Sharing and Visibility Designer

Question 1

Universal Containers (UC) stores basic employee information in a custom Employee object (OWD – Public Read Only). There are a few sensitive fields that need restricted access (salary, grade level, last performance rating).

Other than field level security, what other options are available to make these fields accessible to the Human Resource team?

A. Create a new custom object with private OWD and Lookup relationship to Employee to store new restricted information.
B. Change OWD of Employee custom object to private and a Lookup self-relationship to store only new restricted information.
C. Create a new custom object controlled by parent and a Master-Detail relationship to Employee to store new restricted information.
D. There are no other options besides using field level security.

Answer 1

Answer: A

Question 2

Sales Operations at Universal Container (UC) wants to create the opens to fiber appropriates for center.
In which two ways can UC hide list that are not relevant to an individual use since there will be

Choose 2 answers.

A. Share the list views with the appropriate queue.
B. Share the list views with the appropriate individual users.
C. Share the list views with the appropriate public group.
D. Share the list views with the appropriate role in the role hierarchy

Answer 2

Answer: C, D

Question 3

Universal Containers keeps product brochures in Salesforce as files. Sarah shares a public Unit to a product brochure with potential customers during a meeting. She wants to ensure they do not have access to the file after the meeting.

How should Sarah accomplish this?

A. Rename the file.
B. Delete the public link.
C. Delete the file.
D. Move the file to another folder

Answer 3

Answer: B

Question 4

Universal Container has developed a custom Visualforce page that will accept user input and must prefer returning the results to the users.

Which two techniques should be used to ensure the users cannot perform a SOQL injection attack?

Choose 2

A. Escape double quotes in the user input.
B. Use bind variable in the SOQL query.
C. Use the escapesinglequotes() method to sanitize user input.
D. Use the with Sharing keyword on the controller.

Answer 4

Answer: B, C

Question 5

What should a Salesforce architect recommend to make sure that users that gained access to a custom of sharing do not lose access to it when its owner is changed?

A. Create a specific Sharing Reason for the custom object.
B. Use ‘‘runAS’’ system method in Apex classes to enforce record visibility.
C. Create a new record in_Share object with RowCause ‘‘Manual’’
D. Use ‘‘With Sharing’’ keyword to make sure record visibility will be considered

Answer 5

Answer: A

Question 6

Universal Containers (UC) has implemented Customer Community with customer community plus licenses for their distributors. Some distributors requested granting specific community users (agents) to view cases submitted by other agents of the same distributor.

Which feature only supports these requirements?

A. Permission set to grant community admin permission
B. Delegate external user
C. Partner super user
D. Partner community admin.

Answer 6

Answer: C

Question 7

Sales reps at Universal Containers (UC) complain about the manual activities they need to perform in order to grant access to supporting internal users (legal, engineering, finance, and so forth) for customer records when they need help. In general, the sales reps involved in the deals will not change.

How can a Salesforce architect help IK to Improve sales reps productivity?

Choose 2

A. Create a permission set with “view all data” and assign to supporting users.
B. Create a public group and replace the account ownership with it.
C. Create a criteria-based sharing rule to grant access to other users.
D. Leverage default Account team.

Answer 7

Answer: C, D

Question 8

Universal Containers keeps product brochures in Salesforce as files. Sarah shares a public link to a product during a meeting. She wants to ensure they do not have access to the file after the meeting. How should Sarah accomplish this?

A. Move the file to another folder
B. Rename the file.
C. Delete the file.
D. Delete the public link.

Answer 8

Answer: D

Question 9

Universal Containers (UC) wants to reduce the amount of redundant leads entered into the system. UC also wants to ensure that leads are only edited/reassigned by the lead owner.

What organization-wide default (OWD) approach should be recommended to help UC implement these requirements?

A. Implement a Public Read Only OWD on Lead.
B. Implement a Private OWD on Lead.
C. Implement a Public Read Only/Transfer OWD on Lead.
D. Implement a Public Read/Write OWD on Lead.

Answer 9

Answer: A

Question 10

Universal Containers uses person accounts to represent retail customers and business to represent Sales team should not have access to commercial customers but have access to ALL retail customers. With organization-wide default on Account set to private, how might the architect meet these requirements.

A. Create an owner-based sharing rule on AccountContactRelation to grant access to all account contact reps.
B. Update Retail Sales profile to grant access to Person Account record type.
C. Create a criteria-based sharing rule giving Retail Sales role access to Accounts of type PersonAccount
D. Give view All access for Accounts to the Retail Sales profile.

Answer 10

Answer: C

Question 11

Universal Containers (UC) has created a public group with certain Sales Engineers to help on complex deals and a sharing rule to grant access to these opportunities. Opportunity OWD is private. What is the impact of these sharing settings?

A. Subordinates of Managers who have Sales Engineers in the public group will also have access to these records.
B. Sales Engineers that have a similar role of the Sales Engineers of the public group will also have access to these records.
C. Sales Engineers Managers and their managers in the role hierarchy will also have access to these records.
D. Sales Engineers direct reports will also have access to these records.

Answer 11

Answer: C

Question 12

Universal Containers (UC) uses a custom Visualforce page to display shipment tracking information (custom object, private OWD) to field manager and agents. The IT team wants to make sure that users have access to only the information that is allowed.

Which Apex method must be used to make sure only allowed fields are shown to the users?

A. isReadable()
B. isShowable()
C. isAccessible()
D. isViewable()

Answer 12

Answer: C

Question 13

At Universal Containers, Accounts and Contracts are normally visible to all employees, and Proposals center owner and managers. However, some Proposals are considered confidential and are managed by a Strategic should not be visible to anyone in the Sales group other than owner and the strategic team.
How should the architect design for this requirement?

A. Proposal Owner set to the Strategic Deals Team Queue and create an center- base sharing rule to grs
B. Disable Grant Access Using Hierarchies and set an Owner_Based Sharing rule for Strategic Deals team
C. Proposal Owner set to the Strategic Deals Team Queue and set the Account relationship to Master Dvt.
D. Disable Grant Access Using Hierarches and set a Criteria-based Sharing rule for Strategic Deals team.

Answer 13

Answer: D

Question 14

Mary is Joe’s manager in the role hierarchy. The OWD for a custom Invoice object is Public ReadOnly and Mary’s profile is not granted the Read permission for the Invoice object.

What action can Mary take on Joe’s Invoice records?

A. Read/Write
B. Edit Only
C. None
D. View Only

Answer 14

Answer: C

Question 15

Universal Containers uses 75,000 distributors that have close to 1 million total users. Distributors need opportunities assigned to their distributor for delivery.
What license recommendation will meet distributor needs?

A. Sales Cloud
B. Customer Community Plus
C. Partner Community
D. Custom Community

Answer 15

Answer: C

Question 16

Universal Container (UC) is in a legal dispute regarding several orders. UC has found out these records VP of Sales has asked to ensure this cannot happen in the future.

What approach would meet this requirement?

Choose 2

A. Remove Order delete Permission from Profiles and Permission Sets
B. Implement a Sharing Rule that changes access for order to Read.
C. Remove the Delete button from the Order Page Layout.
D. Change the Record Type/Page Layout assignment for orders to be Read Only.

Answer 16

Answer: A, D

Question 17

Universal Containers uses 75,000 distributors that have close to 1 million total users. Distributors need opportunities assigned to the distributor for delivery.

What license recommendation will meet distributor needs?

A. Sales Cloud
B. Customer Community Plus
C. Partner Community
D. Customer Community

Answer 17

Answer: C

Question 18

The Finance team at Universal Containers usually does not need access to Account and Contract records A .. given Opportunity access for a big deal to help with tax calculation. She can now also access Account and C..
Which two reasons could be causing this issue? Choose 2 answers

A. Contact records can be accessed due to implicit sharing from Account.
B. Account records can be accessed due to implicit sharing from Opportunity.
C. Contact records can be accessed due to implicit sharing from Opportunity.
D. Account records can be access due to role hierarchy.

Answer 18

Answer: A, B

Question 19

After setting up Customer Community and enable collaboration, the architect realizes that customers are only Chatter posts from other customers in their account.
What should the architect do to allow viewing chatter posts from all customers?

A. Enable Community User Visibility.
B. Set View All for Chatter posts.
C. Enable Chatter Super User.
D. Enable Internal Users Visibility.

Answer 19

Answer: A

Question 20

Universal Containers (UC) provides shipment tracking for its customers on a custom Shipment object. The .. yearly by the customers should be available on the Account record to the Marketing team, but the Marketing Shipment records.

What recommend should an Architect provide to accomplish this?

A. Public organization-wide default on Shipment, process builder, and lookup relationship to Account.
B. Private organization-Wide default on Shipment, rollup summary, and Master-Detail relationship to Account.
C. Controlled by Parent (Account) on Shipment, trigger, and trigger, and Master-Detail relationship to Account.
D. Private organization-wide default on Shipment, trigger, and Lookup relationship to Account

Answer 20

D

Question 21

An External Object is created to show Invoices from an external accounting system. When viewing the External Object, a user should only access invoice records the user is authorized to see. What two actions are required to achieve the above requirement?

Choose 2 answers

A. Setup External Object to use OAuth to connect to the Accounting system.
B. Create an owner based sharing rule to grant visibility to the Invoice object.
C. Restrict access to data in the accounting system.
D. Grant access to the External Object to only the Account Manager profile.

Answer 21

Answer: A, C

Question 22

The sales manager in Japan have asked the sales manager in Australia to assist them with closing their deals.
How are these requirements achieved?
A. Use sharing set to give the sales manager access to the deals.
B. Create ownership-based sharing rule.
C. Use opportunity teams to automatically add the sales manager as a team member.
D. Assign the sales manager View All on the opportunity object.

Answer 22

Answer: B

Question 23

What should a Salesforce architect recommend to make sure that users that gained access to a custom object record through Apex managed sharing do not lose access to it when its owner is changed?

A. Create specific Apex Sharing Reason for the custom object.
B. Use “runAs’’ system method in Apex classes to enforce record visibility.
C. Use ‘‘With Sharing’’ keyword to make sure record visibility will be considered.
D. Create a new record in _Share object with RowCause ‘Manual’’.

Answer 23

Answer: A

Question 24

Universal Containers (UC) operates worldwide with offices in more than 100 regions in 10 different countries role hierarchy to control data visibility. In the new fiscal year, UC is planned to reorganize the roles and rea..

Which two point should an Architect consider in this situation?

Choose 2 answers
A. Using a temporary parking lot account to improve performance.
B. Changing complex role hierarchy can cause a high level of sharing recalculation.
C. Restricting the organization-sharing configurations to private.
D. Replacing Account records ownerships massively can cause data skew.

Answer 24

Answer: B, D

Question 25

Universal containers (UC) implemented a private organization-wide default for the Container and Case objects. 
How can UC give support representatives access to Container and Case records owned by Customer Community users? 

A. Create an ownership-based sharing rule that gives access to the head of support role and internal subordinates
B. Create a criteria-based sharing rule that gives access to the head of support role and internal subordinates
C. Support representatives nil automatically get access to these records via the role hierarchy
D. Create a Share Group based on the sharing set created for the Customer Community User Profile.

Answer 25

Answer: D

Question 26

Universal Containers (UC) has a custom Apex class that enforces a business process and updates opportunity field-level security permissions of read only certain user’s profiles are being updated by their class.

How should the architect fix this problem?

A. Put the code in an class that uses the With Sharing keyword.
B. Use the IsUpdateable() Apex method to test each field prior to allowing updates.
C. Use the With SECURYT_ENFORCED keyword in the SOQL statement.
D. Add With Sharing keyword to the class.

Answer 26

Answer: C

Question 27

Universal Containers (UC) has Affiliates who sell containers in countries’ where UC does not have a local office Community to manage the sales cycle. One of their affiliates has exponentially grown in the last years and .. with the following structure: 
Sales VP ..> Direct of Sales .. > Sales Manager ..> Sales Reps 
UC would like to have the ability to open up access to the sales opportunities according to the above structure. 

What is the main problem a Salesforce Architect will face to provide a solution?

A. Super User does not work in Partner Community.
B. Partner Community does not support Role Hierarchy.
C. The Channel manager Role can not be shared with Partner Community.
D. Partner User Roles are limited to three levels.

Answer 27

Answer: D

Question 28

Universal Containers (UC) sales managers are complaining that they cannot access their teams' Shipment records (a custom object). Initially, the admin suggested that this it happening due to misconfigured role hierarchy (Shipment OWD is Private). Alter investigation, they determined the. role hierarchy for these users is correct. 
What can be the reason why Universal Containers sales managers are not able to see Shipment records? 

A. The Grant Access Using hierarchies option on Shipment Sharing Settings was incorrectly disabled by the Salesforce admin.
B. Role hierarchy Implicit sharing was Incorrectly disabled by the Salesforce adman.
C. Ownership-based sharing rule for Shipment was Incorrectly disabled by the Salesforce admin.
D. Sales managers have only the Read permission on the 5hipment object and should not be able to edit their team records.

Answer 28

Answer: A

Question 29

Universal Containers (UC) operates worldwide with offices in more than 100 regions in 10 different countries and has established a very complex role hierarchy to control data visibility. In the new fiscal year, UC is planning to reorganize the roles and reassign account owners. 
Which three features could an architect recommend to avoid problems in this operation? 

Choose 3 answers

A. Partition data using Divisions 
B. Deferred Sharing Recalculation 
C. Parallel Sharing Rule recalculation 
D. Skinny table 
E. Granular Locking

Answer 29

Answer: B, C, E

Question 30

Universal Containers (UC) wants to reduce the amount of redundant leads entered into the system. UC.. only edited/reassigned by the lead owner.

What organization-wide default (OWD) approach should be recommended to help UC implement these ..

A. Implement a Public Read Only OWD on Lead.
B. Implement a Public Read Only/Transfer OWD on Lead
C. Implement a private OWD on Lead.
D. Implement a Public Read/Write OWD on Lead.

Answer 30

Answer: A

Question 31

Universal Containers (UC) has implemented Customer Community with customer community license for .. any record owned by its customers should be accessible by UC users in the customer support role.

How can an Architect configure the system to support the requirements?

A. Sharing Set
B. Share Group
C. Apex Sharing

Answer 31

Answer: B

Question 32

What advanced tool can Salesforce enable for large-scale role hierarchy realignment?

A. Granular locking
B. Partitioning Division
C. Set external organizational-wide default to public read only
D. Skinny Table Indexing

Answer 32

Answer: A

Question 33

The architect has a requirement to create a criteria-based sharing rule based on the customer Social.. up the rule in Contact Sharing, the field is not shown on the list of available field.

What might cause this?

A. The field has been configured for encryption.
B. The architect does not have permission to Compliance fields.
C. The architect’s profile does not have field level Security (FLS) for this field.
D. fields with validation rules are not available for sharing rules.

Answer 33

Answer: A

Question 34

Universal Containers (UC) tuned off the Customer User Visibility feature inits Customer Community. What community functionality is expected by having the Customer User Visibility tuned off?

A. Creating new Customer community users.
B. Updating their user profile.
C. Searching for other external users.
D. Search for internal users.

Answer 34

Answer: C

Question 35

Universal Containers (UC) is implementing Sales Cloud. During the last quarter of the financial of the financial year, .. They requested a solution in Salesforce to allow them to specify an assistance agent on the opportunity.. the assistance field. The system should automatically remove access from the previous assistant and .. 
What is the optimum solution to meet the requirements? 

A. Use share group to share opportunities with the assistant agent.
B. Use opportunity team and create an assistant field, use apex to share opportunities with the assistant
C. Use sharing rule to share opportunities with the assistant agent.
D. Use apex sharing to share and unicast opportunities with the assistant agent.

Answer 35

Answer: D

Question 36

Universal Containers (UC) has recently changed its internal policy to follow market regulations and create an internal team to manage the collection process. Only this team should have access to Invoke records. currently, invoke is a child in a Master-Detail relationship to Account. Although related lists have been removed from the page layouts, some profiles stills have access to the invoice object.

Which approach should an architect recommend to fix this problem?

A. Create a new Profile with no access to the Invoice object and assign it to all unauthorized users.
B. Create a Permission Set with No Access to the Invoice object and assign it to unauthorized users.
C. Replace Account and Invoke Master Detail Relationship by a Lookup and remove Invoice Access from the unauthorized profiles,
D. Change the Invoke organization-wide default from Controlled by Parent to Private and remove invoke access from the unauthorized

Answer 36

Answer: C

Question 37

Universal Containers’ organization wide-defaults model is private for the Account object. A sales repeats to opportunity records.

Which level of access will the sales rep have to the related account record?

A. No access
B. Read/Create/Edit access
C. Read/Create access
D. Read-only access

Answer 37

Answer: B

Question 38

What advanced tool can Salesforce enable for Large-scale role hierarchy realignments?

A. Set external organization-wide default to public read-only
B. Skinny Table Indexing
C. Granular locking
D. Partitioning by Divisions

Answer 38

Answer: C

Question 39

The Corporate Identity and Access Team needs to audit User setup in the Salesforce .. What two permissions should be granted to this team so they can perform their audit?

Choose 2 answers

A. View permission on the User object
B. View Setup and Configuration
C. View All Users
D. View All Data

Answer 39

Answer: B, C

Question 40

Universal Containers has a large network of partners, who each have seasonal workers that need .. How might the Architect design the solution to federate user setup to the Partners?

Choose 2 answers

A. Assign delegated external administrators at each partner.
B. Grant the Modify Users permission to the partner managers.
C. Allow external users to self register.
D. Create a permission set giving Read/Write to the User object to partner manager.

Answer 40

Answer: A, C

Question 41

Universal Containers uses person accounts to represent retail customers and business accounts to represent commercial customers. The Retail Sales team should not have access to commercial customers but have access to ALL retail customers.
With organization-wide default on Account set to Private, how might the architect meet these requirements?

A. Give View All access for Accounts to the Retail Sales profile.
B. Update Retail Sales profile to grant access to Person Account record type.
C. Create an owner-based sharing rule on AccountContactRelation to grant access to at account contact roles records owned by sales reps.
D. Create a criteria-based sharing rule giving Retail Sales role access to Accounts of type PersonAccount.

Answer 41

Answer: D

Question 42

Universal Containers is planning to pilot a new application to a small set of Sales Reps. What is the optimal way to grant only this Sales Reps access to the new functionality, while hiding ..

A. Clone the Sales Rep profile, adjust settings and assign the pilot users the new profile.
B. Revoke access to legacy function in the Sales Rep profile and create a permission set for the ..
C. Create a permission set to grant access to the new functionality and hide the old functionality.
D. Create new user records for the pilot user that they will use for the pilot.

Answer 42

Answer: A

Question 43

Universal Containers has selected a small and diverse group of users to review Inactive accounts. Given the Private sharing model, a public group was created and made available to this group of users. A sharing rule was created to make inactive Accounts visible to the public group. However some of these users are reporting they don’t see any of the Accounts that were shared with the public group.
what is the underlying Issue for these users?

A. The users are In profiles that have no access to the Account object.
B. The page layout assigned to these mart to different than the Account owner
C. The users have a permission set that only allow Accounts in “Active’ status.
D. The Accounts ire owned by users higher In the role hierarchy.

Answer 43

Answer: A

Question 44

Universal containers (UC) has a partner community for its 200 distributors. UC customer accounts are .. organization-wide default setting for the custom Delivery object is private.

How can an architect advise UC to grant all users at a distributor access to delivery records for all customer distributor?

A. Create a Sharing set for the Distributor profile to grant access to the Delivery object.
B. Create a criteria-based sharing rule that shares delivery records matching the Distributor to user distributor.
C. Give ownership of the delivery record to a distributor user.
D. Create a criteria- based sharing rule that shares delivery records matching the Distributor to users of a Public Group created for the distributor.

Answer 44

Answer: A

Question 45

After testing and deploying a new trigger that does creates a related order when a opportunity is closed, the Architect begins complaints of permission error messages appearing when closing an opportunity.

How did this error occur?

A. The trigger should be using RunAs() when creating the order. 
B. Trigger is using IsCreateable() Apex method and the user doesn't have create permission on the Oder object. 
C. The trigger handlers class does not use any sharing keywords and the user not have access to the orders related to the opportunity. 
D. The trigger handler class is using ''with sharing'' and the user does not have access to the orders related to the opportunity.

Answer 45

Answer: A

Question 46

Sales managers at Universal Containers (UC) have requested viewing customer invoices in Salesforce .. system. The architect at UC decided to surface the customer invoices in Salesforce using external objects a..

Configured an external object called Invoice. Created a lookup relationship between account and the invoice How can the architect grant the sales managers access to the customer invoices data?

A. By creating a sharing set a share invoice with users in a sales manager role.
B. By using manual sharing to share invoices with relevant sales managers.
C. By creating sharing rules to share the invoice records with users in sales manager roles.
D. By controlling the invoices object permission on the sales manager’s profile.

Answer 46

Answer: D

Question 47

Universal Containers (UC) has a custom object to track the internal net promoter score (NPS) for all .. How can UC ensure that NPS records cannot be accessed by an individual employee’s manager?

A. Create a criteria-based sharing rule to remove access to Manager role and above in the Role ..
B. Remove Create, Read, Edit and Delete from Manager Profiles and Permission sets.
C. Use Apex Sharing to remove NPS object share records for Manager profiles.
D. Set organization wide default to Private and uncheck the Access Using Hierarchies option for the NPS object

Answer 47

Answer: D

Question 48

Universal Containers has a customer that meets criteria for two Enterprise territory Management territories (Portugal and Southern Europe).

What is necessary to assign opportunities to a territory for this account?

A. Create a criteria-based sharing rule on the Opportunity to assign It to a territory.
B. Create a Process Builder Process that updates the Territory field on the Opportunity
C. The territory with the highest Territory Type Priority is automatically assigned to the Opportunity
D. Create an Apex class that implement. Filter-Based Opportunity Territory Assignment

Answer 48

Answer: C

Question 49

Universal containers (UC) service reps are assigned to a profile which has ‘‘View All’’ in Case object.. To make sure service reps have access to all relevant information to attend to customer requests, which Architect consider?

A. Service reps will be able to access to Contact records if they are Controlled by Parent.
B. Service reps will be able to access to Contact records due to Implicit Sharing.
C. Service reps will NOT able to access to Contact records because Account OWD is private
D. Service reps will NOT able to access to Contact records if they are controlled by Parent.

Answer 49

Answer: A

Question 50

In order to allow community users to collaborate on Opportunities, which license type must the users.

A. Sales Community
B. Customer Community
C. Partner Community
D. Customer Community plus

Answer 50

Answer: C

Question 51

At Universal Containers there is a team of auditors distributed through the organization that all need access to high-value Opportunities.

With a private sharing model, which two option should an architect recommend when designing a solution for this requirement?

Choose 2 answers

A. Put the auditors as the highest level of the role hierarchy.
B. Add the auditors to the default Opportunity Team.
C. Create a criteria-based sharing rule to give access to the public group for high-value Opportunities.
D. Create a public group and assign the Auditors to the group.

Answer 51

Answer: C, D

Question 52

To reduce the case time resolution and improve customer satisfaction, Universal Containers (UC) wants to allow specialized marketing consultants to have edit access to Case records of VIP customers. These casts should be visible only to the support rep who owns the case and the marketing consultants.
Which recommendation should a Salesforce architect give to allow this scenario?

A. Case organization-wide default Private and Account Team with Read/Edit permission.
B. Case organization-wide default Public Read Only and Case Team with Read permission.
C. Case organization-wide default Private, role hierarchy, and Read Only ownership-based sharing rule.
D. Case organization wide default Private and Case Team with Read/Edit permission.

Answer 52

Answer: D

Question 53

Universal Containers (UC) has a custom Apex class that enforces a business process and updates opportunities. UC has noticed that fields with field-level security permission of read-only on certain users’ profiles are being updated by this class.

How should the architect fix this problem?

A. Add With Sharing keyword to the class,
B. Put the code in an inner class that uses the With Sharing keyword.
C. Use the IsUpdateable() Apex method to test each field prior to allowing update.
D. Use the WITH SECURITY_ENFORCED keyword in the SOQL statement.

Answer 53

Answer: C

Question 54

Sales managers want their team members to help each other close Opportunities. The Opportunity and Account organization-wide defaults are private. To grant Opportunity access to sales reps on the same team, ownership-based sharing rules were created for each team.

What is the side effect of this approach?

A. All sales reps will have Read access to Accounts for all Opportunities.
B. Sales Reps on the same team will have Edit access to the Accounts for Opportunities owned by then team members.
C. Sales reps on the same team will have Read access to the Accounts for Opportunities owned by their team members.
D. All sales reps will have Read access to all Accounts.

Answer 54

Answer: C

Question 55

Sales manager want their team members to help each other close Opportunities. The Opportunity and .. private. To grant Opportunity access to sales reps on the same team, ownership-based sharing rules ..
What is the side effect of this approach?
A. Sales Reps on the same team will have Edit access to the Accounts for Opportunity owned by their.
B. Sales reps on the same will have Read access to the Accounts for Opportunities owned by their.
C. All sales reps will have Read access to all Accounts.
D. All sales reps will have Read access to Accounts for all Opportunities.

Answer 55

Answer: C

Question 56

Universal Containers (UC) has Affiliates who sell containers in countries where UC does not have a local office. UC has leveraged the Partner Community to manage the sales cycle. One of their affiliates has exponentially grown in the last years and restructured its internal sales team with the following structure:
Sales VP …> Direct of sales ..> Sales Manager ..> Sales Reps
What is the main problem a Salesforce Architect will face to provide a solution?

A. Partner Community does not support Role Hierarchy.
B. Partner User Roles are limited to three levels.
C. The Channel manager Role can not be shared with Partner Community.
D. Super User does not work in Partner Community

Answer 56

Answer: B

Question 57

Which two capabilities does the delegated administrator permission provide?

Choose 2 answers

A. Assign users profiles
B. Unlock users
C. Set OWD
D. Create profiles

Answer 57

Answer: A, B

Question 58

Universal Containers (UC) implemented Sales Cloud and requested that sales agents have access to products the company sells and be able to create opportunities for its customers.

What should the Organization-Wide Defaults (OWD) be for pricebook?

A. Public Read Only
B. Pubic Read Write
C. View
D. Use

Answer 58

Answer: D

Question 59

After testing and deploying a new trigger that creates a related order when a opportunity is closed, the Architect begins receiving complaints of permission error messages appearing when closing an opportunity.

How did this error occur?

A. The trigger should be using RunAs() when creating the order. 
B. Trigger is using IsCreateable() Apex method and the user doesn’t have create permission on the Order object. 
C. The trigger handlers class does not use any sharing keywords and the user does not have access to the orders related to the opportunity. 
D. The trigger handler class is using ''with sharing'' and the user does not have access to the order related to the opportunity.

Answer 59

Answer: D

Question 60

At Universal Containers, Accounts and Contacts are normally visible to all employees, and Proposals (custom object) are visible to the Account owner and managers. However, some Proposals are considered confidential and are managed by a Strategic Proposals team. These Proposals should not be visible to anyone in the Sales group other than the owner and the strategic team.
How should the architect design for this requirement?

A. Proposal Owner set to the Strategic Deals Team Queue and set the Account relationship to Master-Detail.
B. Disable Grant Access Using Hierarchies and set an Owner-Based Sharing rule for Strategic Deals team.
C. Proposal Owner set to the Strategic Deals Team Queue and create an owner-based sharing rule to grant visibility to the Account owner
D. Disable Grant Access Using Hierarchies and set a Criteria-Based Sharing rule for Strategic Deals team.

Answer 60

Answer: D

Question 61

To grant Universal Containers sales manager access to shipment records properly, it was necessary to leverage Apex managed sharing. The IT team is worried about improper access to records. Which two features and best practices should a Salesforce architect recommend to mitigate this risk?

2 answers

A. Use runAs system method in test classes to test using different users and profiles.
B. Use with Sharing keyword in Apex classes to assure record visibility will be followed.
C. Use isShareable in Apex classes to assure record visibility will be followed.
D. Use isAccessible keyword in Apex classes to assure record visibility will be followed

Answer 61

Answer: A, B

Question 62

Universal container (UC) use External Object to retrieve Invoice data from a Legacy ERP. A finance team requested to have access to the Invoice records in the account page. 
In addition to objects access in the finance users profile, what other feature should a Sales Architect recommend? 

A. Create a criteria-based sharing rule to grant access to the records.
B. Include the Invoice Related List On Account Page layout.
C. Create an owner-based sharing rule to grant access to the records.
D. Use APEX managed sharing to grant access to the records.

Answer 62

Answer: D

Question 63

Universal Containers has a global 24x7 Salesforce.com implementation that supports Sales, Services, Order Management, and various other parts of their business. They have a nested territory hierarchy, 10,000 sales users, and 20,000 support agents. Territory changes happen daily. The demand for new applications and changes to the platform is high and they follow an agile development methodology and deliver new releases every two weeks on the platform. What Salesforce.com feature would help the system recover from a maintenance restart on Salesforce.com servers?

A. Enable Granular Locking on the system.
B. Enable Deferred Sharing Rule recalculation.
C. Enable Parallel Sharing Rule recalculation.
D. Enable Filter -Based Opportunity Territory Assignment.

Answer 63

Answer: B

Question 64

The Architect at Universal Containers has created a List View to show all open Opportunities that were created in the last month, and would like to make this list view visible to certain groups of users. Which two options are available to the Architect for sharing the List View?

A. Public Groups
B. Profiles
C. Roles and Subordinates
D. Manual Sharing

Answer 64

Answer: A, C

Question 65

Universal Container is a global Telco that has recently implemented enterprise territory management to better align their sales teams and sales processes. They are in Q4 of the FY and they have completely revamped their territory structure and created a plan for a new structure that would support the new FY. Their current territory model has 8k territories. Their new model would be a new set of 8,5K territories, and their org limit is 10k. What enterprise territory management feature can US take advantage of in order to help them stay within their org limits?

A. Territory type priority
B. Territory Type
C. Territory Model State
D. Territory Hierarchy

Answer 65

Answer: C

Question 66

A developer at Universal Container is building an integration within a managed package for their internal org that requires login to an external system. The end point requires basic authentication. The Architect would like to ensure that the username and password are managed securely. Which three options should the Architect recommend to secure the credentials?

Choose 3

A. Store the credentials in a custom object using encrypted fields
B. Store the credentials in named credentials that are used in the apex callout
C. Store the credentials in the apex code, which will not be available to non-admins
D. Store the credentials in protected custom metadata that are used in the apex callout
E. Store the credentials in protected custom settings that are used in the apex callout

Answer 66

Answer: B, D, E

Question 67

User A at Universal Containers is in the default account team for User B. User B owns the ACME account and changed User A’s team member access to the account. What is the impact of this change?

A. Changes affect the default Opportunity team.
B. Changes affect only the ACME Account
C. Changes affect the default Account team.
D. Changes affect all child ACME Accounts.

Answer 67

Answer: B

Question 68

Universal Containers regularly uploads large amounts of parent and child records into Salesforce to maintain integrations with other systems that update their date in scheduled batches or continuously in real time.

Which two situations may pose a risk of producing locking errors? Choose 2 answers.

A. Updates to child records that have the same parent records are being processed simultaneously in separate transactions.
B. Updates to parent and child records are being processed in the same batch.
C. Updates to parent records and their child records being processed simultaneously in separate threads.
D. Updates to parent and child records are being processed synchronously in the same threads.

Answer 68

Answer: A, C

Question 69

Universal Containers has recently activated an integration that synchronizes customer information and orders into their CRM of choice: Salesforce.com. One of their largest customers, United Air, has over 12,000 unique contacts. Since the integration was activated, sales reps are having trouble adding contacts to the United Air account. When a sales rep adds a contact, they get the following error message:UNABLE_TO_LOCK_ROW, This issue seems to affect the United Air account and several other large customers. The sales rep can usually save the contact by trying again later in the evening. What should the Architect recommend as a possible solution?

A. Add a role-based sharing rule so all sales team members have Read/Write access to contacts.
B. Remove sharing rules and replace them with Apex sharing for Unite Air and the other large
C. Implement an account hierarchy and redistribute the contacts evenly under the child accounts.
D. Create a permission set for the sales team to grant them Read/Write access to all account fields.

Answer 69

Answer: C

Question 70

Universal Containers has developed an AppExchange managed package for their distribution partners, which required a private key to be generated for each partner and used by the code. Universal Containers support representatives must be able to access the private key value to debug connection issues, but it must not be possible for the partner to access the value.

How can the Architect best support this requirement?

A. Store the value in a text field on a protected custom setting in the package. 
B. Store the value in a static variable in a class included in the managed package. 
C. Store the value in the text field on a list custom setting in the managed package. 
D. Store the value in an encrypted field on a custom object in the package.

Answer 70

Answer: C

Question 71

Universal Containers has developed an AppExchange managed package for their distribution partners, which required a private key to be generated for each partner and used by the code. Universal Containers support representatives must be able to access the private key value to debug connection issues, but it must not be possible for the partner to access the value.

How can the Architect best support this requirement?

A. Store the value in a text field on a protected custom setting in the package. 
B. Store the value in a static variable in a class included in the managed package. 
C. Store the value in the text field on a list custom setting in the managed package. 
D. Store the value in an encrypted field on a custom object in the package.

Answer 71

Answer: C

Question 72

Universal Containers has implemented a strict software architecture for their custom Apex code. One of the requirements is that all SOQL queries are contained within reusable classes. Depending on the context of the Apex transaction, the queries should be able to run either “With Sharing” or “Without Sharing”. Which two ways allow the Architect to meet these requirements?

Choose 2 answers.

A. Create a reusable SOQLQueries class; do not specify "With" or "Without Sharing" on the SOQLQueries class. 
B. Create a reusable SOQLQueries class; do not specify "With" or "Without Sharing" on the SOQLQueries class and use the runAs() method to dynamically set the context. 
C. Create a reusable SOQLQueries class; specify "With Sharing" on the methods that require user context and "Without Sharing" on the methods requiring system context. 
D. Create a SystemSOQLQueries class and a UserSOQLQueries class; set the "With Sharing" keyword on the User SOQLQueries class and "Without Sharing" on the SystemSOQLQueries class.

Answer 72

Answer: C, D

Question 73

Universal Containers would like to track defects within Salesforce. A defect need to have the following fields:
• Severity
• Type
• Status
• Description
There will be multiple Defects related to the standard Case object. Defects will be assigned to different owners which will often be different to the Case owner.

Which option should the Architect choose to meet the requirement?

A. Create a relationship between the standard defect object and the standard case object.
B. Create a custom object for defects and relate it to cases using lookup
C. Create all defect fields on the case object to track the defect and lookup.
D. Create a custom object for defects and relate it to cases using master –detail

Answer 73

Answer: B

Question 74

In order to comply with Regulatory Requirements, Universal Containers must store sensitive customer information on-premise. Universal Containers would like this on-premise information to be accessible from Salesforce.

What technology can Universal Containers use to achieve this?

A. Implement a third-party tokenization service.
B. Implement an on-premise database.
C. Implement a third-party proxy server.
D. Implement the Salesforce Shield toolkit.

Answer 74

Answer: C

Question 75

Universal Containers has created a Reimbursement Custom Object to capture requests for reimbursement of expenses related to office supplies. The Reimbursement requests are sometimes

sensitive and the Team Leads should not have access to the Reimbursement records submitted by the Users in the Call Center Agent role. The Director of Support will require access to all Reimbursement records. The role hierarchy is set as follows: Call Center Agent role reports to Team Lead role, which Reports to the Director of Support. Which steps would the Architect take to ensure proper sharing in this Role Hierarchy structure assuming Private Sharing Setting for the Reimbursement Object?

A. Leave the Reimbursement Object in “Deployed” Status and set the Director of Supports Profile to “View All” in the object permissions.
B. Use an Approval Process to change the owner of the Reimbursement record upon submission to the Director of Support
C. Disable Grant Access Using Hierarchies for the Object and create a Sharing Rule to enable sharing to the Director of Support
D. The sharing scenario described will occur without any special configuration choices being made by the Architect

Answer 75

Answer: C

Question 76

Which two access grants are stored in the Group Maintenance tables?

Choose 2 answers

A. Inherited access grants
B. Explicit grants
C. Group Membership grants
D. Implicit grants

Answer 76

Answer: A, C

Question 77

Which features does Salesforce provide for restricting login access to the application?

Choose 2 answers.

A. Profile-based login hour restrictions
B. Role-based IP restrictions
C. Organization-wide login hour restrictions
D. Profile-based IP restrictions

Answer 77

Answer: A, D

Question 78

How should the Architect ensure that OBJECT-LEVEL SECURITY is enforce within a custom Visualforce
application that was a standard Apex controller on the Lead object?
A. Use the runAs() method to enforce user permissions in the Apex controller.
B. Use the Schema.DescribeSObjectResultisAccessible() method in the Apex controller.
C. Use the {!$ObjectType.lead.accessible} expression within the Visualforce page.
D. Use the “With Sharing” keyword when defining the Visualforce page.

Answer 78

Answer: C

Question 79

Universal Containers has the following requirements:

• The Commercial Account and Consumer Account support departments should not collaborate.
• The Commercial and Consumer sales users roll up to the same VP of Sales, but there should be no collaboration between sales departments.
• The Commercial sales department should share its customers with the Commercial support department.
• The Consumer sales department shares its customers with the Consumer support department.
• The Commercial and Consumer support departments roll up to the same Support Director.
• The sales departments will remain the Account Owner for the Accounts that they sell to. What is the recommended Org-Wide Sharing Default for Accounts, and how would the Architect enable proper Commercial and Consumer Sales to Support Account Sharing for this scenario?

A. Private Account Sharing with Sharing Rules from Commercial Sales Role(s) to Consumer Support Role(s) and Consumer Sales Role(s) to Commercial Support Role(s).
B. Private Account Sharing with Sharing Rules from Commercial support Role(s) to Commercial Support Role(s) and Consumer Sales Role(s) to Consumer Support Role(s).
C. Read-Only Account Sharing with Sharing Rules from Commercial Sales Role(s) to Consumer Support Group(s) and Consumer Sales Role(s) to Commercial Support Groups(s).
D. Private Account Sharing with Sharing Rules from Commercial Sales Group(s) to Commercial Support Groups(s) and Consumer Sales Group(s) to Consumer Support Group(s).

Answer 79

Answer: D

Question 80

Universal Containers has a Private Sharing Model and restrictive data access settings in place. The data governance team is planning to deploy a master data management tool that will need write access to all system data, and the Architect has been asked to prepare a Data Governance User Profile that has full access to all data regardless of Sharing and CRUD Settings. What is the optimal way to enable this requirement?
A. Ensure the profile has the “Modify All Data permission enabled
B. Create a Sharing Rule for required Objects, on an API Only profile
C. Create an All Data Access app as a default for this Profile.
D. Enable the “Edit Read -Only Fields” permission for this Profile.

Answer 80

Answer: A

Question 81

When writing test methods, what functionality is verified by the system method”runAs()”?

A. Enforcement of a user’s record sharing.
B. Enforcement of user permissions.
C. Enforcement of a user’s field-level security.
D. Enforcement of user’s public group assignments.

Answer 81

Answer: A

Question 82

Universal Containers has successfully implemented a large Service Cloud rollout for their national call center 3 months ago. One of their largest customer accounts, United Automotive, has over 15,000 open cases. Agents are now having trouble opening new cases for United Automotive. When they try to create a case, the following Error messages appear for them UNABLE_TO_LOCK_ROW They notice that this only occurs for the United Automotive account. If they try to save the case again it will usually work, but the problem seems to be happening more and more often. What option should the Architect recommend?

A. Review the Account structure to split the United Automotive account into multiple branch accounts.
B. Review the Customer Service Profile to ensure that they have Read/Write access to the appropriate Case and Account Fields.
C. Review all Case Sharing Rules and consolidate where appropriate to reduce the total number of sharing rules.
D. Review all Account sharing rules to ensure that the Customer Service team has Read/Write access to the United Automotive Account.

Answer 82

Answer: A

Question 83

Universal Containers uses the Case object to track service tickets. They have implemented Case teams to allow multiple support representatives to manage the Cases. Which two "Filter by owner" options would the user see while creating a list view on the Case object? Choose 2 answers 
A. Public Groups 
B. Roles 
C. Queue 
D. My Case Teams

Answer 83

Answer: C, D

Question 84

Universal Containers is a fast-growing company that sells containers globally. It has thousands of dealerships throughout the world where local dealers service Containers sold locally. They recently opened two dealerships in California: NorthCal and SoCal. Universal Containers implemented a new partner community to enable their dealers. Each dealership has a dealer Manager who has all service agents report into them. Assuming a private sharing model, what is the best option to enable dealer managers to have visibility to customer cases within their dealership and not across all dealerships?

A. Create sharing groups that share all cases to all agents under the Dealer manager.
B. Create a batch job that creates sharing rules as needed, based on the cases created.
C. Build a trigger that create manual sharing of cases as needed whenever a new case is created.
D. No changes are needed to the sharing and visibility model to implement this requirement.

Answer 84

Answer: D

Question 85

Universal Containers is designing a new community using the Customer Community license type. They would like to have the users complete survey questions through the community interface and store the responses in a Custom Object that has a lookup to the account object. Any internal user who has access to the account should be able to see all survey responses. All Customer Community users should be able to see surveys filled in by other users for their company, but not surveys for other companies. What are the correct security settings to achieve this?
A. Set all Organization-Wide Default settings to be “Public Read/Write” for both internal and external users.
B. Set all Organization-Wide Default security to be “Private” for both internal and external users and use Sharing Rules to grant the desired access
C. Set all Organization-Wide Default security to be “Public Read/Write” for internal users and “Private” for external users.
D. Set the custom object to be master-detail to the Account and leave the Organization-Wide Default settings as their default values.

Answer 85

Answer: B

Question 86

Universal Containers has a custom object, Employee Review, with an Organization-Wide Default security setting of Private. A user lookup on the Employee Review object is populated when a reviewer is assigned to perform a review. How can this user be granted edit access to the record if they are not the owner?

A. The user will be granted access to the record automatically when the user lookup is populated.
B. Create a workflow rule to share the Employee Review record with the user in the lookup field.
C. Create an Apex trigger to insert an Employee Review Share record with an access level of Edit.
D. Create a criteria-based sharing rule to share the record with the user in the lookup field.

Answer 86

Answer: D

Question 87

Universal Containers has created a custom Sales Operations profile with read and edit access to the Category field on a custom object. There is a new requirement that 3 of the 100 users assigned to the Sales Operations Profile should have read-only access to the Category field.
How can the Architect support this request?
Choose one

A. Create a permission set in the Category field to read-only and assign it to the users.
B. Create a new profile without edit access to Category and assign it to the users.
C. Create a new page layout with the Category Field set to read-only for these users.
D. Create a custom permission to grant read-only access to Category and assign it to the users.

Answer 87

Answer: B

Question 88

Universal Containers is updating its Organization-Wide Sharing Settings for the Account Object from a “Public Read/Write” model to a “Private” model, so that they can hide certain national accounts from sales reps and sales managers. These national accounts should only be accessible by sales directors and above. Universal Container’s Role Hierarchy matches its organizational hierarchy. Which two options should the Architect consider when designing the solution? Choose 2 answers
A. Sales directors will need a sharing rule created so that they can see accounts owned by Sales Users.
B. National accounts must be owned by a user who is above the sales managers in the Role Hierarchy.
C. Apex managed sharing will have to be disabled for the account object to protect the national accounts.
D. If a sales rep is added to the Opportunity Team for a national account, they will gain access to account data.

Answer 88

Answer: B, D

Question 89

Universal Containers has set the Org-Wide Sharing Default for Accounts to Private and has created
some sharing rules to extend access based on certain data access policies. An architect has been asked to review access to a certain set of key customer accounts. How might this review be conducted?
A. Export the Account Share table and review.
B. Run a Report on Sharing in the Admin Console.
C. Log in as each user and Run the All Accounts List View.
D. Use the Sharing button on each customer Account.

Answer 89

Answer: A

Question 90

Universal Containers has a set of Account Management users that should only see Accounts once the Account becomes a customer. The Type field on the Account identifies whether the Account is a Prospect, Customer, Partner or Other. Which two methods could an Architect use to enable this sharing requirement, assuming a private sharing model for Accounts?

Choose 2 answers.

A. Institute a process that calls for the Account Manager to be added to the Account Team once the Account becomes a customer.
B. Create an Account Sharing Rule that shares all Accounts owned by Sales to be shared with Account Management roles and subordinates.
C. Create a Public List View, where Accounts of Type Customer are included and share the List view with the Account Management public group.
D. Create a Criteria-based Sharing rule that shares the Account to the Account Management Group when the Type is Customer.

Answer 90

Answer: A, D

Question 91

Universal Containers, a global corporation of 50,000 users, has a 24x7 call center operated by 20,000 users that includes employees and contractors. Their sales organization is 10,000 strong and they started processing about 100,000 updates to opportunity custom fields called Priority and NextStep. They also started processing 20,000 updates to a highly nested territory hierarchy. There was a third mass update on a Next Step field on the Action Plan custom object that has Case as a lookup field. Users started seeing a Group membership lock error in the system. What is a probable cause for this error?
A. Lock contention due to system-initiated sharing rule recalculation
B. Lock contention on Case records because of Action Plan custom object updates.
C. Lock contention on Territory object because of Territory object updates.
D. Lock contention on Account records because of Opportunity object updates.

Answer 91

Answer: A

Question 92

Universal Containers would like to restrict users’ access to export reports
What option supports this requirement?
A. Remove the “Report Manager” user permission.
B. Remove the Export button from the report page layout.
C. Remove “Allow Export” on the report folder settings.
D. Remove the “Export Reports” profile permission.

Answer 92

Answer: D

Question 93

Universal Containers has recently implemented an integration that is populating 50 custom fields on the account object. They would like these fields to be available to Managers for reporting but do not want them to clutter the page layouts. What should the Architect recommend as a solution?
A. Add the fields to the Managers’ Account Page Layout; mark the page layout section as Collapsed.
B. Grant the Managers access to the fields using a Role-Based Sharing Rule; leave them hidden on the page layout.
C. Add the fields to a Custom Report; grant the Managers’ Role access to the report folder.
D. Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.

Answer 93

Answer: D

Question 94

Universal Containers would like to customize the security and sharing features of Salesforce Account Teams. They have decided to implement a Custom Account Team object. They would like the new enhancement to include all of the features of the existing account team, but also utilize Apex and Visualforce on the custom Account Team object.
Which two different approaches should the Architect consider when designing this enhancement? Choose 2 answers
A. The need to synchronize the AccountTeamMember object with the Custom Account Team object data.
B. The need to maintain the Account_share object based upon the Custom Account Team object data.
C. The need to dynamically create Criteria-Based Sharing rules with Custom Account Team object data.
D. The need to customize Account screens in Visualforce, as the Account_share object cannot be maintained programmatically.

Answer 94

Answer: A, B

Question 95

What is the best practice for testing sharing and visibility changes?
A. Use Administrative and User reports to view the Active Users.
B. Use the Login As feature for a sample user in each role and profile.
C. Use Field Audit Trail to audit the field meta-data and visibility.
D. Use the Sharing button to test Profile and Permission set changes.

Answer 95

Answer: B

Question 96

What feature in Salesforce is needed to restrict access to a custom object that has Public Read/Write access? 
A. Role Hierarchy 
B. Record Type 
C. Page Layout 
D. Profile

Answer 96

Answer: D

Question 97

Which two reasons should the Architect consider regarding the use of Apex Sharing Reasons?

Choose 2 answers

A. Ensuring the developer can more easily troubleshoot programmatic sharing.
B. Ensuring the Share record is not deleted upon ownership change.
C. Ensuring the Share record is deleted upon ownership change.
D. Ensuring there is additional criteria available for Criteria-Based Sharing.

Answer 97

Answer: A, B

Question 98

Which two settings are available in profiles, but not permission sets?

Choose 2 answers.

A. Tab Settings
B. Record Types
C. Page Layout Assignments
D. Login Hours

Answer 98

Answer: C, D

Question 99

Universal Containers has set Opportunity Sharing to Private with Opportunity Teams enabled. Which three options can change the Owner of the Opportunity?

Choose 3 answers.

A. Any Opportunity Team Member on the current Opportunity.
B. The current Opportunity Owner can transfer the current ownership.
C. The System Administrator or a user with the “Transfer Records” permission.
D. The user specified as the Manager on the Owner’s User Profile.
E. Someone above the Opportunity Owner in the Role Hierarchy.

Answer 99

Answer: B, C, E

Question 100

Below are some details regarding the organization at Universal containers:
1. Richard and Kevin are the east sales reps and their manager is Karen the East sales executive. 2. Sam and Wilder are West sales reps and the manager is Wendy, the West sales executive. 3. Bob is the CEO and managers both Karen and Wendy
Universal containers role hierarchy follows their management structure. Richard owns an account, NewCompany, and Kevin owns an account, OldCompany. Karen manually shared her account NewWorld with Kevin. However, she has moved to a new role to lead all Named Accounts, and Phil, who replaced her, is the new owner of NewWorld. Which employees will have access to the NewWorld account?
A. Bob and Phil
B. Bob, Richard, Phil and Kevin
C. Bob, Karen and Kevin
D. Bob, Phil and Kevin

Answer 100

Answer: A

Question 101

A Visualforce controller has a requirement to be written with “Without Sharing” at the top level; however, certain methods within the page still need to enforce the user permissions for creating records and accessing certain fields. Which two methods below would be used to enforce this requirements?

Choose 2 answers.

A. Schema.DescribeFieldResult
B. Schema.getGlobalDescribe
C. UserInfo.getProfileID
D. Schema.DescribeSObjectResult

Answer 101

Answer: A, D

Question 102

Universal Health is planning to store patient notes in Salesforce. Patient notes consist of long text notes taken by a use to document phone calls with a patient. 
A date audit has identified that these notes can contain Personally Identifiable Information (PII) and Personal 
Health Information (PHI). The regulatory requirements state that this data must be encrypted at rest as well as in transit. 
What should the Architect do in order to make sure Universal Health stays compliant? 

A. No action is required; all Salesforce data is encrypted at rest as part of Salesforce’s standard trust measures.
B. Enable Salesforce Shield Platform Data Encryption and mark the patient notes field as encrypted.
C. Create a new Custom Field of type “Text (Encrypted)” and move the patient notes data into the new field.
D. Use an Apex trigger and the Apex Crypto class to encrypt patient notes as soon as they are saved to Salesforce.

Answer 102

Answer: B

Question 103

Universal Containers has implemented a community for its customers using the Customer Community sense type. They have implemented a custom object to store service requests that has a look up to the account record. The Organization Wide Default External Access for the service request object is set to Private. Universal Containers wants their customers to be able to see service requests for their account through the community Customers should not see service requests for other accounts. What Salesforce feature can the Architect use to implement this?

A. Use manual sharing to share the service requests manually when a new community user is added.
B. Use a Sharing Set to share service requests related to the account based on the community user’s profile.
C. Use a Sharing Rule to share service requests to the community user based on their role.
D. Use Apex Managed Sharing to share service requests related to the account to the appropriate community users.

Answer 103

Answer: B

Question 104

Universal Containers has Public Read Only sharing settings on the Opportunity object. What Opportunity access options can the user see while adding account team members to the Account?

A. Read Only
B. Private and Read Only
C. Private
D. Read Only and Read/Write

Answer 104

Answer: D

Question 105

Which two options are available to share a Report or Dashboard folder with other users in the Organization?

Choose 2 answers

A. Profiles
B. Public Groups
C. Roles
D. Teams

Answer 105

Answer: B, C

Question 106

Universal Containers maintains Job information in a Custom Object that contains sensitive information. The only users who should be able to view and edit Job records are the user who owns the record and all users in the Delivery profile. Which three platform sharing tools are required to support the above requirements?

Choose 3 answers.

A. Grant access Using Hierarchy sharing setting on the Job Object set to false.
B. “Modify All” permission for Job Object on the Delivery Profile.
C. Criteria-Based sharing rule for the Delivery Profile on the Job Object.
D. Organization-Wide Default sharing setting of Private on the Job Object.
E. “View All Data” profile permission on the Delivery Profile.

Answer 106

Answer: A, B, D

Question 107

Universal Containers has requirement for the Architect to develop Apex Managed Sharing code for the custom Job object. The sharing settings for the Job object are set to Private.
When assigning access level for the record, which two lines of code will cause a DML exception on insert to the database?
Choose 2 answers
A. Objectname.AccessLevel=’Edit’
B. Objectname.AccessLevel=’All’
C. Objectname.AccessLevel=’None’
D. Objectname.AccessLevel=’Read’

Answer 107

Answer: B, C

Question 108

Universal Containers (UC) has a requirement to expose a web service to their business partners. The web service will be used to allow each business partner to query UC’s Salesforce instance to retrieve the status of orders. The business partner should only be allowed access to orders for which the business partner is the fulfillment vendor. The Architect does not want the business partners to utilize the standard APIs and would prefer a custom API be developed. Which three design elements should the Architect consider in order to ensure the data security of the solution?

Choose 3 answers

A. Query the Orders object with Dynamic SOQL based upon the fulfillment ID.
B. Set the Orders object’s sharing settings to Private in the Org-Wide Defaults
C. Provide each partner with their own Salesforce login set to API Enabled on the profile.
D. Develop a custom Apex web service with a fulfillment ID input attribute
E. Develop a custom Apex web service using the “With Sharing” keyword.

Answer 108

Answer: A, B, E

Question 109

Universal Containers has enabled External Default Sharing and wants to allow for external users to have the External Sharing Default set to Public Read-Only for a custom object. Which two options are valid Internal Default sharing settings for the custom object?

Choose 2

A. Controlled by Parent
B. Public Read/Write
C. Private
D. Public Read Only

Answer 109

Answer: B, D

Question 110

Universal Containers has the following Sharing Settings for their Org:
Account = Private
Contact = Controlled by Parent
Opportunity = Private
Case = Private
They have enabled “Default Account Teams” and have trained users to set up their Default Team. Which three access levels can be set on the Account Team Member?

Choose 3 answers

A. Opportunity Access 
B. Case Access 
C. Contact Access 
D. Contract Access 
E. Account Access

Answer 110

Answer: A, B, E

Question 111

Universal Containers has set Account Sharing to Private with Account Teams enabled. Which two user groups can add team members on the Account?

Choose 2 answers

A. The current Account Owner can add team members.
B. The user specified as the Manager on the Owner’s User record
C. Someone above the Account Owner in the Role Hierarchy with read access
D. Any Account Team Member with read access on the Account

Answer 111

Answer: A,C

Question 112

The Architect notices that there are many duplicate Account records and numerous sharing rules created in Salesforce. What would be the reason?

A. The Organization-Wide Default for the Account object is Private.
B. The Organization-Wide Default for the Account object is Public Read/Write.
C. The Organization-Wide Default for the Account object is Public Read-Only.
D. The Object permissions for the Account object are Create, Read, and Edit.

Answer 112

Answer: A

Question 113

What is required to implement Filter-Based Opportunity Territory Assignment?

A. Define an account assignment with a filter criteria rule for Filter-Based Opportunity Territory Assignment.
B. Define a Territory assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment.
C. Define a custom Apex class for Filter-Based Opportunity Territory Assignment in the system.
D. Define an Opportunity assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment.

Answer 113

Answer: C

Question 114

Which two are potential vulnerabilities in the following code snippet? public class SOQLController { public String name { get { return name;} set {name=value;} } public PageReference query() { String qryString=’SELECT Id FROM Contact WHERE ‘+ ‘(IsDeleted = false and Name like '%’ + name + ‘%'}’; queryResult = Database.query(qryString); retunr null; } }

Choose 2 answers

A. FLS check
B. SOQL Injection
C. Data Access Control
D. Arbitrary Redirects

Answer 114

Answer: B, C

Question 115

What is a workaround to ownership data skew?

A. You can minimize possible performance impacts by not assigning the user(s) to a role.

Answer 115

A

Question 116

When you make changes to roles and groups Salesforce locks the entire group membership table, which makes it impossible to process group changes in multiple threads to increase throughput on updates.

A. Granular Locking

Answer 116

A

Question 117

f you want to create some logic that will share certain records in APEX code, you just have to create special records that will open access to the desired records. The aim is to create records of certain type, for example , all share objects for custom objects are named as

A. MyCustomObject__Share

Answer 117

A

Question 118

By Viewer Access you can see the data in a report or dashboard, but you can’t make any changes, except by cloning it into a new report or dashboard.

A. True
B. False

Answer 118

A

Question 119

Universal Containers has set Partners users who will see records owned by partner users in roles below them in the hierarchy of which roles?

A. Executive, Manager, and User

Answer 119

Answer: A

Question 120

Partner users can access records belonging to users in their account at their same role or lower in the role hierarchy, for Cases, Leads, Opportunities and Custom Objects. Which of the following access has to be given ?

A. Super user permission

Answer 120

A

Question 121

If OWD is Public Read Only, what are sharing access options

A. Read, - Read/Write

Answer 121

A

Question 122

What can be done in Profile which is not in Permission Set

A. Login Hours, Page Layout assignment

Answer 122

A

Question 123

Which of the following is used to encrypt a variety of widely used standard fields, along with some custom fields and many kinds of files.

A. Shield Encryption.

Answer 123

A

Question 124

Universal Containers has a requirement to share Accounts automatically to the users at a field office. They currently have the following setup in their environment:
• Accounts are set to Private in the Org-Wide Default.
• The field office is specified by a lookup in the Account object.
• There are 400 field offices.
• The users in each field office are managed using public groups.
Based upon a lookup relationship field on the Account, how should the Architect meet this requirement?

A. Use Manual Sharing to share the Account with the appropriate field office.
B. Use Account Teams to share the Account with the appropriate field office.
C. Use Programmatic Sharing to share the Account with the appropriate field office.
D. Use Criteria-Based Sharing to share the Account with the appropriate field office.

Answer 124

C

Question 125

For the Universal Containers Commercial and Consumer support departments, having access to Activities for Contacts with which they interact is important. Commercial support users should not see Consumer Accounts/Contacts and Consumer support users should not see Commercial Accounts/Contacts. Assuming the Organization-Wide Default for Activities is set to “Controlled by Parent” what is the minimum level of Sharing access a support user would need to Accounts/Contacts to view associated Activities?

A. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read/Write access to Accounts/Contacts.
B. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Private access to Accounts/Contacts.
C. The users need no access to Accounts/Contacts with the proper Activity Sharing Rules and Profile Permissions for the Accounts Tab.
D. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read only access to Accounts/Contacts.

Answer 125

Answer: D

Question 126

Universal Containers wants to create a way to store sensitive Invoice Data in Salesforce. A User who owns an Account should not see every Invoice, but only invoices that they or their subordinates own. Which two features should be considered during this solution implementation?

Choose 2 answers.

A. Deploy the Relationship between Accounts and the Invoices Object as Master-Detail.
B. Ensure that the Organization-Wide Default sharing for Invoices is set to Private.
C. Create a Workflow that populates the Invoice sharing object upon Insert.
D. Deploy the Relationship between Accounts and the Invoices Object as Lookup.

Answer 126

Answer: A, B

Question 127

Universal Containers has a strict security model enforced through object, field, and row-based security mechanisms. The Architect would like to ensure the security model is being thoroughly tested using Apex automated tests. Which three considerations should be made when using the runAs() method to design Apex until tests?

Choose 3

A. runAs() does not enforce user permissions or field-level permissions in test classes
B. runAs() can be used inside of test classes to validate record-level security
C. runAs() can be used inside of test classes to validate field-level permissions
D. runAs() can be used outside of test classes to bypass record-level security
E. runAs () counts towards total DML statements issued within transaction

Answer 127

Answer: A, B, E

Question 128

Which three areas should the Architect review in order to increase performance of “Record Access” and “Sharing” calculations?

Choose 3 answers.

A. Custom Object data, to ensure that no Account has more than 10,000 Custom Objects that look up to it.
B. Opportunity data, to ensure that no Account has more than 10,000 Opportunity records that are related to it.
C. Record ownership, to ensure that no user owns more than 10,000 Object records in the system.
D. Apex Managed Sharing triggers, to ensure that no trigger is querying more that 10,000 Object records.

Answer 128

Answer: A, B, C

Question 129

The architect at Universal Containers would like to prevent users from editing encrypted fields. Assuming no customizations are implemented, which two options should the Architect choose to support the requirement?

Choose 2 answers

A. Validation Rules
B. Page Layout settings
C. Apex Triggers
D. Workflow Rules

Answer 129

Answer: A, B

Question 130

Which three capabilities are available with Enterprise Territory Management?

Choose 3 answers

A. Create a public group with Territory
B. Share a report or dashboard folder with a Territory
C. Metadata API Support
D. Integration with Collaborative Forecasting
E. Assignment of Territory on Opportunities

Answer 130

Answer: C, D, E

Question 131

Which are two valid use cases for programmatic sharing?

Choose 2 answers.

A. An external system manages user record access.
B. Frequent user ownership changes based on re-alignments.
C. Native sharing functionality does not meet requirements.
D. Setting user ownership for standard and custom objects.

Answer 131

Answer: A, C

Question 132

The Collections department at Universal Containers uses Salesforce to track its efforts. All Invoices and Invoice Line Items are stored in Salesforce. Invoice Line Item object details, such as Quantity and Extended Amount, should be summarized at the Invoice Object level, and all users who can see a given invoice should always see all invoice line items. Without leveraging Apex code, how should an Architect create the relationship between the Invoice object and the Invoice Line Item Object?

A. The Invoice object should have a Master-Detail to the Invoice Line Item Object
B. The Invoice Line Item Object should have a Lookup to the Invoice Object
C. The Invoice Object should have an inner joint to the Invoice Line Item Object
D. The Invoice Line Item Object should have a Master-Detail to the Invoice Object

Answer 132

Answer: D

Question 133

Universal Containers has a Private Sharing Model for the Opportunity object. Sales Rep A at Universal Containers created the Opportunity record and then transferred ownership of the Opportunity record to Sales Rep B. Both Sales Rep A and B have the same role in the Role Hierarchy. What access will Sales Rep A have to the Opportunity after the transfer?

A. Full Access
B. No Access
C. Read/Write
D. Read Only

Answer 133

Answer: B

Question 134

Universal Containers wants to store Payment Term Details on the Account object, but the fields should only be visible on certain record types and for certain user profiles.
How can a System Administrator quickly determine which user profiles, page layouts, and record types include certain fields?

A. Log in as each user profile and view the Account Page Layouts.
B. Use the Field Accessibility Viewer for the fields in question
C. Universally require the field at the field level.
D. Click the Field-Level Security for the field on each Profile.

Answer 134

Answer: B

Question 135

A sales representative at Universal Containers needs assistance from specific product managers when selling certain deals. Product managers do not have access to opportunities they don’t own, as the sharing model is Private, but need to gain access when they are assisting with a specific deal. How can an Architect accomplish the requirement?

A. Create a sharing rule to allow the product manager to access the opportunity.
B. Enable opportunity teams and allow users to add the product manager.
C. Enable account team and allow users to add the product manager.
D. Use similar opportunities to share opportunities related to the product manager.

Answer 135

Answer: B

Question 136

Assuming granular locking is enabled, what activity can happen in parallel to changing a community account owner without risking group membership lock errors?

A. Deletion of a Role
B. Creation of a Role
C. Creation of a Territory
D. Deletion of a Territory

Answer 136

Answer: C

Question 137

Universal Container has a set of Account management users that should only see accounts once the account becomes a customer. The type field on the Account identifies whether the account is a prospect, customer, partner, or other. Which two methods could an Architect use to enable this sharing requirement, assuming a private sharing model for accounts?

Choose two:

A. Create a public list view, where accounts of type customer are included and share the list view with account management public group
B. Institute a business process that calls for the account manager to be added to the account team once the account becomes a customer
C. Create an account sharing rule that shares all accounts owned by sales to be shared with account management roles and subordinates
D. Create a criteria-based sharing rule that shares the account to the account management group when the type is customer

Answer 137

Answer: B, D

Question 138

Universal Containers does not want the Users in the Custom Sales Department Profile to be able to delete Opportunities. How would the Architect prevent a certain set of users from deleting Opportunities?

A. Remove the Delete button from the Opportunity Page Layout and Record Type settings.
B. Create a Validation Rule that checks the User’s Profile before allowing the Is Deleted flag to be set to True.
C. Override the Standard button with a Visualforce Page that warns them that they do not have permission to delete.
D. Remove the “Opportunity Delete” Permission from the Sales Team’s User Profile in the Object Permissions.

Answer 138

Answer: D

Question 139

Universal Containers has created a custom object to store highly confidential client relationship data with Private sharing settings. Which two options would an Architect choose to ensure access only to the record owner and the administrator?

Choose 2 answers.

A. Disable “Grant Access Using Hierarchies.”
B. Disable the “Create” permission on all other profiles.
C. Disable the “Read” permission on all other profiles.
D. Disable the “View All” permission on all other profiles.

Answer 139

Answer: A, D

Question 140

A user at Universal Containers would like to give access to a Report folder to someone else in the organization.
Which two access permissions should the user have to support this requirement?

Choose 2 answers.

A. The “Viewer” Report folder permission
B. The “Editor” Report folder permission.
C. The “Manage Reports in Public Folders” Profile permission.
D. The “Manager” Report folder permission.

Answer 140

Answer: C, D

Question 141

Which users have access to Opportunity records owned by an external user, assuming no other changes to the sharing model have been implemented?

A. The record owner and any user above the external user in the role hierarchy.
B. The record owner only.
C. The record owner and any user below the external user in the role hierarchy.
D. The record owner and all internal users.

Answer 141

Answer: A

Question 142

Universal Containers has junction object called “Job Production Facility”, with 2 master-detail relationships to the Job and Production Facility custom objects. Both master records have a private sharing model.
What statement is true if a user’s profile allows access (Create/Read) to the Job, but no access to the Production Facility Object?

A. The user will be granted read access to the Production Facility record
B. The user will see the junction object and the link to the Production Facility.
C. The user will see the junction object but not the link to the Production Facility.
D. The user will not be able to see the junction object records or the field values.

Answer 142

Answer: D

Question 143

A dummy user at Universal Containers owns more that 10,000 lead records. The system assigned all these leads to a dummy user. This is causing performance issues whenever role hierarchy changes. Which two options should be recommended to improve performance?

Choose 2 answers.

A. Assign ownership to a small number of users.
B. Add the dummy user into a public group.
C. Add the dummy user to the bottom of the role hierarchy.
D. Do not assign a role to the dummy user.

Answer 143

Answer: A, D

Question 144

Universal Containers has just deployed a change to its role hierarchy. A manager is reporting that their staff can now see Accounts that they do not own and should not have access to. How should the Architect troubleshoot?

A. While logged in as the System Administrator, use the Field Accessibility Viewer to view a matrix of who has access to Accounts.
B. While logged in as the one of the Staff members, navigate to a sample account and use the Sharing button to determine who has access.
C. While logged in as the one of the Staff members, navigate to their user record and inspect their profile and role membership.
D. While logged in as the System Administrator, use the Field Accessibility Viewer to view a matrix of who has access to Accounts.

Answer 144

Answer: B

Question 145

Which two options can help mitigate the risks of import failures associated with large-volume bulk data loads?

Choose 2 answers.

A. Minimize user group hierarchy.
B. Defer Sharing Calculation.
C. Increase batch size.
D. Group records by ParentID within a batch.

Answer 145

Answer: B, D

Question 146

Universal Containers has a custom Job object with a private sharing model. Based on the size and location of the Job, different teams must have access to edit the specific Job record. To support this requirement, Apex Managed Sharing has been implemented to share records with the required users. Since the teams change frequently, managed sharing recalculations need to be manually run frequently. What can the Architect do to optimize this process?

A. Change the sharing model on the Job object to Public Read/Write.
B. Create a scheduled job to automatically run the sharing recalculations on a nightly basis.
C. Create public groups for each team, and share the jobs with the groups instead of users.
D. Create a custom Visualforce page to edit the jobs and specify Without Sharing on the controller.

Answer 146

Answer: C

Question 147

Which three advanced tools can Salesforce enable for large-scale role hierarchy realignments in organizations with large data volumes?

Choose 3 answers.

A. Partitioning by Divisions 
B. Granular Locking 
C. Parallel Sharing Rule Recalculation 
D. Deferred Sharing Calculation 
E. Skinny Table Indexing

Answer 147

Answer: A, D, E

Question 148

Universal Containers would like to create a custom team solution that can be used on a custom Loan object. The following requirements must be met:
The Loan custom object should be set to Private in the Org-Wide Defaults.
Any user added to the Custom Team object should have Read Only access to the corresponding Loan record. If the Custom Team record is marked as “Primary” then the corresponding user should have Read/Edit access to the corresponding Loan record.
Which two methods will allow the Architect to meet the requirements?

Choose 2 answers.

A. Create a custom trigger on the Custom Team object that inserts or updates records in the Loan_share object.
B. Create a criteria-based sharing rule on the Loan object that will share the Loan record with the appropriate user in the Custom Team object.
C. Create Apex Sharing Reasons on the Loan object to identify the reason the Loan record was share.
D. Create an owner-based sharing rule on the Custom Team object that will share the Loan record to the owner of the Custom Team record.

Answer 148

Answer: B, D

Question 149

Universal Containers has a custom object to maintain Job information with a private sharing model. The Delivery group is distributed through the Role Hierarchy based on geography. As the Delivery group often collaborates on Jobs, all users in the Delivery profile required View access to all Job records. In special case, the Delivery user who owns a job must be able to grant a Product Development user access to a Job record. Which two platform features can be used to support these requirements?

Choose 2 answers

A. Criteria-based Sharing Rules
B. “View All” Profile settings
C. Owner-based Sharing Rules
D. Manual Sharing

Answer 149

Answer: B, D

Question 150

Universal Containers created a custom object called Defect and would like to enable the Sharing button on the Defect page layout to share the records manually to other users in the organization. In which scenario will the Sharing button appear?

A. The Sharing model is either Private or Public Read only.
B. The Sharing button always appears.
C. The Sharing model is Public Read/Write.
D. The Sharing model is Public Read/Write/Transfer.

Answer 150

A

Question 151

At Universal Containers, users should only see Accounts they or their subordinates own. All Accounts with the custom field “Kay Customer” should be visible to all Senior Account Managers. There is a custom field on the Account record that contains sensitive information and should be hidden from all users, except 3 designated users who require view and edit access. These three users come from different user groups, and will change occasionally. Which three platform security features are required to support these requirements with the minimum amount of effort?

Choose 3 answers

A. Criteria-Based Sharing Rules 
B. Owner-Based Sharing Rules 
C. Role Hierarchy 
D. Apex Managed Sharing 
E. Permission Sets

Answer 151

Answer: A, C, E

Question 152

Universal Containers (UC) works with a dealer network to sell their products. There are approximately 5,000 dealers that do business with UC and UC has purchased a Partner Community to interact with each of their dealers on Opportunities. Each dealer is structured so that there are a group of managers who will oversee a larger team of agents. UC would like to set the Organization Wide Defaults to Private for the Opportunity object, both internally and externally. Within each dealer, there are a few agents called Lead Agents who should be able to see the Opportunities for all of the other Agents at the dealer. What is the optimal solution for an Architect to recommend?

A. Add a Sharing Set that shares Opportunities to the Lead Agent based on the Lead Agents Account.
B. Build an Apex Managed Sharing rule that will assign specific Opportunities to Lead Agents.
C. Grant Super User access to the Lead Agents as part of the Community user setup.
D. Create a Sharing Rule to share opportunities to the owner’s manager’s role and below.

Answer 152

C

Question 153

Universal Container is creating a custom VF page to allow user to edit contact records. The developer has used an apex:outputField for the Phone field on the contact obj. What is the expected behavior if a user without FLS accesses the VF page?

A. The user encounters an error while saving the record
B. The field is automatically removed from the page
C. The output field is visible to user
D. The user is able to enter a value into the phone field

Answer 153

B

Question 154

Universal Containers has Controlled by Parent sharing settings on the Contact object and Public Read Only sharing settings on Account, Opportunity, and Case objects. Which two options can the user see while adding Account team members to the Account?

A. Case Access
B. Opportunity Access
C. Contact Access
D. Activity Access

Answer 154

Answer: A, B

Question 155

Universal Containers has a private sharing model on Accounts. Apex Managed Sharing is required to share certain account records with all users who are assigned to a specific Role in the Role Hierarchy. What should be the recommended way for the Architect to implement this?

A. Create an AccountShare record associated to a public group containing the Users in the Role.
B. Create an AccountShare record associated to each user who is assigned to the Role.
C. Create an AccountShare record associated to the required Role.
D. Create an AccountShare record associated to a public group containing the Role.

Answer 155

Answer: A

Question 156

Universal Containers is implementing a community of High-Volume Community users. Community users should be able to see records associated to their Account or Contact record. The Architect is planning to use a Sharing Set to provide access to the records. When setting up the Sharing Set, certain objects are not available in the list of Available Objects.

Which two reasons explain why an object is excluded from the list of Available Objects in a Sharing Set?

A. The object is a custom object, and therefore not available for a sharing set.
B. The object’s Organization-Wide sharing setting is set to Public Read/Write.
C. The object’s Organization-Wide sharing setting is set to Private.
D. The custom object does not have a lookup to Accounts or Contacts.

Answer 156

Answer: B, D

Question 157

The System Administrator at Universal Containers has created two list views called ListV1 and ListV2.
One group of users should only see ListV1 and the second group of users should only see ListV2. Two public groups were created to restrict visibility to the respective list views. However, users in both groups are able to see both list views. What system permission in their profile enabled the users to see all list views?

A. Manage Custom List Views
B. Manage Private List Views
C. Manage Public List Views
D. Manage Custom Permissions

Answer 157

Answer: C

Question 158

What should the Architect do to ensure Field-Level Security is enforced on a custom Visualforce page using the Standard Lead Controller?

A. Use the “With Sharing” keyword on the Standard Lead Controller.
B. Nothing; Field-Level Security will automatically be enforced.
C. Use the {!Schema.sObjectType.Lead.fields.isAccessible()} expression
D. Use the Schema.SObject.Lead.isAccessible() method.

Answer 158

Answer: B

Question 159

In order to comply with regulatory requirements, Universal Health must encrypt all Personally Identifiable Information (PII), both while it is being transmitted over the network and while it is at rest. Universal Health has completed a data audit and has determined that 12 fields on the contact record can contain PII, including the contact name and several other standard fields. Universal Health would like the fields to remain accessible in Salesforce. Which two options does Universal Health have to maintain compliance?

Choose 2 answers.

A. Implement a custom Apex trigger to automatically encrypt the PII data using the Apex Crypto Class.
B. Update the field type of each of the 12 fields to “Text (Encrypted)” so that they are encrypted at rest.
C. Enable Salesforce Platform Encryption and select the 12 contact fields to be encrypted.
D. Use an external, third party encryption service to encrypt PII before it enters Salesforce.

Answer 159

Answer: B, C

Question 160

Universal Containers has requirement to integrate Salesforce with an external system to control record access.
What option should the Architect consider when designing a solution?

A. Use the Security API to modify the role hierarchy in Salesforce.
B. Use the SOAP API to maintain the related SObject_share records.
C. Use the Metadata API to maintain the related SObject records.
D. Use the SOAP API to create new Criteria-Based Sharing Rules in Salesforce.

Answer 160

Answer: B

Question 161

Besides their own team accounts, sales managers at Universal Container need to have READ access to all other countries.
Role hierarchy was implemented accordingly (based on countries) but a Sales manager in the US comp records of the same segment in Canada.
What should be done to grant access in a proper way?

A. Create criteria-based sharing rule to grant access to account records that have the same segment.
B. Create owner-based sharing rule to grant access to account records that have the same segment.
C. Create a public group and include all accounts of the same segment and grant access through.
D. Change the role hierarchy and put all the sales managers in the US and Canada as the same role.

Answer 161

Answer: B

Question 162

To grant Universal Containers sales managers access to shipment records properly it was necessarily to the IT Team is worried about improper access to records.
Which two features and best practices should a Salesforce architect recommended to mitigate the risk?

Choose 2

A. USe isShareable keyword in Apex classes to assure record visibility will be followed
B. Use runAs system method in test classes to test using different users and profiles.
C. Use With Sharing keyword in Apex classes to assure record visibility will be followed
D. User isAccessable keyword Apex classes to assure recor visibility will be followed.

Answer 162

Answer: C,D

Question 163

Universal Container (UC) wants all full-time internal employees to be able to view all leads. A subset of employees should also be able to see leads. 
Which organization default (OWD) approach should an architect recommend that will help US employee? 

A. Implement a Public Read/write OWD on Lead
B. Implement a Public Read only OWD on Lead
C. Implement a Public Read/write/Transfer OWD on Lead.
D. Implement a Private OWD on Lead.

Answer 163

Answer: D

Question 164

Susan posts a file to the Chatter feed for a record of an object.

Which two statements accurately describe who can view the file by default?

A. Susan and users with a shared Chatter post for the file.
B. Susan and users with the View all Data permission.
C. Susan and users with access to the record.
D. Susan only

Answer 164

Answer: B,C

Question 165

How would you make sure Visualforce page is security proof?

Choose 3 answers

A. Manually check for cross site 
B. Manually check for sql injection 
C. Submit to force security scanner 
D. Use web application tool for security 
E. Use debug to check hijacked requests

Answer 165

Answer: C, D, E

Question 166

Which two options provide implicit record access to users?

Choose 2 answers

A. Read-only access to parent account for a user, based on a criteria-based sharing rule
B. Read-only access to parent account for a user with access to a child case
C. Access to child opportunities for the owner of the parent account
D. Access to related leads for the owner of the parent campaign

Answer 166

Answer: B, C

Question 167

Universal Containers has developed Apex code to manually create AccountShare records to grant specific users access to individual Accounts. What must the Architect do to ensure the AccountShare records are not deleted when the owner of the Account is changed?

A. Create the share records and set the RowCause to a custom Apex Sharing Reason
B. Create the share records in a class with the “Without Sharing” keyword
C. Create the share records with the Delete on Owner Change field set to false
D. Create the share records and set the RowCause to Manual

Answer 167

Answer: A

Question 168

Universal Containers has the following requirements: A custom Loan object requires Org-Wide Defaults set to Private. The owner of the Loan record will be the Loan Origination Officer. The Loan record must be shared with a specific Underwriter on a loan-by-loan basis. The Underwriters should only see the Loan records for which they are assigned. What should the Architect recommend to meet these requirements?

A. Use criteria-based sharing rules to share the Loan object with the Underwriter based upon the criteria defined in the criteria-based sharing
B. Create a lookup relationship from the Loan object to the User object. Use a trigger on the Loan object to create the corresponding record in the Loan share object
C. Create a master-detail relationship from the Loan to the User object. Loan records will be automatically shared with the Underwriter
D. Create an Apex Sharing Reason on the Loan object that shares the Loan with the Underwriter based upon the criteria defined in the Sharing Reason

Answer 168

Answer: B

Question 169

A Sales Rep at Universal Containers wants to create a dashboard to see how his sales numbers compare with his peers. Assuming a Private model, which two permissions would the Sales Rep need to meet this requirement?

A. Manage Custom Report Types
B. Customize Application
C. Manage Dashboards
D. View All Data

Answer 169

Answer: C, D

Question 170

Universal Containers has two custom objects: Job and Job Interview. The Job Interview object has a lookup relationship to Job. Both objects are set to Private in sharing settings. The HR team will own all Job and Job Interview records. They have asked their Salesforce Architect to automatically share the Job Interview when the Interviewer (lookup to user record) has been populated. The interviewer can be from any department. What method should the Architect use to achieve this requirement?

A. Build apex Managed Sharing code to share Job Interview with the Interviewer user
B. Build a criteria-based sharing rule between the Job Interview and the Interviewer
C. Build a standard sharing rule between Job Interview and the Interviewer
D. Build a workflow email notification to notify the interviewer of the record assignment

Answer 170

Answer: A

Question 171

What is the security vulnerability in the following code snippet? Value of my Textfield is

A. SOQL Injection
B. Arbitrary Redirects
C. Cross-Site Scripting
D. Access Control

Answer 171

Answer: C

Question 172

A custom invoice object has been created with a master-detail relationship to account. The Account receivable (AR) team needs access to Invoices AR users do not own nor have access to Account records. Account OWD is set to Private. The AR team is unable to find Invoices in List views, Reports, nor in Global Search. The Architect has been asked to help troubleshoot. What could be the issue preventing AR team members from seeing invoices?

A. A sharing rule is missing to share Invoices to the AR team.
B. The AR team profile needs to be assigned an Invoice Page layout.
C. A sharing rule is missing to share Accounts to the AR team.
D. The Accounts receivable profile does not have read Permission to the Invoice Object.

Answer 172

Answer: C

Question 173

Universal Containers (UC) is in legal dispute regarding several orders. UC has found out these records were removed from system. The VP of Sales has asked to ensure this cannot happen in the future. What approach would meet this requirement?

A. Remove the delete button from the Order page layout.
B. Change the record type/page layout assignment for orders to be read-only.
C. Remove order delete permission from profiles and permission sets.
D. Implement a sharing rule that changes access for the records to read.

Answer 173

Answer: C

Question 174

Universal Containers has expanded to sell virtual containers for data storage. Virtual
container work orders are provisioned immediately by the system and therefore cannot be changed by a sales representative. What is an optimal approach to implement these
requirements?

A. Remove the Work Order Edit permission from the sales representative Profile.
B. Remove the edit button from the work order page layout.
C. Change the record type/page layout assignment for Work Order to be Read Only.
D. Implement a sharing rule that changes access for all Work Order to Read.

Answer 174

Answer: A

Question 175

Universal Containers (UC) service reps are assigned to a profile which has “View All” in Case object (Private OWD). To make sure service reps have access to all relevant information to attend to customer requests, which two details should a salesforce Architects consider?

Choose 2 answers:

A. Service reps will be able to access all UC contact records if they are controlled by parent.
B. Service reps will not be able to access all UC contact records if they are controlled by parent.
C. Service reps will be able to access all the UC Account records due to Implicit Sharing.
D. Service reps will not be able to access all the UC Accounts records because Account OWD is private.

Answer 175

Answer: B, D

Question 176

Susan posts a file to the chatter fees for a record of an object which OWD is private. Which two statements accurately describe who can view the file by default?

Choose 2 answers.

A. Susan and users with the View All Data permission.
B. Susan and users with access to the record.
C. Susan and users with a shared chatter post link to the file.
D. Susan only.

Answer 176

Answer: A, B

Question 177

Universal Containers (UC) turned off the customer visibility feature in its customer 
community. What community functionality is impacted by having the customer user 
visibility turned off? 

A. Searching for the external users.
B. Updating their user profile.
C. Creating new customer community users.
D. Searching for internal users.

Answer 177

Answer: A

Question 178

Universal containers has a customer that meets criteria for two Enterprise Territory
Management territories (Portugal and Southern Europe). What is necessary to assign
opportunities to a territory for this account?

A. Create a process builder process that updates the territory field on the opportunity.
B. The territory with the highest territory type priority is automatically assigned to the opportunity.
C. Create an Apex class that implements Filter-Based Opportunity Territory Assignment.
D. Create a criteria-based sharing rule on the opportunity to assign it to a territory

Answer 178

Answer: B

Question 179

A junior Account manager owns an account and creates a new opportunity to manage complex deal. She needs the help of the product specialist and solution engineer. Given the size of this deal, she knows the account is likely to be reassigned to a senior account manager in the near future. What is the optimal way for the junior account manager to share the opportunity, given the private sharing model?

A. Manual Share on the Opportunity.
B. Opportunity Team.
C. Manual share on the Account.
D. Create an Owner-based sharing rule.

Answer 179

Answer: B

Question 180

Which two objects support creating queues?

Choose 2 answers.

A. Account.
B. Opportunity.
C. Lead.
D. Case.

Answer 180

Answer: C, D

Question 181

Universal Containers has built a recruiting application on the salesforce Platform. HR requested that all internal users should have edit access to the referral custom object. One of the recruiters needed to share a referral record with another colleague for collaboration using manual sharing. The recruiter opened the referral record and could not find the share
button. What could be the technical reason for this?

A. The Referral object OWD is private.
B. The Referral object OWD is public Read/Write.
C. The Referral object OWD is public Read only.
D. The Referral object OWD is public Full Access.

Answer 181

Answer: B

Question 182

Sales manager at universal containers (UC) have requested viewing customer invoices in Salesforce. Invoice data is mastered in the ERP system. The architect at UC decided to surface the customer invoices in salesforce using external objects and did the following: -Configured an external object called Invoice.
-Created a lookup relationship between account and the invoice.
How can the architect grant the sales managers access to the customer invoices data?

A. By creating sharing rules to share the invoices records with users in sales mangers roles.
B. By creating manual sharing to share invoices with relevant sales managers.
C. By creating controlling the invoices object permission on the sales manager’s profile.
D. By creating a sharing set to share invoices with users in sales manager role.

Answer 182

Answer: C

Question 183

Sales Operations at Universal Containers (UC) has created Public Report and Dashboard folders for sales managers that report to the VP of sales. Sales Operations currently spends a few hours each month updating users that should have access to edit items in these folders. In which two ways can UC grant access to sales managers to automate access to these Reports and Dashboards folders?

A. Share the folders lowest roles in the role hierarchy, Superiors will get access automatically.
B. Share the folders with the “VP of Sales” Role and Subordinates.
C. Share the folders with the “Sales Managers” Queue.
D. Share the folders with a “Sales Managers” Public Group.

Answer 183

Answer: B

Question 184

Universal Containers (UC) has 600 sales reps. UC has rollout plan to deploy salesforce in 3 weeks. At the end of the second week, they received a “User Role Limit Exceeded” error. 
After investigation, they discovered that during the user provisioning process, a new role was generated for every new user. 

Which two recommendations could solve this problem?

Choose 2 answers.

A. Review the user provisioning process to not automatically create a user role for any new user.
B. Remove role hierarchy from salesforce org and control the record access using apex managed sharing.
C. Contact salesforce support and request to increase the number of users’ roles allowed.
D. Create an Apex class to replace the User Roles by generic one as soon as they are created.

Answer 184

Answer: A, C

Question 185

Universal Containers (UC) wants all full-time internal employees to be able to view all leads. A subset of Contractors and temporary employees should also be able to see leads. Which organization-wide default (OWD) approach should an architect recommend that will help UC implement these requirements?

A. Implement a Public Read Only OWD on Lead.
B. Implement a Public Read/Write/Transfer OWD on lead.
C. Implement a Private OWD on Lead.
D. Implement a Public Read/Write OWD on Lead.

Answer 185

Answer: D

Question 186

Universal Containers (UC) is a non-profit organization and has over 20,000,000 members (donors). The company decided to assign those accounts to Donations Reps based on their regions. Donations Reps ended up owning over 50,000 donors each. The donation reps started to see significant degradation of the system performance. What could be the reason for this problem?

A. The Donations Reps access to the assigned accounts.
B. Salesforce sharing recalculation kicked off.
C. There is an Account ownership data skew problem.
D. The Account (donor) object OWD is Private.

Answer 186

Answer: C

Question 187

Universal Containers (UC) uses a custom lightning component with an Apex class to display shipment information (custom object, private OWD). UC sales managers are complaining about two important points: 
● Shipment records that belong to their teams can be seen by other users. 
● Shipment amount should be visible only by managers, but sales reps are able to view it.Which two features did the development team miss that is causing the problems? 

Choose 2 answers.

A. Use runAs in test class to enforce user permissions and field-level permissions. 
B. Use With Sharing keyword in Apex classes to enforce sharing rules evaluation. 
C. Use isSharable keyword in Apex classes to assure record visibility. 
D. Use isAccessible() method in Apex classes to check field accessibility

Answer 187

Answer: B, D

Answer for B -
https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/apex_classes_key words_sharing.htm

The “with sharing” keyword allows you to specify that the sharing rules for the current user are considered for the class. You have to explicitly set this keyword for the class because Apex code runs in system context. In system context, Apex code has access to all objects and fields— object permissions, field-level security, sharing rules aren’t applied for the current user. This strategy ensures that code doesn’t fail to run because of hidden fields or objects for a user.

Question 188

Universal Containers (UC) has implemented Service Cloud. There is a flag field on the case object that marks a case as (Sensitive). UC requested that this flag can be viewed by all users who have access to the case but only be edited by the assigned case assessor. The case assessor is a lookup field on the case object. How can an architect achieve this requirement?

A. Permission Set.
B. Object Permissions.
C. Custom Lightning Component.
D. Field-level security

Answer 188

Answer: C

Question 189

Universal Containers (UC) has 200 distributors that use Partner Community Licenses. 
Partners cannot see each other’s data, but UC is also trying to give more visibility to certain individuals at a distributor. Which scalable solution would an architect recommend that will give users in the partner manager role access to all Case and Container records owned byother partner managers and partner users (but not the partner executive) at the same distributor? 

A. Create Sharing sets.
B. Create a permission set granting the View All permission to Case and Container records.
C. Give Super User permission to the partner manager users.
D. Create ownership-based sharing rules for your distributors.

Answer 189

Answer: C

Question 190

The sales managers at the Universal Containers (UC) requested their teams to define each user’s role on their accounts in order to provide an easy way to establish accountability and collaboration. Sales managers also requested that sales associates should only get the following permissions: ● Read access to the accounts.
● Read access to cases related to the accounts
● No access to deals related to the accounts
The sales associates may be granted access to opportunities when needed.
Assuming the overall sharing model of the organization is private and no sharing rules are configured on
the account object.

How can an Architect achieve these requirements?

A. Use Account teams and use Sharing rules to share cases with sales associates. No change required to the opportunity object
B. Use Account teams, Case teams. No configuration required for the opportunity object. C. Use Account teams, Opportunity teams, and Case teams.
D. Use Account Teams to define access to accounts as well as opportunities and cases related to accounts

Answer 190

Answer: D

Question 191

By default, how many roles are created when the first external user is created on a partner account?

A. 0
B. 3
C. 2
D. 1

Answer 191

Answer: B

Question 192

A sales rep at Universal Containers (UC) is a member of the Default Opportunity team for an account manager. The account manager created an opportunity and the sales rep is added to that Opportunity team.
The sales rep is complaining about no longer having access to an opportunity record that the sales rep was helping with.
What is the cause of this problem?

A. The Account team was changed and consequently the Opportunity team members were replaced by the Account team members.
B. The Sales rep was manually removed from the Opportunity team.
C. The Sales rep was removed from the Opportunity team in another opportunity record of the same account.
D. The opportunity owner can enable/disable if the “Default Opportunity team” is able to access the record

Answer 192

Answer: B

Question 193

The architect at Universal Containers is trying to ensure that security vulnerabilities are not present within the Salesforce organization.
What two tests should the architect verify?

Choose 2 answers

A. Test Cross-Site Scripting on Apex queries.
B. Test Cross-Site Scripting on custom pages.
C. Test for SOQL Injection.
D. Test for invalid user access attempts.

Answer 193

Answer: B, C

Question 194

Users at Universal Containers are complaining that a field has disappeared from the Account page after deploying its latest project. The page layout has not changes with this deployment. How should the admin troubleshoot this issue?

A. Review change to Account record types.
B. Log in as user and check several Accounts to isolate the problem records.
C. Run a Who Sees What report, filtering on Account.
D. View Field Accessibility in the Object Manager

Answer 194

Answer: D

Question 195

What vulnerability can exist when controllers use dynamic rather than static queries and bind variables?

A. SOQL Injection.
B. Buffer Overflow Attacks.
C. Cross-site scripting.
D. Record Access Override.

Answer 195

Answer: A

Question 196

Universal Containers (UC) is implementing Sales Cloud. During the final quarter of the financial year, sales managers help each other close deals. They requested a solution in Salesforce to allow them to share opportunities with other sales managers from different teams as needed. They also requested that sharing deals should expire automatically two weeks after the new fiscal year starts. 
Which two options to propose a solution to meet the requirements? 

Choose 2 answers

A. Apex Sharing to share opportunities with sales managers.
B. Scheduled Apex job to remove access.
C. Opportunity team to share opportunities with sales managers.
D. Sharing Rules to share opportunities with sales managers.

Answer 196

Answer: B, C

Question 197

Universal Containers (UC) implemented Sales Cloud and requested that only certain branch staff trained to sell high risk products can create opportunities for high risk products. 
In which two ways can an Architect allow only specific branch staff to sell high risk products? 

Choose 2 answers

A. Set Price Book Organization Wide Default to View Only and share the price book (High Risk) with the trained staff.
B. Configure Price book Organization wide default to No Access.
C. Share (High Risk) price book with the trained staff via manual sharing.
D. Share (High Risk) price book with the trained staff via sharing rule.

Answer 197

Answer: A, C

Question 198

Universal Containers has selected a small and diverse group of users to review inactive accounts. Given the Private sharing model, a public group was created and made available to this group of users. A sharing rule was created to make inactive Accounts visible to the public group. However some of these users are reporting they don’t see any of the Accounts that were shared with the public group.
What is the underlying issue for these users?

A. The users have a permission set that only allow Accounts in “Active” status.
B. The Accounts are owned by users higher in the role hierarchy.
C. The users are in profiles that have no access to the Account object.
D. The page layout assigned to these users is different than the Account owner.

Answer 198

Answer: C

Question 199

Bob uploads a PDF to his Files Home private library.
Who can view this file?

A. Bob and users above Bob in the role hierarchy
B. Bob and users with View All Data permission
C. Bob and users with Modify All Data permission
D. Only Bob

Answer 199

Answer: D

Question 200

Universal Containers (UC) is a fast-growing company that sells containers globally. It has thousands of dealerships throughout the world where local dealers service containers. UCimplemented a new Partner Community for its dealers. Each dealership has a dealer manager who manages the service agents. The community-sharing model is private. 
What is the optimal option to give dealer managers visibility to customer cases only raised by their service agents? 

A. Change external organization-wide default of case object to public read only.
B. Create a sharing rule to share cases created by service agents with their dealer manager.
C. Using the role hierarchy, the cases raised by service agents will be visible to their relevant dealer managers.
D. Create a sharing set to share cases created by service agents with their dealer manager.

Answer 200

C

Question 201

Universal Computers (UC) is looking to expand its delivery capabilities through a network of distributors that use a Partner Community license. UC employees currently can view all delivery records through the organization-wide default (OWD) setting of Public Read Only.

Which approach would an architect recommend to limit the records a distributor can see?

A. Create an ownership-based sharing rule to grant access to the distributor.
B. Remove Read permission from the distributor profile.
C. Set the External OWD to Private for the Delivery object.
D. Create a criteria-based sharing rule to grant access to the distributor

Answer 201

C

Question 202

Universal Containers (UC) delivers training in 500 different regions. The UC Operations Users team manage course setup, scheduling, and trainer setup. The Operations Users team members work at a regional level and report to an Operations manager. The Operations manager requested access to edit ALL scheduled courses owned by the Operation Users team. How can this be achieved?

A. The Operations manager will get access to the scheduled courses by granting the Operations manager modify ALL on scheduled courses.
B. The Operations manager will get access to the scheduled courses owned by the Operations Users team defined in the role hierarchy.
C. The Operations manager will get access to the scheduled courses by creating an
ownership-based sharing rule and share the scheduled courses with the Operations manager.
D. The Operations manager will get access to the scheduled courses by creating a public group and add the Operations manager and the Operations Users team to the public group

Answer 202

B

Question 203

Assuming Person Account is enabled in a Salesforce organization, which three objects can be configured as “Controlled by Parent” in Sharing Settings?

Choose 3 answers

A. Opportunity 
B. Order 
C. Asset 
D. Contact 
E. Case

Answer 203

Answer: B, C, D

Question 204

Universal Containers (UC) has a mostly private organization-wide default (OWD), as it is a core principle of UC to respect client data privacy. UC has implemented complex processes for granting access to Opportunity data. A few key members of the Sales Reporting team need to always be able to see, but not change, Opportunity data for all Opportunities. 
What should an architect recommend as an approach to meet these requirements? 

A. Create a Permission Set that grants “View All Data” Permission.
B. Make Opportunity OWD read-only.
C. Give “View All Data” Permission to the Sales Reporting Profile.
D. Create a Permission Set that grants “View All” permission for Opportunity.

Answer 204

Answer: D

Question 205

Universal Containers (UC) enables customers to manage issues using a Customer 
Community license. The Case external organization-wide default is set to Private. Currently community users can only see cases they created. 
What can be done to allow community users to see all cases for their account? 

A. Write an Apex class to create manual shares for these users.
B. Ensure the criteria-based sharing rule applies to all users.
C. Create a sharing set for these customers.
D. Upgrade the licenses to Customer Community Plus.

Answer 205

Answer: C

Question 206

Sales executives at Universal Containers (SC) want to create list views to filter opportunities for large at-risk Opportunities. These list views should only be available to certain executives
that specialize in closing problematic deals. How can UC solve this requirement?

A. Share the List Views with the appropriate Role in the Role Hierarchy.
B. Share the List Views with the appropriate Public Group.
C. Share the List Views with the appropriate individual users.
D. Share the List Views with the appropriate Queue.

Answer 206

Answer: B

Question 207

Universal Containers (UC) delivers training and courses to students and companies. UC is implementing a Salesforce Customer Community for its students granting them a Customer Community license. As part of the community requirements, UC asked to give students access to cases that are related to their account in the UC community.

What is the optimum sharing technique that can achieve the requirements?

A. Create a sharing rule to share cases with the students.
B. Create a share group to share cases with the students.
C. Create a sharing set to share cases with the students.
D. Use Apex sharing to share cases with the students.

Answer 207

Answer: B

Question 208

Which two options can be selected to share data with when creating a sharing rule?

Choose 2 answers

A. Roles
B. Public Groups
C. Users
D. Profiles

Answer 208

Answer: A, B

Question 209

Jane, a support representative at Universal Containers, created a report to view all her open cases that have been created in the past 7 days and saved the report in the “Private Reports” folder. Who can view and run the report?

A. The report owner and any users who have been given access to the “My Private Reports” folder
B. The report owner and anybody in the role hierarchy above the report owner
C. The report owner
D. The report owner and users with the “View All Data” permission

Answer 209

Answer: C

Question 210

Universal Containers (UC) provides shipment tracking for its customers on a custom 
Shipment object. The total number of shipments made yearly by the customers should be available on the Account record to the Marketing team, but the Marketing team should not have access to Shipment records. 

What recommendation should an Architect provide to accomplish this?

A. Private organization-wide default on Shipment, rollup summary, and Master-Detail relationship to Account.
B. Controlled by Parent (Account) on Shipment, trigger, and Master-Detail relationship to Account.
C. Private organization-wide default on Shipment, trigger, and Lookup relationship to Account. D. Public organization-wide default on Shipment, process builder, and Lookup relationship to Account.

Answer 210

Answer: C

Question 211

Universal Containers (UC) has implemented Customer Community with customer 
community plus license for its distributors. Retail distributors have part-time agents who work for multiple distributors. Those agents should have access to other distributor accounts as well. What can be configured to grant agents access to different distributor accounts? 

A. Use Apex sharing to share distributor accounts with agents using the Account__ Share table.
B. Use share group to share distributor accounts with agents who have account contact relationship.
C. Create sharing rules to share distributor accounts with agents.
D. Create sharing set to share distributor accounts with agents using account contact relationship.

Answer 211

Answer: A

Question 212

Universal Containers (UC) has 200 distributors that use Partner Community licenses. 
Partners cannot see each other's data, but UC is also trying to give more visibility to data for certain individuals at a distributor. 
HOW can an Architect give users in the partner user role access to all Case and Container records owned by any user, regardless of role, at the same distributor? 

A. Create an ownership-based sharing rule.
B. Create sharing sets.
C. Create a Permission Set granting “View All” permission to Case and Container records.
D. Give super user permission to the individual partner users.

Answer 212

Answer: A

Question 213

Universal Containers (UC) has a private Organization-Wide Defaults (OWD) model for the Account object and needs to control the access of records and fields according to these requirements:
• Sales reps can view/edit only their own records and cannot access the field “segment” in account page.
• Service reps need to view all accounts but cannot edit any information.
• Sales managers can modify any account of reps reporting to them.
• Service managers can modify any account.
How can a Salesforce architect provide an optimal solution for this scenario?

A. Use profiles, sharing rules, and change OWD to public read-only.
B. Use profiles, manual sharing, and field-level security.
C. Use profiles, permission sets, and field-level security.
D. Use profiles, permission sets, role hierarchy, and field-level security.

Answer 213

Answer: D

Question 214

A custom ServiceFeedback object is used to collect partner feedback. ServiceFeedback records should be available to all internal employees. The OWD is set to Private for external users so partners cannot see feedback from other partner users.
How can the Architect give access to all internal employees?

A. Create a trigger on ServiceFeedback to change ownership to an internal employee.
B. Ensure all the internal users are above the partners in the role hierarchy.
C. Create an Owner based sharing rule for all ServiceFeedback records owned by Partners.
D. Set OWD, for Internal Users to Public Read Only.

Answer 214

Answer: D

Question 215

Universal Containers (UC) has a business unit that uses a custom object to track requests which demands a high level of internal team collaboration. Although all requests must have an owner, all employees are required to collaborate on requests.
Which recommendation should a Salesforce architect provide to optimize the solution and meet
these requirements?

A. Set the Request object’s OWD to Public Read/Write.
B. Set the Request object’s OWD to Private and grant Modify All Data permission on all Profiles for the Request object.
C. Set the Request object’s OWD to Private and criteria-based sharing rule to share all Request records with all internal users.
D. Set the Request object’s OWD to Public Read Only and configure role hierarchy.

Answer 215

Answer: C

Question 216

A sales rep (John) at Universal Containers (UC) requested to update information in an account record where he has READ only access. John requested the EDIT access permission from the owner of the record (Paul). Paul manually shared the record with John. Assuming the OWD of the Account object is Public Read-Only, what is the impact in the system?

A. New AccountShare record is created. Row Cause is “Manual” and Access Level is “Read/Write”.
B. Existing AccountShare record is updated. Row Cause is “Owner” and User/Group is “John”.
C. New AccountShare record is created. Row Cause is “Owner” and Access Level is “Full”.
D. Existing AccountShare record is updated. Row Cause is “Manual” and Access Level is “Read/Write”.

Answer 216

Answer: B

Question 217

Ursa Major Solar is writing test methods.
Which functionality does the system method “runAs()” Verify?

A. Enforcement of a user’s public group assignments.
B. Enforcement of a user’s field-level security.
C. Enforcement of user’s permissions.
D. Enforcement of a user’s record sharing

Answer 217

Answer: D

Question 218

Universal Containers provides 24x7 support for its customers worldwide using call centers in three different countries with each one covering an 8-hour shift in different time zones. Service reps in a call center have access to the same information but only during their local working hours. Which feature in Salesforce controls access for specific login hours?

A. Set the login hours on user records
B. Permission sets
C. Custom permissions
D. Profiles

Answer 218

Answer: D

Question 219

Universal Containers (UC) has created a custom Invoice object. Standard sales users at UC can see the records in search layout, but when they click to view the detail, only record name, created date, and last modified date are shown. When the system admin accesses it, he or she sees the full record detail with many more data fields. 
What is the likely cause of this issue? 

A. Sales users profile does not have access to the remaining fields.
B. Page layout assigned to sales user profile has only read-only access to the fields.
C. Org-wide sharing settings have been set to Private and need to be adjusted to Public Read/Write.
D. A role-based sharing is missing and should be added for the sales user’s role to grant access to the fields.

Answer 219

Answer: A

Question 220

A sales rep at Universal Containers (UC) has manually shared an Opportunity record with internal pre-sales users. After some time, the sales rep moved to another position and all opportunities records that were owned were transferred to a new sales rep. What happened to the internal pre-sales users access to the opportunity?

A. They still have access to the record due to inherited sharing.
B. They still have access to the record due to implicit sharing.
C. They will no longer have access to the record.
D. They still have access to the record due to team access.

Answer 220

Answer: C

Question 221

Universal Containers would like to control access to records and objects according to the following business requirements:• Sales users can view all Account records but only edit their own records. • Sales managers view all Account records but only edit records of the team.
• Service users can view all Account records that are not marked with a RecordType of Prospect.
Which organization-wide default configuration should a Salesforce architect recommend to fulfill
these requirements?

A. Public Read Write
B. Private
C. Public read Only
D. Public Read/Transfer

Answer 221

Answer: C

Question 222

Universal Containers (UC) has a team that analyzes customer orders looking for fraud. This team needs access to Invoice records (Custom object, Private OWD). UC \as complex rules to control users' access. The Salesforce Architect recommended using Apex managed sharing to meet these requirements. 
Which two recommendations should a Salesforce Developer consider when implementing the changes

Choose 2 answers

A. Use “With Sharing” keyword to make sure record visibility will always be considered. B. Use “Without Sharing” keyword to make sure record visibility will be considered.
C. Use runAs system method to test different users accessing these records.
D. Use “With Sharing” keyword to enforce field-level security.

Answer 222

Answer: A, C