
What is the result if the following trigger is executed for 50 records?
Correct
The variables which are present within a Trigger are dependent on the current trigger context. In this case we are operating in a Before Insert context, this means the record hasn’t been inserted into the database yet and so there can be no old value for the record, and so the Trigger will throw a null pointer exception on line 2.
References:
Incorrect
The variables which are present within a Trigger are dependent on the current trigger context. In this case we are operating in a Before Insert context, this means the record hasn’t been inserted into the database yet and so there can be no old value for the record, and so the Trigger will throw a null pointer exception on line 2.
References:
-
Question 9 of 60
9. Question
Which of the following method signatures allows an Apex method to be used by the wire service?
Correct
The Wire service is designed to provision a component with an immutable stream of data to a component that is ever updating. Because of this, the values returned by the Apex methods must be cached and so we must always annotate a method intended to be used by the Wire service with @AuraEnabled (cacheable = true).
References:
Incorrect
The Wire service is designed to provision a component with an immutable stream of data to a component that is ever updating. Because of this, the values returned by the Apex methods must be cached and so we must always annotate a method intended to be used by the Wire service with @AuraEnabled (cacheable = true).
References:
-
Question 10 of 60
10. Question
You have been requested to generate a simple PDF displaying line items for an Opportunity. How can you best achieve this?
Correct
Visualforce pages are the only on-platform technology that can be used to render PDFs, and since the PDF to be generated here is simple, utilising this functionality is the best approach.
For more complex PDFs, utilising an AppExchange app would be preferred since it wouldn’t require developers to build something from scratch, and instead would only require installing an App.
References:
Incorrect
Visualforce pages are the only on-platform technology that can be used to render PDFs, and since the PDF to be generated here is simple, utilising this functionality is the best approach.
For more complex PDFs, utilising an AppExchange app would be preferred since it wouldn’t require developers to build something from scratch, and instead would only require installing an App.
References:
-
Question 11 of 60
11. Question
What tools can be used to develop Lightning Web Components?
Correct
Outside of reviewing code from inbound changesets, there is no way to view Lightning Web Components on the platform. Instead, we must utilise an external tool to view the source code for these. The Salesforce extension pack for VSCode is one such tool for this. While the extension pack utilises the Salesforce CLI for a lot of its operations, the CLI on it’s own isn’t capable of reviewing the source code for LWCs and is instead used to communicate with the Salesforce servers (e.g. deploying and retrieving the LWCs), but not for writing the code directly.
References:
Incorrect
Outside of reviewing code from inbound changesets, there is no way to view Lightning Web Components on the platform. Instead, we must utilise an external tool to view the source code for these. The Salesforce extension pack for VSCode is one such tool for this. While the extension pack utilises the Salesforce CLI for a lot of its operations, the CLI on it’s own isn’t capable of reviewing the source code for LWCs and is instead used to communicate with the Salesforce servers (e.g. deploying and retrieving the LWCs), but not for writing the code directly.
References:
-
Question 12 of 60
12. Question
You have an @AuraEnabled method which accepts an SObject from a Lightning Component which will be inserted, how can you easily sanitise the user’s input?
Correct
The Security class methods are designed explicitly for easily enforcing the FLS of the current user by stripping anything which is not accessible in the defined context.
While checking each field’s accessibility using the DescribeSObjectResult for the SObject is a valid approach, it is far more verbose and requires a lot more code to achieve the same results as utilising the Security.stripInaccessible() methods.
References:
Incorrect
The Security class methods are designed explicitly for easily enforcing the FLS of the current user by stripping anything which is not accessible in the defined context.
While checking each field’s accessibility using the DescribeSObjectResult for the SObject is a valid approach, it is far more verbose and requires a lot more code to achieve the same results as utilising the Security.stripInaccessible() methods.
References:
-
Question 13 of 60
13. Question
As a developer you have been tasked with creating a simple record form to create Cases on a private community page, how could you best achieve this?
Correct
To easily create record forms, a lightning-record-form component is the best choice. This component can be used to rapidly create forms based on a list of fields or layouts for an object choice, which can allow admins to maintain the forms without requiring developer intervention.
References:
Incorrect
To easily create record forms, a lightning-record-form component is the best choice. This component can be used to rapidly create forms based on a list of fields or layouts for an object choice, which can allow admins to maintain the forms without requiring developer intervention.
References:
-
Question 14 of 60
14. Question
What benefits are there to using the Lightning Web Component Framework? (Choose 4)
Correct
The Lightning Web Component framework has been built on top of the Web Components web standard, with a focus on writing standard JavaScript and HTML. This lets the framework be lightweight and have lightning-fast performance.
The use of Web Components allows code to be designed and built quicker, by utilising the compositional nature of Web Components, alongside an ever growing library of base components.
References:
Incorrect
The Lightning Web Component framework has been built on top of the Web Components web standard, with a focus on writing standard JavaScript and HTML. This lets the framework be lightweight and have lightning-fast performance.
The use of Web Components allows code to be designed and built quicker, by utilising the compositional nature of Web Components, alongside an ever growing library of base components.
References:
-
Question 15 of 60
15. Question
Which of the following uses the correct naming convention to be used for naming CustomEvent fired from Lightning Web Components using dispatch event?
Correct
The naming scheme for events within Lightning Web Components follows the DOM event standard. This means that all event names must not use uppercase letters, have no spaces, and use underscores to separate words.
References:
Incorrect
The naming scheme for events within Lightning Web Components follows the DOM event standard. This means that all event names must not use uppercase letters, have no spaces, and use underscores to separate words.
References:
-
Question 16 of 60
16. Question
You have been tasked with creating a process which sends a very large number of emails to Contacts within an Org, how best could this be achieved?
Correct
For a complex task such as this, the first step should be investigating whether there has been an app released on the AppExchange which fits your use case. If there are no suitable AppExchange apps, only then should custom development be considered.
Incorrect
For a complex task such as this, the first step should be investigating whether there has been an app released on the AppExchange which fits your use case. If there are no suitable AppExchange apps, only then should custom development be considered.
-
Question 17 of 60
17. Question
Which of the following statements are true about formula fields? (Choose 2)
Correct
Formula fields are special fields within Salesforce, regardless of how they are accessed, their value is only calculated when they are accessed. If they are accessed within Apex or a Flow, this may be the first time they are accessed, such as when the field was queried. However, in Apex these values can be requested to be recalculated.
Fields referenced within a formula can reference other objects by using relationship spanning fields, i.e. referencing the Account Name from a formula on Contact would be done using “Account.Name”.
Formula fields have a compile time maximum character limit of 3900 characters, this limit can be extended by referencing other formulas, however there is a compile time maximum limit on the size of the formula (5000 bytes), which considers other formula field’s size.
References:
Incorrect
Formula fields are special fields within Salesforce, regardless of how they are accessed, their value is only calculated when they are accessed. If they are accessed within Apex or a Flow, this may be the first time they are accessed, such as when the field was queried. However, in Apex these values can be requested to be recalculated.
Fields referenced within a formula can reference other objects by using relationship spanning fields, i.e. referencing the Account Name from a formula on Contact would be done using “Account.Name”.
Formula fields have a compile time maximum character limit of 3900 characters, this limit can be extended by referencing other formulas, however there is a compile time maximum limit on the size of the formula (5000 bytes), which considers other formula field’s size.
References:
-
Question 18 of 60
18. Question
You have been tasked with importing data from a legacy CRM system into a new Salesforce org. The legacy CRM system had database tables analogous to the Account, Contact and Opportunity objects within Salesforce. How could you best ensure the relationships are preserved during this data migration?
Correct
External Ids allow flagging a field as an Id which is used within an external system. This allows the field to be utilised in Upsert calls, where instead of specifying the Salesforce Id for a relationship field, the external Id can be used instead. The external Id is then used to find the record within Salesforce and the relationship field value gets replaced with its Salesforce Id instead. This type of operation is supported by the Data Loader tool.
Utilising manual methods of doing this match introduces the risk of human error when re-establishing the relationships.
References:
Incorrect
External Ids allow flagging a field as an Id which is used within an external system. This allows the field to be utilised in Upsert calls, where instead of specifying the Salesforce Id for a relationship field, the external Id can be used instead. The external Id is then used to find the record within Salesforce and the relationship field value gets replaced with its Salesforce Id instead. This type of operation is supported by the Data Loader tool.
Utilising manual methods of doing this match introduces the risk of human error when re-establishing the relationships.
References:
-
Question 19 of 60
19. Question
Which of the following code snippets correctly defines a new custom exception?
Correct
A custom exception is a class (either inner or top level) which extends the built in Exception class. The only restriction is that the class name ends with “Exception” however, there are no other limitations around the custom class, that is they can have their own methods, constructors, or member variables as required.
References:
Incorrect
A custom exception is a class (either inner or top level) which extends the built in Exception class. The only restriction is that the class name ends with “Exception” however, there are no other limitations around the custom class, that is they can have their own methods, constructors, or member variables as required.
References:
-
Question 20 of 60
20. Question
Which action can be performed in a before insert trigger?
Correct
When we are operating on the Trigger.New context variable in a before operation we have access to, and can modify the Trigger.New object field values. These changes are done before the data is committed to the database, and any modifications to Trigger.New will go on to be committed to the database when the transaction ends.
Since the trigger context is a before insert, no records have been assigned an Id yet, so DML operations on these records cannot be performed, and instead would need to be performed in an after context.
References:
Incorrect
When we are operating on the Trigger.New context variable in a before operation we have access to, and can modify the Trigger.New object field values. These changes are done before the data is committed to the database, and any modifications to Trigger.New will go on to be committed to the database when the transaction ends.
Since the trigger context is a before insert, no records have been assigned an Id yet, so DML operations on these records cannot be performed, and instead would need to be performed in an after context.
References:
-
Question 21 of 60
21. Question
Which of the following statements is true about Flows? (Choose 2)
Correct
Flows can be invoked from numerous different sources; these can be split into two categories. Screen based flows which combine automated processes with screens presented to a user. The other type are headless flows, these run without any user interface, just like Apex triggers.
Headless flows have many invocation mechanisms, which can be further categorised into record triggered, scheduled, and externally triggered. Like the name suggests, record triggered flows are triggered from record actions, such as save or update, and can operate in both a before and after save context. Scheduled flows are time-based flows, invoked at a specific time or interval. Lastly invokable flows are invoked via something external to the flow, this could be another flow, a process builder, Apex or via the API.
While test coverage is generated for flows, it is not a requirement to get 75% test coverage for a flow to be deployed to production, unlike Apex.
References:
Incorrect
Flows can be invoked from numerous different sources; these can be split into two categories. Screen based flows which combine automated processes with screens presented to a user. The other type are headless flows, these run without any user interface, just like Apex triggers.
Headless flows have many invocation mechanisms, which can be further categorised into record triggered, scheduled, and externally triggered. Like the name suggests, record triggered flows are triggered from record actions, such as save or update, and can operate in both a before and after save context. Scheduled flows are time-based flows, invoked at a specific time or interval. Lastly invokable flows are invoked via something external to the flow, this could be another flow, a process builder, Apex or via the API.
While test coverage is generated for flows, it is not a requirement to get 75% test coverage for a flow to be deployed to production, unlike Apex.
References:
-
Question 22 of 60
22. Question
Which of the following code blocks is correct for executing a SOSL query within Apex?
Correct
SOSL queries return a List<List<SObject>>, with each list being the results for a specific SObject type, the order of which is the same as defined within the query. I.e. if Account was the third SObject in the RETURNING clause, the list at the second index would be a list of the Account results. This is because SOSL queries are performed against multiple objects at once.
References:
Incorrect
SOSL queries return a List<List<SObject>>, with each list being the results for a specific SObject type, the order of which is the same as defined within the query. I.e. if Account was the third SObject in the RETURNING clause, the list at the second index would be a list of the Account results. This is because SOSL queries are performed against multiple objects at once.
References:
-
Question 23 of 60
23. Question
What would the value of the instance variable “foo” be after the third execution of the following batch class?
Correct
The instance variable is initially initialised as 1 during the constructor of the batch class. This is then incremented by 1 for each execute method run. Since this batch class also implements Database.Stateful, the instance variables of this class are preserved after each execute method call, hence why the output value is 4.
References:
Incorrect
The instance variable is initially initialised as 1 during the constructor of the batch class. This is then incremented by 1 for each execute method run. Since this batch class also implements Database.Stateful, the instance variables of this class are preserved after each execute method call, hence why the output value is 4.
References:
-
Question 24 of 60
24. Question
In which Salesforce environments can Lightning Components be used? (Choose 3)
Correct
Lightning Components can be exposed in a wide number of places across the Salesforce ecosystem, with the main target’s being the Lightning Experience, Experiences and in the Salesforce Mobile App.
Lightning Components cannot natively be used within Salesforce Classic, instead Visualforce pages must be used which can load Lightning Components via Lightning Out.
There are a large number of other places where Lightning Components can be used.
References:
Incorrect
Lightning Components can be exposed in a wide number of places across the Salesforce ecosystem, with the main target’s being the Lightning Experience, Experiences and in the Salesforce Mobile App.
Lightning Components cannot natively be used within Salesforce Classic, instead Visualforce pages must be used which can load Lightning Components via Lightning Out.
There are a large number of other places where Lightning Components can be used.
References:
-
Question 25 of 60
25. Question
Can Lightning Components subscribe to Platform Events?
Correct
Lightning Components can make use of the EMP API to subscribe to any type of platform event published, this can include generic events and Change Data Capture events.
References:
Incorrect
Lightning Components can make use of the EMP API to subscribe to any type of platform event published, this can include generic events and Change Data Capture events.
References:
-
Question 26 of 60
26. Question
What would be the result of executing the following Apex test?
Correct
When running a query which returns no rows, a “List has no rows for assignment to SObject” error will be thrown. An index out of bounds error would not be thrown in this scenario since we are not directly trying to access an element from an array.
References:
Incorrect
When running a query which returns no rows, a “List has no rows for assignment to SObject” error will be thrown. An index out of bounds error would not be thrown in this scenario since we are not directly trying to access an element from an array.
References:
-
Question 27 of 60
27. Question
Which of the following statements should be added to the following for loop to exit the loop – on line 10 – when a matching record is first found?
Correct
To exit out of a for loop early we can use the “break” statement which stops any code after it, and any additional items which would have been looped over from being run.
The “continue” statement is used when we wish to exit the current loop iteration early and progress onto the next one.
References:
Incorrect
To exit out of a for loop early we can use the “break” statement which stops any code after it, and any additional items which would have been looped over from being run.
The “continue” statement is used when we wish to exit the current loop iteration early and progress onto the next one.
References:
-
Question 28 of 60
28. Question
Which of the following snippets can be used to obtain the Stage picklist values on the Opportunity object?
Correct
To access field metadata within Apex we use the FieldDescribeResult for the field we are interested in, this can be accessed declaratively as in the answer to this question, or programmatically as shown below.
We access the picklist values of a field by calling the getPicklistValues() method on it’s describe result, this returns us a List of PicklistEntry which we can use as desired.
References:
Incorrect
To access field metadata within Apex we use the FieldDescribeResult for the field we are interested in, this can be accessed declaratively as in the answer to this question, or programmatically as shown below.
We access the picklist values of a field by calling the getPicklistValues() method on it’s describe result, this returns us a List of PicklistEntry which we can use as desired.
References:
-
Question 29 of 60
29. Question
You have been tasked with writing a utility class which can be called from multiple contexts, for example while running as an Experience User and an internal user who should see all records. Which sharing declaration should be used in your class to facilitate this?
Correct
There are three sharing keywords available in Apex, With, Without and Inherited. With and Without sharing explicitly run a class with or without sharing enforced. The third, Inherited, is a little different; Inherited sharing takes on the sharing declaration of the class which has executed the code, so if a class with sharing enforced calls a method in a class with inherited sharing, the inherited sharing class code would run with sharing enforced. This is really useful for when the sharing model to be used isn’t known at design time, or the code is built to be called from varying places within the system.
References:
Incorrect
There are three sharing keywords available in Apex, With, Without and Inherited. With and Without sharing explicitly run a class with or without sharing enforced. The third, Inherited, is a little different; Inherited sharing takes on the sharing declaration of the class which has executed the code, so if a class with sharing enforced calls a method in a class with inherited sharing, the inherited sharing class code would run with sharing enforced. This is really useful for when the sharing model to be used isn’t known at design time, or the code is built to be called from varying places within the system.
References:
-
Question 30 of 60
30. Question
A custom field was added to Opportunity which has become redundant due to new business processes. What must be done before deleting the field?
Correct
Before a field can be deleted all references to that field must be removed. These references could be found within declarative tools, such as reports and flows, or within code. Attempting to delete the field which is referenced elsewhere will throw an error.
References:
Incorrect
Before a field can be deleted all references to that field must be removed. These references could be found within declarative tools, such as reports and flows, or within code. Attempting to delete the field which is referenced elsewhere will throw an error.
References:
-
Question 31 of 60
31. Question
An integration is to be built which inserts Leads into your company’s Salesforce instance in bulk from its website daily. Some of the records are spam and do not contain valid field data. Which of the following statements would facilitate this?
Correct
When we wish to configure the DML operation, or handle failed records, we must use the Database class methods. When we specify false for the allOrNone parameter, instead of an exception being thrown when any record encounters an error during save, a List<Database.SaveResult> is returned instead of an exception being thrown.
We can use the returned result to customise any error handling required for specific records.
References:
Incorrect
When we wish to configure the DML operation, or handle failed records, we must use the Database class methods. When we specify false for the allOrNone parameter, instead of an exception being thrown when any record encounters an error during save, a List<Database.SaveResult> is returned instead of an exception being thrown.
We can use the returned result to customise any error handling required for specific records.
References:
-
Question 32 of 60
32. Question
There is a trigger on the Contact object which causes an update on the parent Account object. The Account update uses an update DML statement and triggers a validation rule. Which of the following statements is true?
Correct
Whenever an unhandled exception is thrown in a transaction (such as an uncaught save error from a validation rule), the entirety of the transaction is rolled back – i.e. the state of the database reverts to how it was before the save request was made. This happens regardless of where the error occurs.
References:
Incorrect
Whenever an unhandled exception is thrown in a transaction (such as an uncaught save error from a validation rule), the entirety of the transaction is rolled back – i.e. the state of the database reverts to how it was before the save request was made. This happens regardless of where the error occurs.
References:
-
Question 33 of 60
33. Question
How can data for a record be easily accessed in Lightning Components?
Correct
When building components that work on individual records, the Lightning Data Service provides a performant and cached mechanism for loading and updating record data that gets propagated throughout all components utilising the service.
This offers advantages over performing Apex calls to achieve simple record data since it increases performance and allows changes in other areas of the UI (for example for the standard record details component) to propagate to other components.
References:
Incorrect
When building components that work on individual records, the Lightning Data Service provides a performant and cached mechanism for loading and updating record data that gets propagated throughout all components utilising the service.
This offers advantages over performing Apex calls to achieve simple record data since it increases performance and allows changes in other areas of the UI (for example for the standard record details component) to propagate to other components.
References:
-
Question 34 of 60
34. Question
How can a developer react to and handle errors gracefully?
Correct
When we are performing code which we consider dangerous due to its chance of throwing an Exception, we can wrap this code within a try-catch block.
Try-catch blocks are made up of two parts. The first part is the try block, this is where the dangerous code is executed. The second part is the catch block, this block (or blocks if handling specific exception types) allows us to write code which gracefully reacts to errors and allows the code to continue to execute. Optionally a third block can be included, the finally block, this executes a block of code after either the try successfully runs, or a catch block finishes executing.
References:
Incorrect
When we are performing code which we consider dangerous due to its chance of throwing an Exception, we can wrap this code within a try-catch block.
Try-catch blocks are made up of two parts. The first part is the try block, this is where the dangerous code is executed. The second part is the catch block, this block (or blocks if handling specific exception types) allows us to write code which gracefully reacts to errors and allows the code to continue to execute. Optionally a third block can be included, the finally block, this executes a block of code after either the try successfully runs, or a catch block finishes executing.
References:
-
Question 35 of 60
35. Question
You are tasked with creating a Lightning Component which will allow a user to search public records of an object by filtering multiple field values. What can be done to ensure this component can be securely used?
Correct
Any area where user input is used to query data within the database should be considered an avenue for attack and should be protected against.
Sanitising the user input protects against SOQL injection by ensuring values are treated as values and not accidently interpreted as extensions to a query. This is easily achieved with bind variables.
The “WITH SECURITY_ENFORCED” clause of a query prompts the SOQL engine to enforce permissions on the query, so if a query attempts to access a field or object the user doesn’t have access to, an exception is thrown.
A piece of Apex should never trust search parameters from a Lightning Component as these could easily be manipulated. Instead, in scenarios where this is required, alternative approaches should be used such as hardcoding the filter variables in an Apex datatype or as parameters to the method, in order to ensure that any requested fields/filters have been explicitly pre authorised.
References:
Incorrect
Any area where user input is used to query data within the database should be considered an avenue for attack and should be protected against.
Sanitising the user input protects against SOQL injection by ensuring values are treated as values and not accidently interpreted as extensions to a query. This is easily achieved with bind variables.
The “WITH SECURITY_ENFORCED” clause of a query prompts the SOQL engine to enforce permissions on the query, so if a query attempts to access a field or object the user doesn’t have access to, an exception is thrown.
A piece of Apex should never trust search parameters from a Lightning Component as these could easily be manipulated. Instead, in scenarios where this is required, alternative approaches should be used such as hardcoding the filter variables in an Apex datatype or as parameters to the method, in order to ensure that any requested fields/filters have been explicitly pre authorised.
References:
-
Question 36 of 60
36. Question
A Lead has been converted to a Contact and Account, which triggers are fired?
Correct
Lead conversion causes Apex triggers to fire, the scope of which depends on the records the Lead is being converted to, but at a bare minimum the triggers on the Lead object are fired. If a Lead is creating or updating any secondary objects, those objects also have their triggers fired.
References:
Incorrect
Lead conversion causes Apex triggers to fire, the scope of which depends on the records the Lead is being converted to, but at a bare minimum the triggers on the Lead object are fired. If a Lead is creating or updating any secondary objects, those objects also have their triggers fired.
References:
-
Question 37 of 60
37. Question
Which of the following is true about roll-up summary fields?
Correct
Roll-up summary fields are a feature of Master-Detail relationship that allow the Master record to calculate details about all of it’s detail records, e.g. a count of the number of Detail records belonging to a Master record.
References:
Incorrect
Roll-up summary fields are a feature of Master-Detail relationship that allow the Master record to calculate details about all of it’s detail records, e.g. a count of the number of Detail records belonging to a Master record.
References:
-
Question 38 of 60
38. Question
What are the use cases for the Test.startTest() and Test.stopTest() methods when used within a test class? (Choose 2)
Correct
Test classes come in three distinct parts:
- Setup – preparing data and the runtime environment for your testing scenario
- Execution – executing the code you wish to test
- Validation – verifying the results of the executed test against the expected results
The process of setting up and preparing a test can result in the consumption of many governor limits before the actual code we wish to validate has been run, for example having to insert Accounts if you wish to validate a rollup from Opportunity.
This is not an ideal scenario as it causes our test execution to potentially not run in a realistic environment. We can use the Test.startTest() method just before executing the code we wish to test to assign that block of code a new set of governor limits. We can then call Test.startTest() once we’ve finished our execution and are ready to validate our results.
If we are testing asynchronous apex (e.g. a batch class), since the code gets flagged to run at an unknown future date, we would not be able to write tests for any asynchronous methods. Instead by wrapping the code execution in Test.startTest() and Test.stopTest(), when the stopTest method is called, the async code is executed and so we can test the results of the execution within our test class.
Incorrect
Test classes come in three distinct parts:
- Setup – preparing data and the runtime environment for your testing scenario
- Execution – executing the code you wish to test
- Validation – verifying the results of the executed test against the expected results
The process of setting up and preparing a test can result in the consumption of many governor limits before the actual code we wish to validate has been run, for example having to insert Accounts if you wish to validate a rollup from Opportunity.
This is not an ideal scenario as it causes our test execution to potentially not run in a realistic environment. We can use the Test.startTest() method just before executing the code we wish to test to assign that block of code a new set of governor limits. We can then call Test.startTest() once we’ve finished our execution and are ready to validate our results.
If we are testing asynchronous apex (e.g. a batch class), since the code gets flagged to run at an unknown future date, we would not be able to write tests for any asynchronous methods. Instead by wrapping the code execution in Test.startTest() and Test.stopTest(), when the stopTest method is called, the async code is executed and so we can test the results of the execution within our test class.
-
Question 39 of 60
39. Question
What is the value of “foo” after this following code has been executed?
Correct
Switch statements allow a developer to test whether an expression matches one of several different values in a branch, and perform some code based on the matching branch.
In the question, the switch operation compares an Enum value against several options. Since the value operation is AFTER_INSERT, the switch statement evaluates each branch until it matches the AFTER_INSERT value, which executes the code block, which sets foo to equal 30.
References:
Incorrect
Switch statements allow a developer to test whether an expression matches one of several different values in a branch, and perform some code based on the matching branch.
In the question, the switch operation compares an Enum value against several options. Since the value operation is AFTER_INSERT, the switch statement evaluates each branch until it matches the AFTER_INSERT value, which executes the code block, which sets foo to equal 30.
References:
-
Question 40 of 60
40. Question
You have a Visualforce page displaying an Opportunity record. You wish to display details about the Account record linked to this Opportunity. This page utilises the standard controller. How could you add the Account name to the page?
Correct
The standard controller for Visualforce provides lots of data access opportunities for the record it is operating on. Notably, it allows access to parent objects, being able to traverse up 5 levels of parent child relationships. For example, you could access details about an Account records owner from an Opportunity. The standard controller also offers 1 level of parent-child traversal, i.e. you could access the Contacts belonging to an Account.
References:
Incorrect
The standard controller for Visualforce provides lots of data access opportunities for the record it is operating on. Notably, it allows access to parent objects, being able to traverse up 5 levels of parent child relationships. For example, you could access details about an Account records owner from an Opportunity. The standard controller also offers 1 level of parent-child traversal, i.e. you could access the Contacts belonging to an Account.
References:
-
Question 41 of 60
41. Question
A developer wishes to add a picklist to a Lightning Web Component they are building. Which of the following snippets should they use?
Correct
The LWC framework follows the HTML specification for how it expects HTML to be written within component templates. This means that for any components that aren’t base HTML tags, it is required that no component tags are self-closing (i.e., there is always an explicit closing tag).
In LWC, when we wish to display picklists, we should utilise the base component called combobox. In Aura, we can either use the combobox or the select components, however in LWC we only have the combobox as there is no lightning-select component.
References:
Incorrect
The LWC framework follows the HTML specification for how it expects HTML to be written within component templates. This means that for any components that aren’t base HTML tags, it is required that no component tags are self-closing (i.e., there is always an explicit closing tag).
In LWC, when we wish to display picklists, we should utilise the base component called combobox. In Aura, we can either use the combobox or the select components, however in LWC we only have the combobox as there is no lightning-select component.
References:
-
Question 42 of 60
42. Question
How can a developer execute an anonymous block of Apex code? (Choose 3)
Correct
Anonymous Apex code can be executed both on platform and off platform. On platform this is done directly in the Developer Console, utilising the Developer Console’s inbuilt functionality.
When we wish to run code off platform, there are several ways this can be achieved. One of the easiest is to utilise the Salesforce CLI commands, as these can run code directly from either a terminal, or from code stored within a file. Lastly we can utilise either the SOAP or the REST APIs to send code to Salesforce to be executed.
References:
Incorrect
Anonymous Apex code can be executed both on platform and off platform. On platform this is done directly in the Developer Console, utilising the Developer Console’s inbuilt functionality.
When we wish to run code off platform, there are several ways this can be achieved. One of the easiest is to utilise the Salesforce CLI commands, as these can run code directly from either a terminal, or from code stored within a file. Lastly we can utilise either the SOAP or the REST APIs to send code to Salesforce to be executed.
References:
-
Question 43 of 60
43. Question
How can Apex classes be deleted from production instances?
Correct
Apex classes and some other metadata cannot be directly deleted from production. While these pieces of metadata can be deleted within a Sandbox, changesets cannot upload these destructive changes. Instead the Metadata API must be used. This could be with a tool such as ANT to produce a destructive changeset which is deployed into the org.
References:
Incorrect
Apex classes and some other metadata cannot be directly deleted from production. While these pieces of metadata can be deleted within a Sandbox, changesets cannot upload these destructive changes. Instead the Metadata API must be used. This could be with a tool such as ANT to produce a destructive changeset which is deployed into the org.
References:
-
Question 44 of 60
44. Question
Which of the following statements is true about sharing keywords of Apex classes?
Correct
Inner classes can have their own sharing modes declared, which don’t have to match that of the outer classes. This can be useful for nesting specific methods which require without sharing inside a class which has with sharing declared.
References:
Incorrect
Inner classes can have their own sharing modes declared, which don’t have to match that of the outer classes. This can be useful for nesting specific methods which require without sharing inside a class which has with sharing declared.
References:
-
Question 45 of 60
45. Question
What is the primary purpose of creating test classes in Apex?
Correct
Test classes within Salesforce play a very important role: they are used to determine whether a piece of code is behaving exactly as it was intended to.
Properly written tests can act as early warning signs for when things go wrong, and can help easily identify specific pieces of code that are no longer behaving as expected (for example, due to conflicting with a recently introduced Process Builder or Flow).
References:
Incorrect
Test classes within Salesforce play a very important role: they are used to determine whether a piece of code is behaving exactly as it was intended to.
Properly written tests can act as early warning signs for when things go wrong, and can help easily identify specific pieces of code that are no longer behaving as expected (for example, due to conflicting with a recently introduced Process Builder or Flow).
References:
-
Question 46 of 60
46. Question
A developer has many records which must be displayed on a Visualforce page, how can they best add pagination?
Correct
The StandardSetController is designed to work with sets of records, and so provides built in methods to enable a large set of records to be displayed on a Visualforce page, with methods to assist in pagination of the record list.
References:
Incorrect
The StandardSetController is designed to work with sets of records, and so provides built in methods to enable a large set of records to be displayed on a Visualforce page, with methods to assist in pagination of the record list.
References:
-
Question 47 of 60
47. Question
How can a developer declaratively access a specific custom metadata type (MyCustomMetadataType__mdt) record within Apex?
Correct
Each custom metadata type comes with its own SObject type in Apex. This type contains additional methods which can be used to declaratively obtain records from a custom metadata type by developer name or record Id. These methods are similar to those found on custom settings.
References:
Incorrect
Each custom metadata type comes with its own SObject type in Apex. This type contains additional methods which can be used to declaratively obtain records from a custom metadata type by developer name or record Id. These methods are similar to those found on custom settings.
References:
-
Question 48 of 60
48. Question
What is the maximum number of records that can be processed by a trigger at a time?
Correct
The maximum number of records processed by a trigger at a time is 200. If the number of records being inserted is greater than this (e.g. from the Bulk API or a bulk DML operation), the trigger is invoked in batches of 200 records at a time.
References:
Incorrect
The maximum number of records processed by a trigger at a time is 200. If the number of records being inserted is greater than this (e.g. from the Bulk API or a bulk DML operation), the trigger is invoked in batches of 200 records at a time.
References:
-
Question 49 of 60
49. Question
How can a developer schedule an Apex job? (Select 2)
Correct
Apex jobs can be scheduled in the UI via the Apex Scheduler or through writing a line of code to enqueue the job via code (e.g., submitting via the Developer Console).
The System.enqueJob() method is not used for scheduled jobs and is instead used to queue a queueable piece of apex, the main difference being queueable apex executes at the soonest possible time, whereas a scheduled job executes at the designated time.
References:
Incorrect
Apex jobs can be scheduled in the UI via the Apex Scheduler or through writing a line of code to enqueue the job via code (e.g., submitting via the Developer Console).
The System.enqueJob() method is not used for scheduled jobs and is instead used to queue a queueable piece of apex, the main difference being queueable apex executes at the soonest possible time, whereas a scheduled job executes at the designated time.
References:
-
Question 50 of 60
50. Question
A developer creates an Apex trigger which calls a method within another class. A test has been written which directly calls the method within the class and provides 100% code coverage. There are no other Apex classes present within the org. What would be the result of deploying a changeset with this trigger and classes into production with running all tests?
Correct
When doing a deployment into production, there must be an average of 75% code coverage for all Apex code within the org. Alongside this, Apex triggers being deployed must have at least 1 line being covered (i.e. they must have been called by at least one test class).
When running deployments, there is the option to run a subset of tests which changes the code coverage behaviour. When running the default testing mode, all tests are executed and the total coverage in an org must meet 75%. However, when running a specified set of tests, every item in the deployment must average 75% instead.
References:
Incorrect
When doing a deployment into production, there must be an average of 75% code coverage for all Apex code within the org. Alongside this, Apex triggers being deployed must have at least 1 line being covered (i.e. they must have been called by at least one test class).
When running deployments, there is the option to run a subset of tests which changes the code coverage behaviour. When running the default testing mode, all tests are executed and the total coverage in an org must meet 75%. However, when running a specified set of tests, every item in the deployment must average 75% instead.
References:
-
Question 51 of 60
51. Question
You are working for a server installation provider and have been requested that whenever an Opportunity is created with a value over £10000 to enforce that there has been a Site Review record created before allowing the Opportunity stage to be set to Closed Won. How best can this be achieved?
Correct
Standard validation rules are unable to operate on parent child relationships so Apex validation is required instead.
Apex validation allows complex validation logic to be performed on record save operations. This is done by processing the records for the required criteria, and then calling the addError() method on each individual method with the validation message a user should see as an argument for the method.
References:
Incorrect
Standard validation rules are unable to operate on parent child relationships so Apex validation is required instead.
Apex validation allows complex validation logic to be performed on record save operations. This is done by processing the records for the required criteria, and then calling the addError() method on each individual method with the validation message a user should see as an argument for the method.
References:
-
Question 52 of 60
52. Question
There are two before save triggers defined for the Contact object, which one of them runs first?
Correct
When multiple triggers are defined on an object, the order in which they are executed cannot be guaranteed or relied upon. Instead, it is a best practice to ensure only a single trigger is defined on an object which hands off to other classes to perform business logic.
References:
Incorrect
When multiple triggers are defined on an object, the order in which they are executed cannot be guaranteed or relied upon. Instead, it is a best practice to ensure only a single trigger is defined on an object which hands off to other classes to perform business logic.
References:
-
Question 53 of 60
53. Question
What are the valid target source pairs for a changeset deployment? (Choose 2)
Correct
Changesets are only available within a production org and its sandboxes. The purpose of them is to allow development and testing to be done in a metadata clone of a production org, and for those changes to be migrated into production when ready.
Since developer orgs are not tied to a production instance and are instead standalone, they do not feature changesets and so cannot be the target nor the source of a changeset deployment
References:
Incorrect
Changesets are only available within a production org and its sandboxes. The purpose of them is to allow development and testing to be done in a metadata clone of a production org, and for those changes to be migrated into production when ready.
Since developer orgs are not tied to a production instance and are instead standalone, they do not feature changesets and so cannot be the target nor the source of a changeset deployment
References:
-
Question 54 of 60
54. Question
A developer wishes to write a test for a private method within a class, how can this be best achieved?
Correct
Using the @TestVisible annotation allows a test method to access a private or protected method or class variable, instanced or static. This change in access is only applied for test classes and doesn’t affect the access of the class in any other way.
Utilising this annotation allows the original access modifier to be used without sacrificing the ability to precisely test a specific piece of code
References:
Incorrect
Using the @TestVisible annotation allows a test method to access a private or protected method or class variable, instanced or static. This change in access is only applied for test classes and doesn’t affect the access of the class in any other way.
Utilising this annotation allows the original access modifier to be used without sacrificing the ability to precisely test a specific piece of code
References:
-
Question 55 of 60
55. Question
As a developer you wish to build a reusable Lightning Web Component which can be used to search records and to select one. Which snippet can this component alert its parent component to the selected record?
Correct
Lightning Web Components utilise the standard CustomEvent class within JavaScript, which is then dispatched through the EventTarget.dispatchEvent() method, which in the majority of cases, would be this.dispatchEvent() – since we would want parent components to handle this event.
We add information to the event with the detail property of CustomEvent, which the event handlers can access and process accordingly. The detail property can be any datatype.
We should follow the DOM event standard in the naming of our events, meaning no upper-case letters, no spaces, and underscores to separate words.
References:
Incorrect
Lightning Web Components utilise the standard CustomEvent class within JavaScript, which is then dispatched through the EventTarget.dispatchEvent() method, which in the majority of cases, would be this.dispatchEvent() – since we would want parent components to handle this event.
We add information to the event with the detail property of CustomEvent, which the event handlers can access and process accordingly. The detail property can be any datatype.
We should follow the DOM event standard in the naming of our events, meaning no upper-case letters, no spaces, and underscores to separate words.
References:
-
Question 56 of 60
56. Question
How can we best reference external resources (e.g. CSS or JavaScript) within Lightning Components and Visualforce pages?
Correct
Whenever we wish to use external resources within our application, we should upload them as Static Resources. Uploading the files as Static Resources improves our applications security, as it shifts the control of the resources to be ours, instead of a third-party site which could end up having malicious code embedded without our knowing.
Lightning Components require all third-party resources to be uploaded as Static Resources and loaded through the Platform Resource Loader, however Visualforce can reference external URLs.
References:
Incorrect
Whenever we wish to use external resources within our application, we should upload them as Static Resources. Uploading the files as Static Resources improves our applications security, as it shifts the control of the resources to be ours, instead of a third-party site which could end up having malicious code embedded without our knowing.
Lightning Components require all third-party resources to be uploaded as Static Resources and loaded through the Platform Resource Loader, however Visualforce can reference external URLs.
References:
-
Question 57 of 60
57. Question
A developer wishes to iterate over a list of records returned from a query, which of the following loop types is most appropriate?
Correct
SOQL for loops differ from a traditional for loop, or a List/Set for loop in that they can utilise more efficient chunking of SObjects behind the scenes, resulting in a reduced heap usage and a lower chance of hitting governor limits for large queries. This type of loop should be the tool of choice when iterating over query results as it can mitigate the chance of hitting errors as a dataset scales.
References:
Incorrect
SOQL for loops differ from a traditional for loop, or a List/Set for loop in that they can utilise more efficient chunking of SObjects behind the scenes, resulting in a reduced heap usage and a lower chance of hitting governor limits for large queries. This type of loop should be the tool of choice when iterating over query results as it can mitigate the chance of hitting errors as a dataset scales.
References:
-
Question 58 of 60
58. Question
You are building an application which tracks student enrollments on a course. A student can be enrolled on many different courses at once and a course has many students enrolled on it. What data model should be used to track a student’s enrollments on a course and ensure data integrity?
Correct
Since a student can be enrolled on many courses, and a course can have many students enrolled, we require a junction object to keep track of each student enrollment.
The relationships used to create this junction object should be master-detail. This will prevent orphaned records from being created and ensure both lookups are always populated.
References:
Incorrect
Since a student can be enrolled on many courses, and a course can have many students enrolled, we require a junction object to keep track of each student enrollment.
The relationships used to create this junction object should be master-detail. This will prevent orphaned records from being created and ensure both lookups are always populated.
References:
-
Question 59 of 60
59. Question
A custom field on Opportunity is assigned the number data type, with 18 digits and 0 decimal places. Which primitive data type would this be assigned in Apex?
Correct
All data stored within a number field (or number returning formula) is represented as a Double when accessed within Apex.
Reference:
Incorrect
All data stored within a number field (or number returning formula) is represented as a Double when accessed within Apex.
Reference:
-
Question 60 of 60
60. Question
Which of the following isn’t true about Visualforce standard controllers?
Correct
Visualforce standard controllers come in two varieties, StandardController and StandardSetController, operating on single and collections of records respectively and one is present for the majority of standard and all custom objects within an org.
Standard controllers contain several inbuilt methods and mechanisms to access data and save data, both of which when used explicitly enforce any permissions related to fields and object access.
Controller extensions can be built to define custom logic and actions to be performed within a controller, while retaining the functionality of the standard controller.
References:
Incorrect
Visualforce standard controllers come in two varieties, StandardController and StandardSetController, operating on single and collections of records respectively and one is present for the majority of standard and all custom objects within an org.
Standard controllers contain several inbuilt methods and mechanisms to access data and save data, both of which when used explicitly enforce any permissions related to fields and object access.
Controller extensions can be built to define custom logic and actions to be performed within a controller, while retaining the functionality of the standard controller.
References:

About our creator
Alex Crisp is a System Architect at Seven20.
He is a long-time Salesforce developer and enthusiast, with a wealth of experience building everything and anything on the Salesforce platform.