Security & Access (13%)

Question 1

How can a system administrator discover who added a field to the account page layout?

Answer 1

Use the Setup Audit Trail.

Question 2

Ursa Major Solar uses a private sharing model for cases. Each product line has several product specialists who want to have visibility to all cases involving their product line. How should the administrator meet this requirement?

Answer 2

Create a predefined case team for each group of product specialists and assign the team using Case Assignment Rules.

Question 3

Organization-wide Sharing Default (OWD)

Answer 3

Defines the default access level for an object’s records with organization- wide sharing settings. Organization- wide sharing settings can be set separately for custom objects and many standard objects, including assets, campaigns, cases, and accounts and their contracts.

Question 4

Ursa Major Solar has three account record types: Prospect, Customer, and Vendor. The Customer record type is only for accounts that have a Closed Won opportunity.
How should a system administrator prevent users from selecting the Customer record type when they create new account records?

Answer 4

Remove the Customer record type as an Assigned record type in the users’ profiles and permission sets.

Question 5

A system administrator cannot share a report folder.

What is a possible reason?

Answer 5

The folder is private.

Question 6

Sharing Rules

Answer 6

Sharing rules give chosen users greater access by making automatic exceptions to your org-wide sharing settings. Use sharing rules to extend sharing access to users in public groups, roles, or territories.

Question 7

Role Hierarchy

Answer 7

Salesforce offers a user role hierarchy that you can use with sharing settings to determine the levels of access that users have to your Salesforce org’s data. Roles within the hierarchy affect access on key components such as records and reports.

Question 8

The Executive Team at Ursa Major Solar is exploring ways to increase protection of the organization’s Salesforce data from unauthorized access. It has been proposed o leverage the Trusted IP Ranges feature. What is a benefit of entering Trusted IP ranges in the network access section?

a. Users who log in within the network are not required to verify their identity.
b. All attempts to log in from outside the network are denied.
c. Users are unable to log in through the API on networks not marked as trusted.
d. AppExchange packages can communicate with an external site.

Answer 8

a. Users who log in within the network are not required to verify their identity.
Correct. Users logging in via the company network, a trusted IP range, are not required to verify their identity.

Question 9

The password policy in Ursa Major Solar’s org shows that the length of time until passwords expire is 60 days. However, sales reps are complaining that their passwords expire every 30 days. Where should the system administrator change the password expiration period for the sales rep users?

a. Individual user records
b. Permission Sets assigned to the users
c. Profiles assigned to the users
d. Roles assigned to the users

Answer 9

c. Profiles assigned to the users
Correct: Since the issue is affecting users with the same profile, the password expiration should be adjusted for the profile used by the sales

Question 10

Ursa Major Solar’s vice president of global Sales has requested that the sales rep commission report be visible to the executive team. How should the system administrator provide visibility to the sales rep commission report to the executive team only?

a. Set opportunity org-wide default sharing settings to private.
b. Save the report in a folder shared with the executive team.
c. Name the report “For Executive Team Use Only - DO NOT USE.”
d. Save the report in the My Personal Reports folder.

Answer 10

b. Save the report in a folder shared with the executive team.
Correct. Access to folder contents can be controlled based on roles, permissions, public groups, and license types.