Setup Materials

Question 1

URLs

Answer 1

• Blog Post: https://icodecloud.wordpress.com/2017/04/21/salesforce-sharing-visibility-designer-certification/
• SFDC Outline: http://certification.salesforce.com/SG_CertifiedSharingAndVisibilityDesigner.pdf
• SFDC Resource Guide: http://certification.salesforce.com/RG_CertifiedSharingandVisibilityDesigner.pdf
• Data Security Model Explained Visually: https://developer.salesforce.com/blogs/developer-relations/2017/04/salesforce-data-security-model-explained-visually.html
• Sharing Cheat Sheet: https://th3silverlining.com/2013/02/20/salesforce-sharing-cheat-sheet/
• Territory Management Decision Guide: https://resources.docs.salesforce.com/sfdc/pdf/tm_decision_guide.pdf
• Enterprise Territory Management Implementation Guide: https://resources.docs.salesforce.com/206/latest/en-us/sfdc/pdf/salesforce_implementing_territory_mgmt2_guide.pdf
• Record Level Access: Under the Hood: http://resources.docs.salesforce.com/latest/latest/en-us/sfdc/pdf/salesforce_record_access_under_the_hood.pdf
• Enforcing CRUD & FLS: https://developer.salesforce.com/page/Enforcing_CRUD_and_FLS
• Designing Record Access For Enterprise Scale: https://resources.docs.salesforce.com/sfdc/pdf/draes.pdf
• Protecting Force.com Custom Sharing Code: https://developer.salesforce.com/blogs/engineering/2013/02/protecting-force-com-custom-sharing-code.html
• Behind the Scenes of Record Ownership in Salesforce: https://developer.salesforce.com/blogs/engineering/2013/10/behind-the-scenes-of-record-ownership-in-salesforce.html
• Understanding With Sharing, Without Sharing & Unspecified Sharing Classes: https://salesforce.stackexchange.com/questions/16121/sfdc-understanding-with-sharing-without-sharing-unspecified-sharing-classes
• Shield Platform Encryption: https://trailhead.salesforce.com/en/modules/spe_admins
• Using Apex Managed Sharing to Create Custom Record Sharing Logic: https://developer.salesforce.com/page/Using_Apex_Managed_Sharing_to_Create_Custom_Record_Sharing_Logic
• Managing Lookup Skew to Avoid Recod Lock Exceptions: https://developer.salesforce.com/blogs/engineering/2013/04/managing-lookup-skew-to-avoid-record-lock-exceptions.html
  *

Question 2

What Skills Does this exam test for?

Answer 2

• Describe the usage and implementation of sharing rules, both criteria based and ownership based.
• Architect the appropriate object relationships given a scenario.
• Articulate how Org-Wide defaults may impact a security model.
• Articulate how different Salesforce license types may impact a security & sharing model.
• Describe how the Role Hierarchy may impact the decisions made when designing a security model.
• Describe how Profile configuration may impact a security and sharing model.
• Describe the fundamental concepts around role hierarchy, apex sharing etc. to different levels of audience.
• Articulate different security capabilities with respect to record visibility, CRUD based security, record level access and the differences between the three.
• Describe the limits of declarative capabilities and when a more custom security solution is required with associated risks and limitations.
• Articulate what Apex Sharing is and when it should be used.
• Articulate the security implications of using Dashboards, Apex run as an Administrator, VisualForce pages or other “run in context” tools to expose aggregate data.
• Identify and mitigate performance and scalability concerns for a recommended solution.
• Develop a test process to validate a security model.
• Articulate use cases for complex sharing such as territory management or account teams should be used.

Question 3

What is the breakdown of the Sharing and Visibility Designer Exam?

Answer 3

1. Declarative Sharing: 67%
   
   1. Given a particular customer scenario, describe the appropriate use and limitations of relevant object and field level security settings needed to allow and limit user’s access to different types of information.
   2. Given a particular customer scenario, describe the relevant settings required for all the declarative platform security features that would ensure proper data access to relevant users.
   3. Demonstrate your ability to properly evaluate the use case for and implement Account and Opportunity Teams to ensure the proper visibility and collaboration requirements are met.
   4. Demonstrate how views and folders can be segmented for different groups using out of box security features, such as groups or roles, in an effective manner while keeping in mind security considerations and how these differ from record level security considerations.
   5. Given a particular customer’s organization hierarchy describe the impact of role hierarchy on record sharing.
   6. Given a scenario that involves external users, describe how the security and sharing setup can be utilized to properly enforce record visibility for different types of community users (e.g. Internal, Customer Community, and Partner Community).
   7. Given a particular customer scenario, have awareness of how Territory Management 2.0 can (or cannot be applied) to resolve more complex security requirements.
   8. Given a customer’s particular data storage and data residency requirements, have awareness of solution options in the marketplace that properly leverages declarative and programmatic security features of Salesforce.
   9. Given an Architect’s design and configuration of the sharing and security model, describe the methods of validating the sharing and visibility.
2. Performance: 8%
   
   1. Given a particular complex customer org setup, describe how apex sharing (and calculation) can impact system performance.
   2. Given a particular complex customer org setup, design a security model that is maintainable at large numbers of users and records.
3. Programmatic Sharing: 25%
   
   1. Given a scenario, design a solution that leverages programmatic sharing functionalities to achieve a requirement that cannot be met using declarative functionality.
   2. Given a scenario, describe how to minimize security risks in programmatic customizations (Apex and Visualforce) relative to data visibility.
   3. Demonstrate how to properly design unit tests to verify programmatic security solutions.
   4. Demonstrate how to properly enforce Object and Field level permission when designing Programmatic Solutions.