Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sharing and Visibility Architect > Sharing and Visibility OLD > Flashcards

Sharing and Visibility OLD Flashcards

1
Q

A custom invoice object has been created with a master-detail relationship to account. The Account receivable (AR) team needs access to Invoices AR users do not own nor have access to Account records. Account OWD is set to Private. The AR team is unable to find Invoices in List views, Reports, nor in Global Search. The Architect has been asked to help troubleshoot. What could be the issue preventing AR team members from seeing invoices?

A. A sharing rule is missing to share Invoices to the AR team.

B. The AR team profile needs to be assigned an Invoice Page layout.

C. A sharing rule is missing to share Accounts to the AR team.

D. The Accounts receivable profile does not have read Permission to the Invoice Object.

A

C. A sharing rule is missing to share Accounts to the AR team.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A developer at Universal Container is building an integration within a managed package for their internal org that requires login to an external system. The end point requires basic authentication. The Architect would like to ensure that the username and password are managed securely. Which three options should the Architect recommend to secure the credentials?

A. Store the credentials in a custom object using encrypted fields

B. Store the credentials in named credentials that are used in the apex callout

C. Store the credentials in the apex code, which will not be available to non-admins

D. Store the credentials in protected custom metadata that are used in the apex callout

E. Store the credentials in protected custom settings that are used in the apex callout

A

B. Store the credentials in named credentials that are used in the apex callout

D. Store the credentials in protected custom metadata that are used in the apex callout

E. Store the credentials in protected custom settings that are used in the apex callout

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A dummy user at Universal Containers owns more that 10,000 lead records. The system assigned all these leads to a dummy user. This is causing performance issues whenever role hierarchy changes.

Which two options should be recommended to improve performance?

Choose 2 answers.

A. Assign ownership to a small number of users.

B. Add the dummy user into a public group.

C. Add the dummy user to the bottom of the role hierarchy.

D. Do not assign a role to the dummy user.

A

A. Assign ownership to a small number of users.

D. Do not assign a role to the dummy user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A Sales Rep at Universal Containers wants to create a dashboard to see how his sales numbers compare with his peers. Assuming a Private model, which two permissions would the Sales Rep need to meet this requirement?

A. Manage Custom Report Types

B. Customize Application

C. Manage Dashboards

D. View All Data

A

C. Manage Dashboards

D. View All Data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A sales representative at Universal Containers needs assistance from specific product managers when selling certain deals. Product managers do not have access to opportunities they don’t own, as the sharing model is Private, but need to gain access when they are assisting with a specific deal. How can an Architect accomplish the requirement?

A. Create a sharing rule to allow the product manager to access the opportunity.

B. Enable opportunity teams and allow users to add the product manager.

C. Enable account team and allow users to add the product manager.

D. Use similar opportunities to share opportunities related to the product manager.

A

B. Enable opportunity teams and allow users to add the product manager.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A user at Universal Containers would like to give access to a Report folder to someone else in the organization.

Which two access permissions should the user have to support this requirement?

Choose 2 answers.

A. The “Viewer” Report folder permission

B. The “Editor” Report folder permission.

C. The “Manage Reports in Public Folders” Profile permission.

D. The “Manager” Report folder permission.

A

C. The “Manage Reports in Public Folders” Profile permission.

D. The “Manager” Report folder permission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A Visualforce controller has a requirement to be written with “Without Sharing” at the top level; however, certain methods within the page still need to enforce the user permissions for creating records and accessing certain fields. Which two methods below would be used to enforce this requirements?

Choose 2 answers.

A. Schema.DescribeFieldResult

B. Schema.getGlobalDescribe

C. UserInfo.getProfileID

D. Schema.DescribeSObjectResult

A

A. Schema.DescribeFieldResult

D. Schema.DescribeSObjectResult

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Assuming granular locking is enabled, what activity can happen in parallel to changing a community account owner without risking group membership lock errors?

A. Deletion of a Role

B. Creation of a Role

C. Creation of a Territory

D. Deletion of a Territory

A

C. Creation of a Territory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

At Universal Containers, users should only see Accounts they or their subordinates own. All Accounts with the custom field “Kay Customer” should be visible to all Senior Account Managers. There is a custom field on the Account record that contains sensitive information and should be hidden from all users, except 3 designated users who require view and edit access. These three users come from different user groups, and will change occasionally.

Which three platform security features are required to support these requirements with the minimum amount of effort?

Choose 3 answers

A. Criteria-Based Sharing Rules

B. Owner-Based Sharing Rules

C. Role Hierarchy

D. Apex Managed Sharing

E. Permission Sets

A

A. Criteria-Based Sharing Rules

C. Role Hierarchy

E. Permission Sets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Below are some details regarding the organization at Universal containers:

  1. Richard and Kevin are the east sales reps and their manager is Karen the East sales executive.
  2. Sam and Wilder are West sales reps and the manager is Wendy, the West sales executive.
  3. Bob is the CEO and managers both Karen and Wendy

Universal Containers role hierarchy follows their management structure. Richard owns an account, NewCompany, and Kevin owns an account, OldCompany. Karen manually shared her account NewWorld with Kevin. However, she has moved to a new role to lead all Named Accounts, and Phil, who replaced her, is the new owner of NewWorld. Which employees will have access to the NewWorld account?

A. Bob and Phil

B. Bob, Richard, Phil and Kevin

C. Bob, Karen and Kevin

D. Bob, Phil and Kevin

A

A. Bob and Phil

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

By Viewer Access you can see the data in a report or dashboard, but you can’t make any changes, except by cloning it into a new report or dashboard.

A. True

B. False

A

A. True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

For the Universal Containers Commercial and Consumer support departments, having access to Activities for Contacts with which they interact is important. Commercial support users should not see Consumer Accounts/Contacts and Consumer support users should not see Commercial Accounts/Contacts. Assuming the Organization-Wide Default for Activities is set to “Controlled by Parent” what is the minimum level of Sharing access a support user would need to Accounts/Contacts to view associated Activities?

A. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read/Write access to Accounts/Contacts.

B. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Private access to Accounts/Contacts.

C. The users need no access to Accounts/Contacts with the proper Activity Sharing Rules and Profile Permissions for the Accounts Tab.

D. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read only access to Accounts/Contacts.

A

D. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read only access to Accounts/Contacts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How should the Architect ensure that OBJECT-LEVEL SECURITY is enforced within a custom Visualforce application that was a standard Apex controller on the Lead object?

A. Use the runAs() method to enforce user permissions in the Apex controller.

B. Use the Schema.DescribeSObjectResultisAccessible() method in the Apex controller.

C. Use the {!$ObjectType.lead.accessible} expression within the Visualforce page.

D. Use the “With Sharing” keyword when defining the Visualforce page.

A

C. Use the {!$ObjectType.lead.accessible} expression within the Visualforce page.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How would you make sure a Visualforce page is security proof?

Choose 3 answers

A. Manually check for cross site

B. Manually check for sql injection

C. Submit to force security scanner

D. Use web application tool for security

E. Use debug to check hijacked requests

A

C. Submit to force security scanner

D. Use web application tool for security

E. Use debug to check hijacked requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

If OWD is Public Read Only, what are sharing access options

A. Read, - Read/Write

A

A. Read, - Read/Write

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

If you want to create some logic that will share certain records in APEX code, you just have to create special records that will open access to the desired records. The aim is to create records of certain type, for example , all share objects for custom objects are named as

A. MyCustomObject__Share

A

A. MyCustomObject__Share

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

In order to comply with Regulatory Requirements, Universal Containers must store sensitive customer information on-premise. Universal Containers would like this on -premise information to be accessible from Salesforce. What technology can Universal Containers use to achieve this?

A. Implement a third-party tokenization service.

B. Implement an on-premise database.

C. Implement a third-party proxy server.

D. Implement the Salesforce Shield toolkit.

A

C. Implement a third-party proxy server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

In order to comply with regulatory requirements, Universal Health must encrypt all Personally Identifiable Information (PII), both while it is being transmitted over the network and while it is at rest. Universal Health has completed a data audit and has determined that 12 fields on the contact record can contain PII, including the contact name and several other standard fields. Universal Health would like the fields to remain accessible in Salesforce.

Which two options does Universal Health have to maintain compliance?

Choose 2 answers.

A. Implement a custom Apex trigger to automatically encrypt the PII data using the Apex Crypto Class.

B. Update the field type of each of the 12 fields to “Text (Encrypted)” so that they are encrypted at rest.

C. Enable Salesforce Platform Encryption and select the 12 contact fields to be encrypted.

D. Use an external, third party encryption service to encrypt PII before it enters Salesforce

A

A. Implement a custom Apex trigger to automatically encrypt the PII data using the Apex Crypto Class.

C. Enable Salesforce Platform Encryption and select the 12 contact fields to be encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Partner users can access records belonging to users in their account at their same role or lower in the role hierarchy, for Cases, Leads, Opportunities and Custom Objects. Which of the following access has to be given ?

A. Super user permission

A

A. Super user permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which two license types can be assigned the permissions to create and edit reports?

A. Customer Community Plus

B. Customer Community Plus Login

A

A. Customer Community Plus

B. Customer Community Plus Login

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

The Architect at Universal Containers has created a List View to show all open Opportunities that were created in the last month, and would like to make this list view visible to certain groups of users. Which two options are available to the Architect for sharing the List View?

A. Public Groups

B. Profiles

C. Roles and Subordinates

D. Manual Sharing

A

A. Public Groups

C. Roles and Subordinates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

The architect at Universal Containers would like to prevent users from editing encrypted fields.

Assuming no customizations are implemented, which two options should the Architect choose to support the requirement?

Choose 2 answers

A. Validation Rules

B. Page Layout settings

C. Apex Triggers

D. Workflow Rules

A

A. Validation Rules

B. Page Layout settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The Architect notices that there are many duplicate Account records and numerous sharing rules created in Salesforce. What would be the reason?

A. The Organization-Wide Default for the Account object is Private.

B. The Organization-Wide Default for the Account object is Public Read/Write.

C. The Organization-Wide Default for the Account object is Public Read-Only.

D. The Object permissions for the Account object are Create, Read, and Edit.

A

A. The Organization-Wide Default for the Account object is Private.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

The Collections department at Universal Containers uses Salesforce to track its efforts. All Invoices and Invoice Line Items are stored in Salesforce. Invoice Line Item object details, such as Quantity and Extended Amount, should be summarized at the Invoice Object level, and all users who can see a given invoice should always see all invoice line items. Without leveraging Apex code, how should an Architect create the relationship between the Invoice object and the Invoice Line Item Object?

A. The Invoice object should have a Master- Detail to the Invoice Line Item Object

B. The Invoice Line Item Object should have a Lookup to the Invoice Object

C. The Invoice Object should have an inner joint to the Invoice Line Item Object

D. The Invoice Line Item Object should have a Master-Detail to the Invoice Object

A

D. The Invoice Line Item Object should have a Master-Detail to the Invoice Object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

The System Administrator at Universal Containers has created two list views called ListV1 and ListV2. One group of users should only see ListV1 and the second group of users should only see ListV2. Two public groups were created to restrict visibility to the respective list views. However, users in both groups are able to see both list views. What system permission in their profile enabled the users to see all list views?

A. Manage Custom List Views

B. Manage Private List Views

C. Manage Public List Views

D. Manage Custom Permissions

A

C. Manage Public List Views

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Universal Container has a set of Account management users that should only see accounts once the account becomes a customer. The type field on the Account identifies whether the account is a prospect, customer, partner, or other.

Which two methods could an Architect use to enable this sharing requirement, assuming a private sharing model for accounts?

Choose two:

A. Create a public list view, where accounts of type customer are included and share the list view with account management public group

B. Institute a business process that calls for the account manager to be added to the account team once the account becomes a customer

C. Create an account sharing rule that shares all accounts owned by sales to be shared with account management roles and subordinates

D. Create a criteria-based sharing rule that shares the account to the account management group when the type is customer

A

B. Institute a business process that calls for the account manager to be added to the account team once the account becomes a customer

D. Create a criteria-based sharing rule that shares the account to the account management group when the type is customer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Universal Container is a global Telco that has recently implemented enterprise territory management to better align their sales teams and sales processes. They are in Q4 of the FY and they have completely revamped their territory structure and created a plan for a new structure that would support the new FY. Their current territory model has 8k territories. Their new model would be a new set of 8,5K territories, and their org limit is 10k. What enterprise territory management feature can UC take advantage of in order to help them stay within their org limits?

A. Territory type priority

B. Territory Type

C. Territory Model State

D. Territory Hierarchy

A

C. Territory Model State

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Universal Container is creating a custom VF page to allow user to edit contact records. The developer has used an apex:outputField for the Phone field on the contact obj. What is the expected behavior if a user without FLS accesses the VF page?

A. The user encounters an error while saving the record

C. The output field is visible to user

D. The user is able to enter a value into the phone field

A

B. The field is automatically removed from the page

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Universal Containers (UC) has a requirement to expose a web service to their business partners. The web service will be used to allow each business partner to query UC’s Salesforce instance to retrieve the status of orders. The business partner should only be allowed access to orders for which the business partner is the fulfillment vendor. The Architect does not want the business partners to utilize the standard APIs and would prefer a custom API be developed.

Which three design elements should the Architect consider in order to ensure the data security of the solution?

Choose 3 answers

A. Query the Orders object with Dynamic SOQL based upon the fulfillment ID.

B. Set the Orders object’s sharing settings to Private in the Org-Wide Defaults

C. Provide each partner with their own Salesforce login set to API Enabled on the profile.

D. Develop a custom Apex web service with a fulfillment ID input attribute

E. Develop a custom Apex web service using the “With Sharing” keyword.

A

B. Set the Orders object’s sharing settings to Private in the Org-Wide Defaults

C. Provide each partner with their own Salesforce login set to API Enabled on the profile.

E. Develop a custom Apex web service using the “With Sharing” keyword.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Universal Containers (UC) is in legal dispute regarding several orders. UC has found out these records were removed from system. The VP of Sales has asked to ensure this cannot happen in the future. What approach would meet this requirement?

A. Remove the delete button from the Order page layout.

B. Change the record type/page layout assignment for orders to be read-only.

C. Remove order delete permission from profiles and permission sets.

D. Implement a sharing rule that changes access for the records to read.

A

C. Remove order delete permission from profiles and permission sets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Universal Containers (UC) works with a dealer network to sell their products. There are approximately 5,000 dealers that do business with UC and UC has purchased a Partner Community to interact with each of their dealers on Opportunities. Each dealer is structured so that there are a group of managers who will oversee a larger team of agents. UC would like to set the Organization-Wide Defaults to Private for the Opportunity object, both internally and externally. Within each dealer, there are a few agents called Lead Agents who should be able to see the Opportunities for all of the other Agents at the dealer. What is the optimal solution for an Architect to recommend?

A. Add a Sharing Set that shares Opportunities to the Lead Agent based on the Lead Agents Account.

B. Build an Apex Managed Sharing rule that will assign specific Opportunities to Lead Agents.

C. Grant Super User access to the Lead Agents as part of the Community user setup.

D. Create a Sharing Rule to share opportunities to the owner’s manager’s role and below.

A

C. Grant Super User access to the Lead Agents as part of the Community user setup.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Universal Containers created a custom object called Defect and would like to enable the Sharing button on the Defect page layout to share the records manually to other users in the organization. In which scenario will the Sharing button appear?

A. The Sharing model is either Private or Public Read only.

B. The Sharing button always appears.

C. The Sharing model is Public Read/Write.

D. The Sharing model is Public Read/Write/Transfer.

A

A. The Sharing model is either Private or Public Read only.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Universal Containers does not want the Users in the Custom Sales Department Profile to be able to delete Opportunities. How would the Architect prevent a certain set of users from deleting Opportunities?

A. Remove the Delete button from the Opportunity Page Layout and Record Type settings.

B. Create a Validation Rule that checks the User’s Profile before allowing the Is Deleted flag to be set to True.

C. Override the Standard button with a Visualforce Page that warns them that they do not have permission to delete.

D. Remove the “Opportunity Delete” Permission from the Sales Team’s User Profile in the Object Permissions.

A

D. Remove the “Opportunity Delete” Permission from the Sales Team’s User Profile in the Object Permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Universal Containers has a custom Job object with a private sharing model. Based on the size and location of the Job, different teams must have access to edit the specific Job record. To support this requirement, Apex Managed Sharing has been implemented to share records with the required users. Since the teams change frequently, managed sharing recalculations need to be manually run frequently. What can the Architect do to optimize this process?

A. Change the sharing model on the Job object to Public Read/Write.

B. Create a scheduled job to automatically run the sharing recalculations on a nightly basis.

C. Create public groups for each team, and share the jobs with the groups instead of users.

D. Create a custom Visualforce page to edit the jobs and specify Without Sharing on the controller.

A

C. Create public groups for each team, and share the jobs with the groups instead of users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Universal Containers has a custom object to maintain Job information with a private sharing model. The Delivery group is distributed through the Role Hierarchy based on geography. As the Delivery group often collaborates on Jobs, all users in the Delivery profile required View access to all Job records. In special case, the Delivery user who owns a job must be able to grant a Product Development user access to a Job record.

Which two platform features can be used to support these requirements?

Choose 2 answers

A. Criteria-based Sharing Rules

B. “View All” Profile settings

C. Owner-based Sharing Rules

D. Manual Sharing

A

B. “View All” Profile settings

D. Manual Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Universal Containers has a custom object, Employee Review, with an Organization-Wide Default security setting of Private. A user lookup on the Employee Review object is populated when a reviewer is assigned to perform a review. How can this user be granted edit access to the record if they are not the owner?

A. The user will be granted access to the record automatically when the user lookup is populated.

B. Create a workflow rule to share the Employee Review record with the user in the lookup field.

C. Create an Apex trigger to insert an Employee Review Share record with an access level of Edit.

D. Create a criteria-based sharing rule to share the record with the user in the lookup field.

A

C. Create an Apex trigger to insert an Employee Review Share record with an access level of Edit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Universal Containers has a global 24x7 Salesforce.com implementation that supports Sales, Services, Order Management, and various other parts of their business. They have a nested territory hierarchy, 10,000 sales users, and 20,000 support agents. Territory changes happen daily. The demand for new applications and changes to the platform is high and they follow an agile development methodology and deliver new releases every two weeks on the platform.

What Salesforce.com feature would help the system recover from a maintenance restart on Salesforce.com servers?

A. Enable Granular Locking on the system.

B. Enable Deferred Sharing Rule recalculation.

C. Enable Parallel Sharing Rule recalculation.

D. Enable Filter-Based Opportunity Territory Assignment.

A

C. Enable Parallel Sharing Rule recalculation.

B?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Universal Containers has a Private Sharing Model and restrictive data access settings in place. The data governance team is planning to deploy a master data management tool that will need write access to all system data, and the Architect has been asked to prepare a Data Governance User Profile that has full access to all data regardless of Sharing and CRUD Settings. What is the optimal way to enable this requirement?

A. Ensure the profile has the “Modify All Data” permission enabled

B. Create a Sharing Rule for required Objects, on an API Only profile

C. Create an All Data Access app as a default for this Profile.

D. Enable the “Edit Read -Only Fields” permission for this Profile.

A

A. Ensure the profile has the “Modify All Data” permission enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Universal Containers has a Private Sharing Model for the Opportunity object. Sales Rep A at Universal Containers created the Opportunity record and then transferred ownership of the Opportunity record to Sales Rep B. Both Sales Rep A and B have the same role in the Role Hierarchy. What access will Sales Rep A have to the Opportunity after the transfer?

A. Full Access

B. No Access

C. Read/Write

D. Read Only

A

B. No Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Universal Containers has a private sharing model on Accounts. Apex Managed Sharing is required to share certain account records with all users who are assigned to a specific Role in the Role Hierarchy. What should be the recommended way for the Architect to implement this?

A. Create an AccountShare record associated to a public group containing the Users in the Role.

B. Create an AccountShare record associated to each user who is assigned to the Role.

C. Create an AccountShare record associated to the required Role.

D. Create an AccountShare record associated to a public group containing the Role.

A

A. Create an AccountShare record associated to a public group containing the Users in the Role.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Universal Containers has a requirement to share Accounts automatically to the users at a field office.

They currently have the following setup in their environment:

  • Accounts are set to Private in the Org-Wide Default.
  • The field office is specified by a lookup in the Account object.
  • There are 400 field offices.
  • The users in each field office are managed using public groups.

Based upon a lookup relationship field on the Account, how should the Architect meet this requirement?

A. Use Manual Sharing to share the Account with the appropriate field office.

B. Use Account Teams to share the Account with the appropriate field office.

C. Use Programmatic Sharing to share the Account with the appropriate field office.

D. Use Criteria-Based Sharing to share the Account with the appropriate field office.

A

C. Use Programmatic Sharing to share the Account with the appropriate field office.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Universal Containers has a set of Account Management users that should only see Accounts once the Account becomes a customer. The Type field on the Account identifies whether the Account is a Prospect, Customer, Partner or Other. Which two methods could an Architect use to enable this sharing requirement, assuming a private sharing model for Accounts?

Choose 2 answers.

A. Institute a process that calls for the Account Manager to be added to the Account Team once the Account becomes a customer.

B. Create an Account Sharing Rule that shares all Accounts owned by Sales to be shared with Account Management roles and subordinates.

C. Create a Public List View, where Accounts of Type Customer are included and share the List view with the Account Management public group.

D. Create a Criteria-based Sharing rule that shares the Account to the Account Management Group when the Type is Customer.

A

A. Institute a process that calls for the Account Manager to be added to the Account Team once the Account becomes a customer.

D. Create a Criteria-based Sharing rule that shares the Account to the Account Management Group when the Type is Customer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Universal Containers has a strict security model enforced through object, field, and row-based security mechanisms. The Architect would like to ensure the security model is being thoroughly tested using Apex automated tests. Which three considerations should be made when using the runAs() method to design Apex until tests?

A. runAs() does not enforce user permissions or field-level permissions in test classes

B. runAs() can be used inside of test classes to validate record-level security

C. runAs() can be used inside of test classes to validate field-level permissions

D. runAs() can be used outside of test classes to bypass record-level security

E. runAs () counts towards total DML statements issued within transaction

A

A. runAs() does not enforce user permissions or field-level permissions in test classes

B. runAs() can be used inside of test classes to validate record-level security

E. runAs () counts towards total DML statements issued within transaction

44
Q

Universal Containers has Controlled by Parent sharing settings on the Contact object and Public Read Only sharing settings on Account, Opportunity, and Case objects. Which two options can the user see while adding Account team members to the Account?

A. Case Access

B. Opportunity Access

C. Contact Access

D. Activity Access

A

A. Case Access

B. Opportunity Access

45
Q

Universal Containers has created a custom object to store highly confidential client relationship data with Private sharing settings. Which two options would an Architect choose to ensure access only to the record owner and the administrator?

Choose 2 answers.

A. Disable “Grant Access Using Hierarchies.”

B. Disable the “Create” permission on all other profiles.

C. Disable the “Read” permission on all other profiles.

D. Disable the “View All” permission on all other profiles.

A

A. Disable “Grant Access Using Hierarchies.”

D. Disable the “View All” permission on all other profiles.

46
Q

Universal Containers has created a custom Sales Operations profile with read and edit access to the Category field on a custom object. There is a new requirement that 3 of the 100 users assigned to the Sales Operations Profile should have read-only access to the Category field.

How can the Architect support this request?

A. Create a permission set in the Category field to read-only and assign it to the users.

B. Create a new profile without edit access to Category and assign it to the users.

C. Create a new page layout with the Category Field set to read-only for these users.

D. Create a custom permission to grant read-only access to Category and assign it to the users.

A

B. Create a new profile without edit access to Category and assign it to the users.

47
Q

Universal Containers has created a Reimbursement Custom Object to capture requests for reimbursement of expenses related to office supplies. The Reimbursement requests are sometimes sensitive and the Team Leads should not have access to the Reimbursement records submitted by the Users in the Call Center Agent role. The Director of Support will require access to all Reimbursement records. The role hierarchy is set as follows: Call Center Agent role reports to Team Lead role, which Reports to the Director of Support. Which steps would the Architect take to ensure proper sharing in this Role Hierarchy structure assuming Private Sharing Setting for the Reimbursement Object?

A. Leave the Reimbursement Object in “Deployed” Status and set the Director of Supports Profile to “View All” in the object permissions.

B. Use an Approval Process to change the owner of the Reimbursement record upon submission to the Director of Support

C. Disable Grant Access Using Hierarchies for the Object and create a Sharing Rule to enable sharing to the Director of Support

D. The sharing scenario described will occur without any special configuration choices being made by the Architect

A

C. Disable Grant Access Using Hierarchies for the Object and create a Sharing Rule to enable sharing to the Director of Support

48
Q

Universal Containers has developed an AppExchange managed package for their distribution partners, which required a private key to be generated for each partner and used by the code. Universal Containers support representatives must be able to access the private key value to debug connection issues, but it must not be possible for the partner to access the value. How can the Architect best support this requirement?

A. Store the value in a text field on a protected custom setting in the package.

B. Store the value in a static variable in a class included in the managed package.

C. Store the value in the text field on a list custom setting in the managed package.

D. Store the value in an encrypted field on a custom object in the package.

A

A. Store the value in a text field on a protected custom setting in the package.

49
Q

Universal Containers has developed Apex code to manually create AccountShare records to grant specific users access to individual Accounts. What must the Architect do to ensure the AccountShare records are not deleted when the owner of the Account is changed?

A. Create the share records and set the RowCause to a custom Apex Sharing Reason

B. Create the share records in a class with the “Without Sharing” keyword

C. Create the share records with the Delete on Owner Change field set to false

D. Create the share records and set the RowCause to Manual

A

A. Create the share records and set the RowCause to a custom Apex Sharing Reason

50
Q

Universal Containers has enabled External Default Sharing and wants to allow for external users to have the External Sharing Default set to Public Read- Only for a custom object. Which two options are valid Internal Default sharing settings for the custom object?

A. Controlled by Parent

B. Public Read/Write

C. Private

D. Public Read Only

A

B. Public Read/Write

D. Public Read Only

51
Q

Universal Containers has implemented a community for its customers using the Customer Community sense type. They have implemented a custom object to store service requests that has a look up to the account record. The Organization Wide Default External Access for the service request object is set to Private. Universal Containers wants their customers to be able to see service requests for their account through the community Customers should not see service requests for other accounts. What Salesforce feature can the Architect use to implement this?

A. Use manual sharing to share the service requests manually when a new community user is added.

B. Use a Sharing Set to share service requests related to the account based on the community user’s profile.

C. Use a Sharing Rule to share service requests to the community user based on their role.

D. Use Apex Managed Sharing to share service requests related to the account to the appropriate community users.

A

B. Use a Sharing Set to share service requests related to the account based on the community user’s profile.

52
Q

Universal Containers has implemented a strict software architecture for their custom Apex code. One of the requirements is that all SOQL queries are contained within reusable classes. Depending on the context of the Apex transaction, the queries should be able to run either “With Sharing” or “Without Sharing”. Which two ways allow the Architect to meet these requirements? Choose 2 answers.

A. Create a reusable SOQLQueries class; do not specify “With” or “Without Sharing” on the SOQLQueries class.

B. Create a reusable SOQLQueries class; do not specify “With” or “Without Sharing” on the SOQLQueries class and use the runAs() method to dynamically set the context.

C. Create a reusable SOQLQueries class; specify “With Sharing” on the methods that require user context and “Without Sharing” on the methods requiring system context.

D. Create a SystemSOQLQueries class and a UserSOQLQueries class; set the “With Sharing” keyword on the User SOQLQueries class and “Without Sharing” on the SystemSOQLQueries class.

A

C. Create a reusable SOQLQueries class; specify “With Sharing” on the methods that require user context and “Without Sharing” on the methods requiring system context.

D. Create a SystemSOQLQueries class and a UserSOQLQueries class; set the “With Sharing” keyword on the User SOQLQueries class and “Without Sharing” on the SystemSOQLQueries class.

53
Q

Universal Containers has junction object called “Job Production Facility”, with 2 master-detail relationships to the Job and Production Facility custom objects. Both master records have a private sharing model.

What statement is true if a user’s profile allows access (Create/Read) to the Job, but no access to the Production Facility Object?

A. The user will be granted read access to the Production Facility record

B. The user will see the junction object and the link to the Production Facility.

C. The user will see the junction object but not the link to the Production Facility.

D. The user will not be able to see the junction object records or the field values.

A

D. The user will not be able to see the junction object records or the field values.

54
Q

Universal Containers has just deployed a change to its role hierarchy. A manager is reporting that their staff can now see Accounts that they do not own and should not have access to.

How should the Architect troubleshoot?

A. While logged in as the System Administrator, use the Field Accessibility Viewer to view a matrix of who has access to Accounts.

B. While logged in as the one of the Staff members, navigate to a sample account and use the Sharing button to determine who has access.

C. While logged in as the one of the Staff members, navigate to their user record and inspect their profile and role membership.

D. While logged in as the System Administrator, use the Field Accessibility Viewer to view a matrix of who has access to Accounts.

A

B. While logged in as the one of the Staff members, navigate to a sample account and use the Sharing button to determine who has access.

55
Q

Universal Containers has Public Read Only sharing settings on the Opportunity object. What Opportunity access options can the user see while adding account team members to the Account?

A. Read Only

B. Private and Read Only

C. Private

D. Read Only and Read/Write

A

D. Read Only and Read/Write

56
Q

Universal Containers has recently activated an integration that synchronizes customer information and orders into their CRM of choice: Salesforce.com. One of their largest customers, United Air, has over 12,000 unique contacts. Since the integration was activated, sales reps are having trouble adding contacts to the United Air account. When a sales rep adds a contact, they get the following error message:UNABLE_TO_LOCK_ ROW, This issue seems to affect the United Air account and several other large customers. The sales rep can usually save the contact by trying again later in the evening. What should the Architect recommend as a possible solution?

A. Add a role-based sharing rule so all sales team members have Read/Write access to contacts.

B. Remove sharing rules and replace them with Apex sharing for Unite Air and the other large accounts.

C. Implement an account hierarchy and redistribute the contacts evenly under the child accounts.

D. Create a permission set for the sales team to grant them Read/Write access to all account fields.

A

C. Implement an account hierarchy and redistribute the contacts evenly under the child accounts.

57
Q

Universal Containers has recently implemented an integration that is populating 50 custom fields on the account object. They would like these fields to be available to Managers for reporting but do not want them to clutter the page layouts. What should the Architect recommend as a solution?

A. Add the fields to the Managers’ Account Page Layout; mark the page layout section as Collapsed.

B. Grant the Managers access to the fields using a Role-Based Sharing Rule; leave them hidden on the page layout.

C. Add the fields to a Custom Report; grant the Managers’ Role access to the report folder.

D. Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.

A

D. Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.

58
Q

Universal Containers has requirement for the Architect to develop Apex Managed Sharing code for the custom Job object. The sharing settings for the Job object are set to Private. When assigning access level for the record, which two lines of code will cause a DML exception on insert to the database?

Choose 2 answers

A. Objectname.AccessLevel=’Edit’

B. Objectname.AccessLevel=’All’

C. Objectname.AccessLevel=’None’

D. Objectname.AccessLevel=’Read’

A

B. Objectname.AccessLevel=’All’

C. Objectname.AccessLevel=’None’

59
Q

Universal Containers has requirement to integrate Salesforce with an external system to control record access.

What option should the Architect consider when designing a solution?

A. Use the Security API to modify the role hierarchy in Salesforce.

B. Use the SOAP API to maintain the related SObject_share records.

C. Use the Metadata API to maintain the related SObject records.

D. Use the SOAP API to create new Criteria-Based Sharing Rules in Salesforce.

A

B. Use the SOAP API to maintain the related SObject_share records.

60
Q

Universal Containers has set Account Sharing to Private with Account Teams enabled. Which two user groups can add team members on the Account? Choose 2 answers

A. The current Account Owner can add team members.

B. The user specified as the Manager on the Owner’s User record

C. Someone above the Account Owner in the Role Hierarchy with read access

D. Any Account Team Member with read access on the Account

A

A. The current Account Owner can add team members.

C. Someone above the Account Owner in the Role Hierarchy with read access

61
Q

Universal Containers has set Opportunity Sharing to Private with Opportunity Teams enabled.

Which three options can change the Owner of the Opportunity?

Choose 3 answers.

A. Any Opportunity Team Member on the current Opportunity.

B. The current Opportunity Owner can transfer the current ownership.

C. The System Administrator or a user with the “Transfer Records” permission.

D. The user specified as the Manager on the Owner’s User Profile.

E. Someone above the Opportunity Owner in the Role Hierarchy.

A

B. The current Opportunity Owner can transfer the current ownership.

C. The System Administrator or a user with the “Transfer Records” permission.

E. Someone above the Opportunity Owner in the Role Hierarchy.

62
Q

Universal Containers has set Partners users who will see records owned by partner users in roles below them in the hierarchy of which roles?

A. Executive, Manager, and User (EMU)

A

A. Executive, Manager, and User (EMU)

63
Q

Universal Containers has set the Org-Wide Sharing Default for Accounts to Private and has created some sharing rules to extend access based on certain data access policies. An architect has been asked to review access to a certain set of key customer accounts. How might this review be conducted?

A. Export the Account Share table and review.

B. Run a Report on Sharing in the Admin Console.

C. Log in as each user and Run the All Accounts List View.

D. Use the Sharing button on each customer Account.

A

A. Export the Account Share table and review.

64
Q

Universal Containers has successfully implemented a large Service Cloud rollout for their national call center 3 months ago. One of their largest customer accounts, United Automotive, has over 15,000 open cases. Agents are now having trouble opening new cases for United Automotive. When they try to create a case, the following Error messages appear for them UNABLE_ TO_LOCK_ ROW They notice that this only occurs for the United Automotive account. If they try to save the case again it will usually work, but the problem seems to be happening more and more often. What option should the Architect recommend?

A. Review the Account structure to split the United Automotive account into multiple branch accounts.

B. Review the Customer Service Profile to ensure that they have Read/Write access to the appropriate Case and Account Fields.

C. Review all Case Sharing Rules and consolidate where appropriate to reduce the total number of sharing rules.

D. Review all Account sharing rules to ensure that the Customer Service team has Read/Write access to the United Automotive Account.

A

A. Review the Account structure to split the United Automotive account into multiple branch accounts.

65
Q

Universal Containers has the following requirements: A custom Loan object requires Org-Wide Defaults set to Private. The owner of the Loan record will be the Loan Origination Officer. The Loan record must be shared with a specific Underwriter on a loan-by-loan basis. The Underwriters should only see the Loan records for which they are assigned. What should the Architect recommend to meet these requirements?

A. Use criteria- based sharing rules to share the Loan object with the Underwriter based upon the criteria defined in the criteria-based sharing

B. Create a lookup relationship from the Loan object to the User object. Use a trigger on the Loan object to create the corresponding record in the Loan share object

C. Create a master- detail relationship from the Loan to the User object. Loan records will be automatically shared with the Underwriter

D. Create an Apex Sharing Reason on the Loan object that shares the Loan with the Underwriter based upon the criteria defined in the Sharing Reason

A

B. Create a lookup relationship from the Loan object to the User object. Use a trigger on the Loan object to create the corresponding record in the Loan share object

66
Q

Universal Containers has the following requirements:

  • The Commercial Account and Consumer Account support departments should not collaborate.
  • The Commercial and Consumer sales users roll up to the same VP of Sales, but there should be no collaboration between sales departments.
  • The Commercial sales department should share its customers with the Commercial support department.
  • The Consumer sales department shares its customers with the Consumer support department.
  • The Commercial and Consumer support departments roll up to the same Support Director.
  • The sales departments will remain the Account Owner for the Accounts that they sell to.

What is the recommended Org-Wide Sharing Default for Accounts, and how would the

Architect enable proper Commercial and Consumer Sales to Support Account Sharing for this scenario?

A. Private Account Sharing with Sharing Rules from Commercial Sales Role(s) to Consumer Support Role(s) and Consumer Sales Role(s) to Commercial Support Role(s).

B. Private Account Sharing with Sharing Rules from Commercial support Role(s) to Commercial Support Role(s) and Consumer Sales Role(s) to Consumer Support Role(s).

C. Read -Only Account Sharing with Sharing Rules from Commercial Sales Role(s) to Consumer Support Group(s) and Consumer Sales Role(s) to Commercial Support Groups(s).

D. Private Account Sharing with Sharing Rules from Commercial Sales Group(s) to Commercial Support Groups(s) and Consumer Sales Group(s) to Consumer Support Group(s).

A

B. Private Account Sharing with Sharing Rules from Commercial support Role(s) to Commercial Support Role(s) and Consumer Sales Role(s) to Consumer Support Role(s).

67
Q

Universal Containers has the following Sharing Settings for their Org:

Account = Private

Contact = Controlled by Parent

Opportunity = Private

Case = Private

They have enabled “Default Account Teams” and have trained users to set up their Default Team.

Which three access levels can be set on the Account Team Member?

Choose 3 answers

A. Opportunity Access

B. Case Access

C. Contact Access

D. Contract Access

E. Account Access

A

A. Opportunity Access

B. Case Access

E. Account Access

68
Q

Universal Containers has two custom objects: Job and Job Interview. The Job Interview object has a lookup relationship to Job. Both objects are set to Private in sharing settings. The HR team will own all Job and Job Interview records. They have asked their Salesforce Architect to automatically share the Job Interview when the Interviewer (lookup to user record) has been populated. The interviewer can be from any department. What method should the Architect use to achieve this requirement?

A. Build apex Managed Sharing code to share Job Interview with the Interviewer user.

B. Build a criteria-based sharing rule between the Job Interview and the Interviewer.

C. Build a standard sharing rule between Job Interview and the Interviewer

D. Build a workflow email notification to notify the interviewer of the record assignment

A

A. Build apex Managed Sharing code to share Job Interview with the Interviewer user.

69
Q

Universal Containers is a fast-growing company that sells containers globally. It has thousands of dealerships throughout the world where local dealers service Containers sold locally. They recently opened two dealerships in California: NorthCal and SoCal. Universal Containers implemented a new partner community to enable their dealers. Each dealership has a dealer Manager who has all service agents report into them. Assuming a private sharing model, what is the best option to enable dealer managers to have visibility to customer cases within their dealership and not across all dealerships?

A. Create sharing groups that share all cases to all agents under the Dealer manager.

B. Create a batch job that creates sharing rules as needed, based on the cases created.

C. Build a trigger that create manual sharing of cases as needed whenever a new case is created.

D. No changes are needed to the sharing and visibility model to implement this requirement.

A

D. No changes are needed to the sharing and visibility model to implement this requirement.

70
Q

Universal Containers is designing a new community using the Customer Community license type. They would like to have the users complete survey questions through the community interface and store the responses in a Custom Object that has a lookup to the account object. Any internal user who has access to the account should be able to see all survey responses. All Customer Community users should be able to see surveys filled in by other users for their company, but not surveys for other companies. What are the correct security settings to achieve this?

A. Set all Organization-Wide Default settings to be “Public Read/Write” for both internal and external users.

B. Set all Organization-Wide Default security to be “Private” for both internal and external users and use Sharing Rules to grant the desired access

C. Set all Organization-Wide Default security to be “Public Read/Write” for internal users and “Private” for external users.

D. Set the custom object to be master-detail to the Account and leave the Organization-Wide Default settings as their default values.

A

B. Set all Organization-Wide Default security to be “Private” for both internal and external users and use Sharing Rules to grant the desired access

71
Q

Universal Containers is implementing a community of High-Volume Community users. Community users should be able to see records associated to their Account or Contact record. The Architect is planning to use a Sharing Set to provide access to the records. When setting up the Sharing Set, certain objects are not available in the list of Available Objects. Which two reasons explain why an object is excluded from the list of Available Objects in a Sharing Set?

A. The object is a custom object, and therefore not available for a sharing set.

B. The object’s Organization-Wide sharing setting is set to Public Read/Write.

C. The object’s Organization-Wide sharing setting is set to Private.

D. The custom object does not have a lookup to Accounts or Contacts.

A

B. The object’s Organization-Wide sharing setting is set to Public Read/Write.

D. The custom object does not have a lookup to Accounts or Contacts.

72
Q

Universal Containers is updating its Organization-Wide Sharing Settings for the Account Object from a “Public Read/Write” model to a “Private” model, so that they can hide certain national accounts from sales reps and sales managers. These national accounts should only be accessible by sales directors and above. Universal Container’s Role Hierarchy matches its organizational hierarchy. Which two options should the Architect consider when designing the solution?

Choose 2 answers

A. Sales directors will need a sharing rule created so that they can see accounts owned by Sales Users.

B. National accounts must be owned by a user who is above the sales managers in the Role Hierarchy.

C. Apex managed sharing will have to be disabled for the account object to protect the national accounts.

D. If a sales rep is added to the Opportunity Team for a national account, they will gain access to account data.

A

B. National accounts must be owned by a user who is above the sales managers in the Role Hierarchy.

D. If a sales rep is added to the Opportunity Team for a national account, they will gain access to account data.

73
Q

Universal Containers regularly uploads large amounts of parent and child records into Salesforce to maintain integrations with other systems that update their date in scheduled batches or continuously in real time.

Which two situations may pose a risk of producing locking errors?

Choose 2 answers.

A. Updates to child records that have the same parent records are being processed simultaneously in separate transactions.

B. Updates to parent and child records are being processed in the same batch.

C. Updates to parent records and their child records being processed simultaneously in separate threads.

D. Updates to parent and child records are being processed synchronously in the same threads.

A

A. Updates to child records that have the same parent records are being processed simultaneously in separate transactions.

C. Updates to parent records and their child records being processed simultaneously in separate threads.

74
Q

Universal Containers uses the Case object to track service tickets. They have implemented Case teams to allow multiple support representatives to manage the Cases.

Which two “Filter by owner” options would the user see while creating a list view on the Case object?

Choose 2 answers

A. Public Groups

B. Roles

C. Queue

D. My Case Teams

A

C. Queue

D. My Case Teams

75
Q

Universal Containers wants to create a way to store sensitive Invoice Data in Salesforce. A User who owns an Account should not see every Invoice, but only invoices that they or their subordinates own.

Which two features should be considered during this solution implementation?

Choose 2 answers.

A. Deploy the Relationship between Accounts and the Invoices Object as Master-Detail.

B. Ensure that the Organization-Wide Default sharing for Invoices is set to Private.

C. Create a Workflow that populates the Invoice sharing object upon Insert.

D. Deploy the Relationship between Accounts and the Invoices Object as Lookup.

A

B. Ensure that the Organization-Wide Default sharing for Invoices is set to Private.

D. Deploy the Relationship between Accounts and the Invoices Object as Lookup.

76
Q

Universal Containers wants to store Payment Term Details on the Account object, but the fields should only be visible on certain record types and for certain user profiles.

How can a System Administrator quickly determine which user profiles, page layouts, and record types include certain fields?

A. Log in as each user profile and view the Account Page Layouts.

B. Use the Field Accessibility Viewer for the fields in question

C. Universally require the field at the field level.

D. Click the Field-Level Security for the field on each Profile.

A

D. Click the Field-Level Security for the field on each Profile.

77
Q

Universal Containers would like to create a custom team solution that can be used on a custom Loan object. The following requirements must be met:

  • The Loan custom object should be set to Private in the Org-Wide Defaults.
  • Any user added to the Custom Team object should have Read Only access to the corresponding Loan record.
  • If the Custom Team record is marked as “Primary” then the corresponding user should have Read/Edit access to the corresponding Loan record.

Which two methods will allow the Architect to meet the requirements?

Choose 2 answers.

A. Create a custom trigger on the Custom Team object that inserts or updates records in the Loan_share object.

B. Create a criteria -based sharing rule on the Loan object that will share the Loan record with the appropriate user in the Custom Team object.

C. Create Apex Sharing Reasons on the Loan object to identify the reason the Loan record was shared.

D. Create an owner-based sharing rule on the Custom Team object that will share the Loan record to the owner of the Custom Team record.

A

A. Create a custom trigger on the Custom Team object that inserts or updates records in the Loan_share object.

C. Create Apex Sharing Reasons on the Loan object to identify the reason the Loan record was shared.

B & D?

78
Q

Universal Containers would like to customize the security and sharing features of Salesforce Account Teams. They have decided to implement a Custom Account Team object. They would like the new enhancement to include all of the features of the existing account team, but also utilize Apex and Visualforce on the custom Account Team object.

Which two different approaches should the Architect consider when designing this enhancement?

Choose 2 answers

A. The need to synchronize the AccountTeamMember object with the Custom Account Team object data.

B. The need to maintain the Account_share object based upon the Custom Account Team object data.

C. The need to dynamically create Criteria-Based Sharing rules with Custom Account Team object data.

D. The need to customize Account screens in Visualforce, as the Account_share object cannot be maintained programmatically.

A

A. The need to synchronize the AccountTeamMember object with the Custom Account Team object data.

B. The need to maintain the Account_share object based upon the Custom Account Team object data.

79
Q

Universal Containers would like to restrict users’ access to export reports What option supports this requirement?

A. Remove the “Report Manager” user permission.

B. Remove the Export button from the report page layout.

C. Remove “Allow Export” on the report folder settings.

D. Remove the “Export Reports” profile permission.

A

D. Remove the “Export Reports” profile permission.

80
Q

Universal Containers would like to track defects within Salesforce. A defect need to have the following fields:

  • Severity
  • Type
  • Status
  • Description

There will be multiple Defects related to the standard Case object. Defects will be assigned to different owners which will often be different to the Case owner. Which option should the Architect choose to meet the requirement?

A. Create a relationship between the standard defect object and the standard case object.

B. Create a custom object for defects and relate it to cases using lookup.

C. Create all defect fields on the case object to track the defect and lookup.

D. Create a custom object for defects and relate it to cases using master–detail

A

B. Create a custom object for defects and relate it to cases using lookup.

81
Q

Universal Containers, a global corporation of 50,000 users, has a 24x7 call center operated by 20,000 users that includes employees and contractors. Their sales organization is 10,000 strong and they started processing about 100,000 updates to opportunity custom fields called Priority and NextStep. They also started processing 20,000 updates to a highly nested territory hierarchy. There was a third mass update on a Next Step field on the Action Plan custom object that has Case as a lookup field. Users started seeing a Group membership lock error in the system. What is a probable cause for this error?

A. Lock contention due to system-initiated sharing rule recalculation

B. Lock contention on Case records because of Action Plan custom object updates.

C. Lock contention on Territory object because of Territory object updates.

D. Lock contention on Account records because of Opportunity object updates.

A

C. Lock contention on Territory object because of Territory object updates.

82
Q

Universal Health is planning to store patient notes in Salesforce. Patient notes consist of long text notes taken by a use to document phone calls with a patient. A date audit has identified that these notes can contain Personally Identifiable Information (PII) and Personal Health Information (PHI). The regulatory requirements state that this data must be encrypted at rest as well as in transit.

What should the Architect do in order to make sure Universal Health stays compliant?

A. No action is required; all Salesforce data is encrypted at rest as part of Salesforce’s standard trust measures.

B. Enable Salesforce Shield Platform Data Encryption and mark the patient notes field as encrypted.

C. Create a new Custom Field of type “Text (Encrypted)” and move the patient notes data into the new field.

D. Use an Apex trigger and the Apex Crypto class to encrypt patient notes as soon as they are saved to Salesforce.

A

B. Enable Salesforce Shield Platform Data Encryption and mark the patient notes field as encrypted.

83
Q

Universal Containers maintains Job information in a Custom Object that contains sensitive information. The only users who should be able to view and edit Job records are the user who owns the record and all users in the Delivery profile. Which three platform sharing tools are required to support the above requirements?

Choose 3 answers.

A. Grant access Using Hierarchy sharing setting on the Job Object set to false.

B. “Modify All” permission for Job Object on the Delivery Profile.

C. Criteria-Based sharing rule for the Delivery Profile on the Job Object.

D. Organization-Wide Default sharing setting of Private on the Job Object.

E. “View All Data” profile permission on the Delivery Profile.

A

A. Grant access Using Hierarchy sharing setting on the Job Object set to false.

B. “Modify All” permission for Job Object on the Delivery Profile.

D. Organization-Wide Default sharing setting of Private on the Job Object.

84
Q

User A at Universal Containers is in the default account team for User B. User B owns the ACME account and changed User A’s team member access to the account. What is the impact of this change?

A. Changes affect the default Opportunity team.

B. Changes affect only the ACME Account.

C. Changes affect the default Account team.

D. Changes affect all child ACME Accounts.

A

B. Changes affect only the ACME Account.

85
Q

What can be done in Profile which is not in Permission Set

A. Login Hours, Page Layout assignment

A

A. Login Hours, Page Layout assignment

86
Q

What feature in Salesforce is needed to restrict access to a custom object that has Public Read/Write access?

A. Role Hierarchy

B. Record Type

C. Page Layout

D. Profile

A

D. Profile

87
Q

What is a workaround to ownership data skew?

A. You can minimize possible performance impacts by not assigning the user(s) to a role.

A

A. You can minimize possible performance impacts by not assigning the user(s) to a role.

88
Q

What is required to implement Filter-Based Opportunity Territory Assignment?

A. Define an account assignment with a filter criteria rule for Filter-Based Opportunity Territory Assignment.

B. Define a Territory assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment.

C. Define a custom Apex class for Filter-Based Opportunity Territory Assignment in the system.

D. Define an Opportunity assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment.

A

C. Define a custom Apex class for Filter-Based Opportunity Territory Assignment in the system.

89
Q

What is the best practice for testing sharing and visibility changes?

A. Use Administrative and User reports to view the Active Users.

B. Use the Login As feature for a sample user in each role and profile.

C. Use Field Audit Trail to audit the field meta-data and visibility.

D. Use the Sharing button to test Profile and Permission set changes.

A

B. Use the Login As feature for a sample user in each role and profile.

90
Q

What should the Architect do to ensure Field-Level Security is enforced on a custom Visualforce page using the Standard Lead Controller?

A. Use the “With Sharing” keyword on the Standard Lead Controller.

B. Nothing; Field-Level Security will automatically be enforced.

C. Use the {!Schema.sObjectType.Lead.fields.isAccessible()} expression

D. Use the Schema.SObject.Lead.isAccessible() method.

A

B. Nothing; Field-Level Security will automatically be enforced.

91
Q

What is the security vulnerability in the following code snippet?

value=”{!myTextField}”/> Value of my

Textfield is

A. SOQL Injection

B. Arbitrary Redirects

C. Cross-Site Scripting

D. Access Control

A

C. Cross-Site Scripting

92
Q

When writing test methods, what functionality is verified by the system method”runAs()”?

A. Enforcement of a user’s record sharing.

B. Enforcement of user permissions.

C. Enforcement of a user’s field-level security.

D. Enforcement of user’s public group assignments.

A

A. Enforcement of a user’s record sharing.

93
Q

When you make changes to roles and groups Salesforce locks the entire group membership table, which makes it impossible to process group changes in multiple threads to increase throughput on updates.

A. Granular Locking

A

A. Granular Locking

94
Q

Which are two valid use cases for programmatic sharing?

Choose 2 answers.

A. An external system manages user record access.

B. Frequent user ownership changes based on re-alignments.

C. Native sharing functionality does not meet requirements.

D. Setting user ownership for standard and custom objects.

A

A. An external system manages user record access.

C. Native sharing functionality does not meet requirements.

95
Q

Which features does Salesforce provide for restricting login access to the application? Choose 2 answers.

A. Profile-based login hour restrictions

B. Role-based IP restrictions

C. Organization-wide login hour restrictions

D. Profile-based IP restrictions

A

A. Profile-based login hour restrictions

D. Profile-based IP restrictions

96
Q

Which of the following is used to encrypt a variety of widely used standard fields, along with some custom fields and many kinds of files.

A. Shield Encryption.

A

A. Shield Encryption.

97
Q

Which three advanced tools can Salesforce enable for large-scale role hierarchy realignments in organizations with large data volumes?

Choose 3 answers.

A. Partitioning by Divisions

B. Granular Locking

C. Parallel Sharing Rule Recalculation

D. Deferred Sharing Calculation

E. Skinny Table Indexing

A

B. Granular Locking

C. Parallel Sharing Rule Recalculation

D. Deferred Sharing Calculation

98
Q

Which three areas should the Architect review in order to increase performance of “Record Access” and “Sharing” calculations?

Choose 3 answers.

A. Custom Object data, to ensure that no Account has more than 10,000 Custom Objects that look up to it.

B. Opportunity data, to ensure that no Account has more than 10,000 Opportunity records that are related to it.

C. Record ownership, to ensure that no user owns more than 10,000 Object records in the system.

D. Apex Managed Sharing triggers, to ensure that no trigger is querying more that 10,000 Object records.

E. Case data, to ensure that no Account has more than 10,000 Case records that are related to it

A

B. Opportunity data, to ensure that no Account has more than 10,000 Opportunity records that are related to it.

C. Record ownership, to ensure that no user owns more than 10,000 Object records in the system.

E. Case data, to ensure that no Account has more than 10,000 Case records that are related to it

99
Q

Which three capabilities are available with Enterprise Territory Management?

Choose 3 answers

A. Create a public group with Territory

B. Share a report or dashboard folder with a Territory

C. Metadata API Support

D. Integration with Collaborative Forecasting

E. Assignment of Territory on Opportunities

A

C. Metadata API Support

D. Integration with Collaborative Forecasting

E. Assignment of Territory on Opportunities

100
Q

Which two access grants are stored in the Group Maintenance tables?

Choose 2 answers

A. Inherited access grants

B. Explicit grants

C. Group Membership grants

D. Implicit grants

A

A. Inherited access grants

C. Group Membership grants

101
Q

Which two are potential vulnerabilities in the following code snippet?

public class SOQLController { public String name { get { return name;} set {name=value;} } public PageReference query() { String qryString=’SELECT Id FROM Contact WHERE ‘+ ‘(IsDeleted = false and Name like '%’ + name + ‘%'}’; queryResult = Database.query(qryString); retunr null; } }

Choose 2 answers

A. FLS check

B. SOQL Injection

C. Data Access Control

D. Arbitrary Redirects

A

B. SOQL Injection

C. Data Access Control

102
Q

Which two options are available to share a Report or Dashboard folder with other users in the Organization?

Choose 2 answers

A. Profiles

B. Public Groups

C. Roles

D. Teams

A

B. Public Groups

C. Roles

103
Q

Which two options can help mitigate the risks of import failures associated with large-volume bulk data loads?

Choose 2 answers.

A. Minimize user group hierarchy.

B. Defer Sharing Calculation.

C. Increase batch size.

D. Group records by ParentID within a batch.

A

B. Defer Sharing Calculation.

D. Group records by ParentID within a batch.

104
Q

Which two options provide implicit record access to users?

Choose 2 answers

A. Read-only access to parent account for a user, based on a criteria-based sharing rule

B. Read-only access to parent account for a user with access to a child case

C. Access to child opportunities for the owner of the parent account

D. Access to related leads for the owner of the parent campaign

A

B. Read-only access to parent account for a user with access to a child case

C. Access to child opportunities for the owner of the parent account

105
Q

Which two reasons should the Architect consider regarding the use of Apex Sharing Reasons?

Choose 2 answers

A. Ensuring the developer can more easily troubleshoot programmatic sharing.

B. Ensuring the Share record is not deleted upon ownership change.

C. Ensuring the Share record is deleted upon ownership change.

D. Ensuring there is additional criteria available for Criteria-Based Sharing.

A

A. Ensuring the developer can more easily troubleshoot programmatic sharing.

B. Ensuring the Share record is not deleted upon ownership change.

106
Q

Which two settings are available in profiles, but not permission sets?

Choose 2 answers.

A. Tab Settings

B. Record Types

C. Page Layout Assignments

D. Login Hours

A

C. Page Layout Assignments

D. Login Hours

107
Q

Which users have access to Opportunity records owned by an external user, assuming no other changes to the sharing model have been implemented?

A. The record owner and any user above the external user in the role hierarchy.

B. The record owner only.

C. The record owner and any user below the external user in the role hierarchy.

D. The record owner and all internal users.

A

A. The record owner and any user above the external user in the role hierarchy.

Sharing and Visibility Architect (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions