Salesforce Certified Sharing and Visibility Designer — Question 10

A Cloud Kicks IT team member is building an integration within a managed package for their internal org that requires login to an external system. The end point requires basic authentication.
Which three methods should an Architect recommend to secure the credentials, such as username and password, in this scenario? (Choose three.)

Answer options

• A. Store the credentials in protected custom settings that are used in the Apex Callout
• B. Store the credentials in Named Credentials that are used in the Apex Callout
• C. Store the credentials in the Apex code, which will NOT be available to non-admins
• D. Store the credentials in a custom object using encrypted fields
• E. Store the credentials in protected custom metadata that are used in the Apex Callout

Correct answer: A, B, E

Explanation

Options A, B, and E are secure methods for storing sensitive information, as they provide controlled access and encryption for credentials. Option C, while restricting visibility to non-admins, does not offer adequate security since the credentials would still be visible in the Apex code. Option D also lacks the robust control and security features available in the other options.