Sharing and Visibility
Universal Containers (UC) works with a dealer network to sell their products. There are approximately 5,000 dealers that do business with UC and UC has purchased a Partner Community to interact with each of their dealers on Opportunities. Each dealer is structured so that there are a group of managers who will oversee a larger team of agents. UC would like to set the Organization-Wide Defaults to Private for the Opportunity object, both internally and externally. Within each dealer, there are a few agents called Lead Agents who should be able to see the Opportunities for all of the other Agents at the dealer. What is the optimal solution for an Architect to recommend? A. Add a Sharing Set that shares Opportunities to the Lead Agent based on the Lead Agents Account. B. Build an Apex Managed Sharing rule that will assign specific Opportunities to Lead Agents. C. Grant Super User access to the Lead Agents as part of the Community user setup. D. Create a Sharing Rule to share opportunities to the owner's manager's role and below.
A. Add a Sharing Set that shares Opportunities to the Lead Agent based on the Lead Agents Account.
Which are two valid use cases for programmatic sharing? Choose 2 answers A. An external system manages user record access. B. Frequent user ownership changes based on re-alignments. C. Native sharing functionality does not meet requirements. D. Setting user ownership for standard and custom objects.
A. An external system manages user record access. C. Native sharing functionality does not meet requirements.
Which three capabilities are available with Enterprise Territory Management? Choose 3 answers A. Assignment of Territory on Opportunities. B. Share a report or dashboard folder with a Territory. C. Metadata API Support D. Create a public group with Territory. E. Integration with Collaborative Forecasting.
A. Assignment of Territory on Opportunities. C. Metadata API Support D. Create a public group with Territory.
Below are some details regarding the organization at Universal Containers: v Richard and Kevin are the East sales reps and their manager is Karen, the East sales executive. v Sam and Wilder are West sales reps and their manager is Wendy, the West sales executive. v Bob is the CEO and manages both Karen and Wendy. Universal Containers role hierarchy follows their management structure. Richard owns an account, NewCompany, and Kevin owns an account, OldCompany. Karen manually shared her account NewWorld with Kevin. However, she has moved to a new role to lead all Named Accounts, and Phil, who replaced her, is the new owner of NewWorld. Which employees will have access to the NewWorld account? A. Bob and Phil B. Bob, Karen and Kevin C. Bob, Richard, Phil and Kevin D. Bob, Phil and Kevin
A. Bob and Phil
Below are some details regarding the organization at Universal containers: Richard and Kevin are the east sales reps and their manager is Karen the East sales executive. Sam and Wilder are West sales reps and the manager is Wendy, the West sales executive. Bob is the CEO and managers both Karen and Wendy. Universal containers role hierarchy follows their management structure. Richard owns an account, NewCompany, and Kevin owns an account, OldCompany. Karen manually shared her account NewWorld with Kevin. However, she has moved to a new role to lead all Named Accounts, and Phil, who replaced her, is the new owner of NewWorld.Which employees will have access to the NewWorld account? A. Bob and Phil B. Bob, Richard, Phil and Kevin C. Bob, Karen and Kevin D. Bob, Phil and Kevin
A. Bob and Phil
Universal Containers has Controlled by Parent sharing settings on the Contact object and Public Read Only sharing settings on Account, Opportunity, and Case objects. Which two options can the user see while adding Account team members to the Account? A. Case Access B. Opportunity Access C. Contact Access D. Activity Access
A. Case Access B. Opportunity Access
Universal Containers would like to create a custom team solution that can be used on a custom Loan object. The following requirements must be met: · The Loan custom object should be set to Private in the Org-Wide Defaults. · Any user added to the Custom Team object should have Read Only access to the corresponding Loan record. · If the Custom Team record is marked as "Primary" then the corresponding user should have Read/Edit access to the corresponding Loan record. Which two methods will allow the Architect to meet the requirements? Choose 2 answers A. Create a custom trigger on the Custom Team object that inserts or updates records in the Loan_share object. B. Create a criteria-based sharing rule on the Loan object that will share the Loan record with the appropriate user in the Custom Team object. C. Create Apex Sharing Reasons on the Loan object to identify the reason the Loan record was share. D. Create an owner-based sharing rule on the Custom Team object that will share the Loan record to the owner of the Custom Team record.
A. Create a custom trigger on the Custom Team object that inserts or updates records in the Loan_share object. C. Create Apex Sharing Reasons on the Loan object to identify the reason the Loan record was share.
Which three capabilities are available with Enterprise Territory Management? Choose 3 answers A. Create a public group with Territory. B. Assignment of Territory on Opportunities C. Integration with collaborative Forecasting. D. Share a report or dashboard folder with a Territory. E. Metadata API support
A. Create a public group with Territory. B. Assignment of Territory on Opportunities D. Share a report or dashboard folder with a Territory.
Universal Containers has developed Apex code to manually create AccountShare records to grant specific users access to individual Accounts.What must the Architect do to ensure the AccountShare records are not deleted when the owner of the Account is changed? A. Create the share records and set the RowCause to a custom Apex Sharing Reason. B. Create the share records in a class with the "Without Sharing" keyword. C. Create the share records with the Delete on Owner Change field set to false. D. Create the share records and set the RowCause to Manual.
A. Create the share records and set the RowCause to a custom Apex Sharing Reason.
At Universal Containers, users should only see Accounts they or their subordinates own. All Accounts with the custom field "Kay Customer" should be visible to all Senior Account Managers. There is a custom field on the Account record that contains sensitive information and should be hidden from all users, except 3 designated users who require view and edit access. These three users come from different user groups, and will change occasionally. Which three platform security features are required to support these requirements with the minimum amount of effort? Choose 3 answers A. Criteria-Based Sharing Rules B. Owner-Based Sharing Rules C. Role Hierarchy D. Apex Managed Sharing E. Permission Sets
A. Criteria-Based Sharing Rules C. Role Hierarchy E. Permission Sets
Which three areas should the Architect review in order to increase performance of "Record Access" and "Sharing" calculations? Choose 3 answers A. Custom Object data, to ensure that no Account has more than 10,000 Custom Objects that look up to it. B. Opportunity data, to ensure that no Account has more than 10,000 Opportunity records that are related to it. C. Record ownership, to ensure that no user owns more than 10,000 Object records in the system. D. Apex Managed Sharing triggers, to ensure that no trigger is querying more that 10,000 Object records.
A. Custom Object data, to ensure that no Account has more than 10,000 Custom Objects that look up to it. B. Opportunity data, to ensure that no Account has more than 10,000 Opportunity records that are related to it. C. Record ownership, to ensure that no user owns more than 10,000 Object records in the system.
Universal Containers has created a custom object to store highly confidential client relationship data with Private sharing settings. Which two options would an Architect choose to ensure access only to the record owner and the administrator? Choose 2 answers A. Disable "Grant Access Using Hierarchies." B. Disable the "View All" permission on all other profiles. C. Disable the "Create" permission on all other profiles. D. Disable the "Read" permission on all other profiles.
A. Disable "Grant Access Using Hierarchies." B. Disable the "View All" permission on all other profiles.
Universal Containers has created a custom object to store highly confidential client relationship data with Private sharing settings. Which two options would an Architect choose to ensure access only to the record owner and the administrator? Choose 2 answers A. Disable "Grant Access Using Hierarchies." B. Disable the "Create" permission on all other profiles. C. Disable the "Read" permission on all other profiles. D. Disable the "View All" permission on all other profiles.
A. Disable "Grant Access Using Hierarchies." D. Disable the "View All" permission on all other profiles.
Universal containers has a global 24x7 salesforce.com implementation that supports sales, services, order management, and various other parts of their business. They have a nested territory hierarchy, 10,000 sales users cover and 20,000 support agents. Territory changes happen daily. The demand for new applications and changes to the platform is high and they follow and agile development methodology and deliver new releases every two weeks on the platform. What salesforce.com feature would have the system recover from a maintenance restart on Salesforce servers? A. Enable Deferred Sharing Rule recalculation B. Enable Granular Locking on the system. C. Enable Filter-Based Opportunity Territory Assignment. D. Enable Parallel Sharing Rule recalculation.
A. Enable Deferred Sharing Rule recalculation
When writing test methods, what functionality is verified by the system method "runAs()"? A. Enforcement of a user's record sharing. B. Enforcement of a user's field-level security. C. Enforcement of a user's permissions. D. Enforcement of a user's public group assignments.
A. Enforcement of a user's record sharing.
When writing test methods, what functionality is verified by the system method"runAs()"? A. Enforcement of a user's record sharing. B. Enforcement of user permissions. C. Enforcement of a user's field-level security. D. Enforcement of user's public group assignments.
A. Enforcement of a user's record sharing.
Which two reasons should the Architect consider regarding the use of Apex Sharing Reasons?Choose 2 answers A. Ensuring the developer can more easily troubleshoot programmatic sharing. B. Ensuring the Share record is not deleted upon ownership change. C. Ensuring the Share record is deleted upon ownership change. D. Ensuring there is additional criteria available for Criteria-Based Sharing.
A. Ensuring the developer can more easily troubleshoot programmatic sharing. B. Ensuring the Share record is not deleted upon ownership change.
Universal Containers has set the Org-Wide Sharing Default for Accounts to Private and has created some sharing rules to extend access based on certain data access policies. An architect has been asked to review access to a certain set of key customer accounts. How might this review be conducted? A. Export the Account Share table and review. B. Run a Report on Sharing in the Admin Console. C. Log in as each user and Run the All Accounts List View. D. Use the Sharing button on each customer Account.
A. Export the Account Share table and review.
Universal Containers maintains Job information in a Custom Object that contains sensitive information. The only users who should be able to view and edit Job records are the user who owns the record and all users in the Delivery profile.Which three platform sharing tools are required to support the above requirements? Choose 3 answers A. Grant Access Using Hierarchy sharing setting on the Job Object set to false. B. Criteria-Based sharing rule for the Delivery Profile on the Job Object. C. "Modify All" permission for Job Object on the Delivery Profile. D. Organization-Wide Default sharing setting of Private on the Job Object. E. "View All Data" profile permission on the Delivery Profile.
A. Grant Access Using Hierarchy sharing setting on the Job Object set to false. C. "Modify All" permission for Job Object on the Delivery Profile. D. Organization-Wide Default sharing setting of Private on the Job Object.
on the account object. They would like these fields to be available to Managers for reporting but do not want them to clutter the page layouts. What should the Architect recommend as a solution? A. Grant Managers access to the fields using Field-Level Security; do not add them to a page layout. B. Add the fields to the Managers Account Page Layout; mark the page layout section as Collapsed. C. Grant the Managers access to the fields using a Role-Based Sharing Rule; leave them hidden on the page layout D. Add the fields to a Custom Report; grant the Manages Role access to the report folder.
A. Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.
Universal Containers maintains Job information in a Custom Object that contains sensitive information. The only users who should be able to view and edit Job records are the user who owns the record and all users in the Delivery profile. Which three platform sharing tools are required to support the above requirements? Choose 3 answers. A. Grant access Using Hierarchy sharing setting on the Job Object set to false. B. "Modify all" permission for Job Object on the Delivery Profile. C. Criteria-Based sharing rule for the Delivery Profile on the Job Object. D. Organization-Wide Default sharing setting of Private on the Job Object. E. "View All Data" profile permission on the Delivery Profile.
A. Grant access Using Hierarchy sharing setting on the Job Object set to false. B. "Modify all" permission for Job Object on the Delivery Profile. D. Organization-Wide Default sharing setting of Private on the Job Object.
Universal Containers is looking to set up a new integration with its ERP system. The goal is to synchronize contacts in the ERP shipping tables with those in their CRM so that sales reps can view up to date contact information. The integration runs under a dummy Integration User who is at the top of the role hierarchy. The Organization-Wide Default sharing setting for Accounts is Private and Contacts is Controlled by Parent. A large number of contacts (100,000) have account data in the ERP system, but do not have corresponding Accounts in Salesforce.How should the Architect design the solution so that the sales team can see the contacts and there are no performance issues? A. Have the integration create both contacts and their corresponding accounts; use an Account sharing rule to grant sales reps access to the contacts. B. Have the integration create the contacts under one dummy account record; use an Account sharing rule to grant sales reps access to the contacts. C. Have the integration create the contacts with Salesforce without an account; use a Contact sharing rule to grant sales reps access to the contacts. D. Have the integration create both the contacts and their corresponding a
A. Have the integration create both contacts and their corresponding accounts; use an Account sharing rule to grant sales reps access to the contacts.
In order to comply with regulatory requirements, Universal Health must encrypt all Personally Identifiable Information (PII), both while it is being transmitted over the network and while it is at rest. Universal Health has completed a data audit and has determined that 12 fields on the contact record can contain PII, including the contact name and several other standard fields. Universal Health would like the fields to remain accessible in Salesforce. Which two options does Universal Health have to maintain compliance? Choose 2 answers A. Implement a custom Apex trigger to automatically encrypt the PII data using the Apex Crypto Class. B. Update the field type of each of the 12 fields to "Text (Encrypted)" so that they are encrypted at rest. C. Enable Salesforce Platform Encryption and select the 12 contact fields to be encrypted. D. Use an external, third party encryption service to encrypt PII before it enters Salesforce.
A. Implement a custom Apex trigger to automatically encrypt the PII data using the Apex Crypto Class. D. Use an external, third party encryption service to encrypt PII before it enters Salesforce.
Universal Containers has a set of Account Management users that should only see Accounts once the Account becomes a customer. The Type field on the Account identifies whether the Account is a Prospect, Customer, Partner, or Other. Which two methods could an Architect use to enable this sharing requirement, assuming a private sharing model for Accounts? Choose 2 answers A. Institute a process that calls for the Account Manager to be added to the Account Team once the Account becomes a customer. B. Create a Criteria-based Sharing rule that shares the Account to the Account Management Group when the Type is Customer. C. Create a Public List view, where Accounts of Type Customer are included and share the List view with the Account Management public group. D. Create an Account Sharing Rule that shares all Accounts owned by Sales to be shared with Account Management roles and Subordinates.
A. Institute a process that calls for the Account Manager to be added to the Account Team once the Account becomes a customer. B. Create a Criteria-based Sharing rule that shares the Account to the Account Management Group when the Type is Customer.
Universal Containers, a global corporation of 50,000 users, has a 24x7 call center operated by 20,000 users that includes employees and contractors. Their sales organization is 10,000 strong and they started processing about 100,000 updates to opportunity custom fields called Priority and NextStep. They also started processing 20,000 updates to a highly nested territory hierarchy. There was a third mass update on a Next Step field on the Action Plan custom object that has Case as a lookup field. Users started seeing a Group membership lock error in the system. What is a probable cause for this error? A. Lock contention due to system-initiated sharing rule recalculation B. Lock contention on Case records because of Action Plan custom object updates. C. Lock contention on Territory object because of Territory object updates. Lock contention on Account records because of Opportunity object updates.
A. Lock contention due to system-initiated sharing rule recalculation
Which two settings are available in profiles, but not permission sets?Choose 2 answers A. Login Hours B. Record Types C. Tab Settings D. Page Layout Assignments
A. Login Hours D. Page Layout Assignments
Universal Containers uses the Case object to track service tickets. They have implemented Case teams to allow multiple support representatives to manage the Cases. Which two "Filter by owner" options would the user see while creating a list view on the Case object? Choose 2 answers A. My Case Teams B. Roles C. Public Groups D. Queue
A. My Case Teams D. Queue
Universal Containers has the following Sharing Settings for their Org: · Account = Private · Contact = Controlled by Parent · Opportunity = Private · Case = Private They have enabled "Default Account Teams" and have trained users to set up their Default Team. Which three access levels can be set on the Account Team Member? Choose 3 answers A. Opportunity Access B. Case Access C. Contact Access D. Contract Access E. Account Access
A. Opportunity Access B. Case Access E. Account Access
Which three advanced tools can Salesforce enable for large-scale role hierarchy realignments in organizations with large data volumes? Choose 3 answers A. Partitioning by Divisions B. Granular Locking C. Parallel Sharing Rule Recalculation D. Deferred Sharing Calculation E. Skinny Table Indexing
A. Partitioning by Divisions B. Granular Locking D. Deferred Sharing Calculation
Which features does Salesforce provide for restricting login access to the application? Choose 2 answers A. Profile-based login hour restrictions B. Role-based IP restrictions C. Organization-wide login hour restrictions D. Profile-based IP restrictions
A. Profile-based login hour restrictions D. Profile-based IP restrictions
The Architect at Universal Containers has created a List View to show all open Opportunities that were created in the last month, and would like to make this list view visible to certain groups of users. Which two options are available to the Architect for sharing the List View? A. Public Groups B. Profiles C. Roles and Subordinates D. Manual Sharing
A. Public Groups C. Roles and Subordinates
Universal Containers (UC) has a requirement to expose a web service to their business partners. The web service will be used to allow each business partner to query UC's Salesforce instance to retrieve the status of orders. The business partner should only be allowed access to orders for which the business partner is the fulfillment vendor. The Architect does not want the business partners to utilize the standard APIs and would prefer a custom API be developed. Which three design elements should the Architect consider in order to ensure the data security of the solution? Choose 3 answers A. Query the Orders object with Dynamic SOQL based upon the fulfillment ID. B. Set the Orders object's sharing settings to Private in the Org-Wide Defaults. C. Provide each partner with their own Salesforce login set to API Enabled on the profile. D. Develop a custom Apex web service with a fulfillment ID input attribute E. Develop a custom Apex web service using the "With Sharing" keyword.
A. Query the Orders object with Dynamic SOQL based upon the fulfillment ID. B. Set the Orders object's sharing settings to Private in the Org-Wide Defaults. D. Develop a custom Apex web service with a fulfillment ID input attribute
Universal Containers does not want the Users in the Custom Sales Department Profile to be able to delete Opportunities. How would the Architect prevent a certain set of users from deleting Opportunities? A. Remove the "Opportunity Delete" Permission from the Sales Team's User Profile in the Object Permission. B. Remove the Delete button from the Opportunity Page Layout and Record Type settings. C. Create a Validation Rule that checks the User's Profile before allowing the IsDeleted flag to be set to true. D. Override the Standard button with a Visualforce Page that warns them that they do not have permission to delete.
A. Remove the "Opportunity Delete" Permission from the Sales Team's User Profile in the Object Permission.
Universal Containers has successfully implemented a large Service Cloud rollout for their national call center 3 months ago. One of their largest customer accounts, United Automotive, has over 15,000 open cases. Agents are now having trouble opening new cases for United Automotive. When they try to create a case, the following Error messages appear for them UNABLE_TO_LOCK_ROW They notice that this only occurs for the United Automotive account. If they try to save the case again it will usually work, but the problem seems to be happening more and more often. What option should the Architect recommend? A. Review the Account structure to split the United Automotive account into multiple branch accounts. B. Review the Customer Service Profile to ensure that they have Read/Write access to the appropriate Case and Account Fields. C. Review all Case Sharing Rules and consolidate where appropriate to reduce the total number of sharing rules. D. Review all Account sharing rules to ensure that the Customer Service team has Read/Write access to the United Automotive Account.
A. Review the Account structure to split the United Automotive account into multiple branch accounts.
The Architect at Universal Containers has created a List View to show all open Opportunities that were created in the last month, and would like to make this list view visible to certain groups of users. Which two options are available to the Architect for sharing the List View? Choose 2 answers A. Roles and Subordinates B. Public Groups C. Profiles D. Manual Sharing.
A. Roles and Subordinates B. Public Groups
What is the security vulnerability in the following code snippet? <apex:form> <apex:commandButtonrerender="outputIt" value="Update It"/> <apex:inputText value="{ !myTextField}"/> </apex:form> <apex:outputPanel id="outputIt"> Value of myTextField is <apex:outputTextvlue="{!myTextField}" escape="false"/> </apex:outputPanel> A. SOQL Injection B. Access Control C. Arbitrary Redirects D. Cross-Site Scripting
A. SOQL Injection
A Visualforce controller has a requirement to be written with "Without Sharing" at the top level; however, certain methods within the page still need to enforce the user permissions for creating records and accessing certain fields. Which two methods below would be used to enforce these requirements? Choose 2 answers A. Schema.DescribeFieldResult B. Schema.getGlobalDescribe C. UserInfo.getProfileID D. Schema.DescribeSObjectResult
A. Schema.DescribeFieldResult D. Schema.DescribeSObjectResult
A Visualforce controller has a requirement to be written with "Without Sharing" at the top level; however, certain methods within the page still need to enforce the user permissions for creating records and accessing certain fields. Which two methods below would be used to enforce this requirement? Choose 2 answers A. Schema.DescribeSObjectResult B. Schema.getGlobalDescribe C. Schema.DescribeFieldResult D. UserInfo.getProfileID
A. Schema.DescribeSObjectResult C. Schema.DescribeFieldResult
Universal containers have set Opportunity Sharing to Private with Opportunity Teams enabled. Which three options can change the Owner of the Opportunity? Choose 3 answers A. Someone above the Opportunity Owner in the Role Hierarchy. B. The current Opportunity Owner can transfer the Ownership. C. The System Administrator or a user with the "Transfer Records" permission. D. Any Opportunity Team Member on the current Opportunity E. The user specified as the Manager on the Owner's User Profile.
A. Someone above the Opportunity Owner in the Role Hierarchy. B. The current Opportunity Owner can transfer the Ownership. C. The System Administrator or a user with the "Transfer Records" permission.
A developer at Universal Containers is building integration within a managed package for their internal org that requires login to an external system. The end point requires basic authentication. The Architect would like to ensure that the username and password are managed securely.Which three options should the Architect recommend to secure the credentials?Choose 3 answers A. Store the credentials in protected custom metadata that are used in the Apex Callout. B. Store the credentials in Named Credentials that are used in the Apex Callout. C. Store the credentials in a custom object using encrypted fields. D. Store the credentials in protected custom settings that are used in the Apex Callout. E. Store the credentials in the Apex code, which will not be available to non-admins.
A. Store the credentials in protected custom metadata that are used in the Apex Callout. C. Store the credentials in a custom object using encrypted fields. D. Store the credentials in protected custom settings that are used in the Apex Callout.
The Architect notices that there are many duplicate Account records and numerous sharing rules created in Salesforce.What would be the reason? A. The Organization-Wide Default for the Account object is Private. B. The Organization-Wide Default for the Account object is Public Read/Write. C. The Organization-Wide Default for the Account object is Public Read-Only. D. The Object permissions for the Account object are Create, Read, and Edit.
A. The Organization-Wide Default for the Account object is Private.
Universal Containers would like to customize the security and sharing features of Salesforce Account Teams. They have decided to implement a Custom Account Team object. They would like the new enhancement to include all of the features of the existing account team, but also utilize Apex and Visualforce on the custom Account Team object. Which two different approaches should the Architect consider when designing this enhancement? Choose 2 answers A. The need to synchronize the AccountTeamMember object with the Custom Account Team objects data. B. The need to maintain the Account_share object based upon the Custom Account Team object data. C. The need to dynamically create Criteria-Based Sharing rules with Custom Account Team object data. D. The need to customize Account screens in Visualforce, as the Account_share object cannot be maintained programmatically.
A. The need to synchronize the AccountTeamMember object with the Custom Account Team objects data. D. The need to customize Account screens in Visualforce, as the Account_share object cannot be maintained programmatically.
The architect at Universal Containers would like to prevent users from editing encrypted fields.Assuming no customizations are implemented, which two options should the Architect choose to support the requirement? Choose 2 answers A. Validation Rules B. Page Layout settings C. Apex Triggers D. Workflow Rules
A. Validation Rules B. Page Layout settings
Universal Containers has a strict security model enforced through object, field, and row based security mechanisms. The Architect would like to ensure the security model is being thoroughly tested using Apex automated tests.Which three considerations should be made when using the runAs() method to design Apex unit tests? Choose 3 answers A. runAs() can be used inside of test classes to validate record-level security. B. runAs() can be used outside of test classes to bypass record-level security. C. runAs() can be used inside of test classes to validate field-level permissions. D. runAs() does not enforce user permissions or field-level permissions in test classes. E. runAs() counts towards total DML statements issued within the transaction.
A. runAs() can be used inside of test classes to validate record-level security. D. runAs() does not enforce user permissions or field-level permissions in test classes. E. runAs() counts towards total DML statements issued within the transaction.
Universal Containers has strict security model enforced through object, field, and row-based security mechanisms. The Architect would like to ensure the security model is being thoroughly tested using Apex automated tests. Which three considerations should be made when using the runAs() method to design Apex unit tests? Choose 3 answers A. runAs() counts towards total DML statements issued within the transaction B. runAs() can be used inside of test classes to validate record-level security. C. runAs() can be used inside of test classes to validate field-level permissions. D. runAs() can be used outside of test classes to bypass record-level security. E. runAs() does not enforce user permissions or field-level permissions in test classes.
A. runAs() counts towards total DML statements issued within the transaction B. runAs() can be used inside of test classes to validate record-level security. E. runAs() does not enforce user permissions or field-level permissions in test classes.
Universal Containers has two custom objects: Job and Job Interview. The Job Interview object has a lookup relationship to Job. Both objects are set to Private in sharing settings. The HR team will own all Job and Job Interview records. They have asked their Salesforce Architect to automatically share the Job Interview when the Interviewer (lookup to user record) has been populated. The interviewer can be from any department. What method should the Architect use to achieve this requirement? A. Build apex Managed Sharing code to share Job Interview with the Interviewer user. B. Build a criteria-based sharing rule between the Job Interview and the Interviewer. C. Build a standard sharing rule between Job Interview and the Interviewer. D. Build a workflow email notification to notify the interviewer of the record assignment.
B. Build a criteria-based sharing rule between the Job Interview and the Interviewer.
User A at Universal Containers is in the default account team for User B. User B owns the ACME account and changed User A's team member access to the account.What is the impact of this change? A. Changes affect the default Opportunity team. B. Changes affect only the ACME Account. C. Changes affect the default Account team. D. Changes affect all child ACME Accounts.
B. Changes affect only the ACME Account.
Universal Containers has implemented a strict software architecture for their custom Apex Code. One of the requirements is that all SOQL queries are contained within reusable classes. Depending on the context of the Apex transaction, the queries should be able to run either "With Sharing" or "Without Sharing".Which two ways allow the Architect to meet these requirements?Choose 2 answers A. Create a reusable SOQLQueries class; do not specify "With" or "Without Sharing" on the a. SOQLQueries class. B. Create a reusable SOQLQueries class; specify "With Sharing" on the methods that require user context and "Without Sharing" on the methods requiring system context. C. Create a reusable SOQLQueries class and a User SOQLQueries class; set the "With Sharing" keyword on the User SOQLQueries class and "Without Sharing" on the System SOQLQueries class. D. Create a reusable SOQLQueries class; do not specify "With" or "Without Sharing" on the SOQLQueries class and use the runAs() method to dynamically set the context.
B. Create a reusable SOQLQueries class; specify "With Sharing" on the methods that require user context and "Without Sharing" on the methods requiring system context. C. Create a reusable SOQLQueries class and a User SOQLQueries class; set the "With Sharing" keyword on the User SOQLQueries class and "Without Sharing" on the System SOQLQueries class.
Which two options can help mitigate the risks of import failures associated with large-volume bulk data loads? Choose 2 answers A. Minimize user group hierarchy. B. Defer Sharing Calculation. C. Increase batch size. D. Group records by ParentID within a batch.
B. Defer Sharing Calculation. D. Group records by ParentID within a batch.
A sales representative at Universal Containers needs assistance from specific product managers when selling certain deals. Product managers do not have access to opportunities they don't own, as the sharing model is Private, but need to gain access when they are assisting with a specific deal. How can an Architect accomplish the requirement? A. Create a sharing rule to allow the product manager to access the opportunity. B. Enable opportunity teams and allow users to add the product manager. C. Enable account team and allow users to add the product manager. D. Use similar opportunities to share opportunities related to the product manager.
B. Enable opportunity teams and allow users to add the product manager.
Universal Containers, a global corporation of 50,000 users, has a 24x7 call center operated by 20,000 users that includes employees and contractors. Their sales organization is 10,000 strong and they started processing about 100,000 updates to opportunity custom fields called Priority and NextStep. They also started processing 20,000 updates to a highly nested territory hierarchy. There was a third mass update on a Next Step field on the Action Plan custom object that has Case as a lookup field. Users started seeing a Group membership lock error in the system. What is a probable cause for this error? A. Lock contention on Account records because of Opportunity object updates. B. Lock contention due to system-initiated sharing rule recalculation C. Lock contention on Case records because of Action Plan custom object updates. D. Lock contention on Territory object because of Territory object updates.
B. Lock contention due to system-initiated sharing rule recalculation
Universal Containers is updating its Organization-Wide Sharing Settings for the Account Object from a "Public Read/Write" model to a "Private" model, so that they can hide certain national accounts from sales reps and sales managers. These national accounts should only be accessible by sales directors and above. Universal Container's Role Hierarchy matches its organizational hierarchy. Which two options should the Architect consider when designing the solution? Choose 2 answers A. Sales directors will need a sharing rule created so that they can see accounts owned by Sales Users. B. National accounts must be owned by a user who is above the sales managers in the Role Hierarchy. C. Apex managed sharing will have to be disabled for the account object to protect the national accounts. D. If a sales rep is added to the Opportunity Team for a national account, they will gain access to account data.
B. National accounts must be owned by a user who is above the sales managers in the Role Hierarchy. D. If a sales rep is added to the Opportunity Team for a national account, they will gain access to account data.
What should the Architect do to ensure Field-Level Security is enforced on a custom Visualforce page using the Standard Lead Controller? A. Use the "With Sharing" keyword on the Standard Lead Controller. B. Nothing; Field-Level Security will automatically be enforced. C. Use the {!Schema.sObjectType.Lead.fields.isAccessible()} expression D. Use the Schema.SObject.Lead.isAccessible() method.
B. Nothing; Field-Level Security will automatically be enforced.
Universal Containers has requirement for the Architect to develop Apex Managed Sharing code for the custom Job object. The sharing settings for the Job object are set to Private. When assigning access level for the record, which two lines of code will cause a DML exception on insert to the database? Choose 2 answers A. Objectname.AccessLevel='Edit' B. Objectname.AccessLevel='All' C. Objectname.AccessLevel='None' D. Objectname.AccessLevel='Read'
B. Objectname.AccessLevel='All' C. Objectname.AccessLevel='None'
Which two options are available to share a Report or Dashboard folder with other users in the Organization? Choose 2 answers A. Profiles B. Public Groups C. Roles D. Teams
B. Public Groups C. Roles
Which two options provide implicit record access to users? Choose 2 answers A. Read-only access to parent account for a user, based on a criteria-based sharing rule. B. Read-only access to parent account for a user with access to a child case C. Access to child opportunities for the owner of the parent account. D. Access to related leads for the owner of the parent campaign.
B. Read-only access to parent account for a user with access to a child case C. Access to child opportunities for the owner of the parent account.
Universal Containers has developed an AppExchange managed package for their distribution partners, which required a private key to be generated for each partner and used by the code. Universal Containers support representatives must be able to access the private key value to debug connection issues, but it must not be possible for the partner to access the value.How can the Architect best support this requirement? A. Store the value in a text field on a protected custom setting in the package. B. Store the value in a static variable in a class included in the managed package. C. Store the value in the text field on a list custom setting in the managed package. D. Store the value in an encrypted field on a custom object in the package.
B. Store the value in a static variable in a class included in the managed package.
Universal Containers has set Opportunity Sharing to Private with Opportunity Teams enabled.Which three options can change the Owner of the Opportunity?Choose 3 answers. A. Any Opportunity Team Member on the current Opportunity. B. The current Opportunity Owner can transfer the Ownership. C. The System Administrator or a user with the "Transfer Records" permission. D. The user specified as the Manager on the Owner's User Profile. E. Someone above the Opportunity Owner in the Role Hierarchy.
B. The current Opportunity Owner can transfer the Ownership. C. The System Administrator or a user with the "Transfer Records" permission. E. Someone above the Opportunity Owner in the Role Hierarchy.
Universal Containers regularly uploads large amounts of parent and child records into Salesforce to maintain integrations with other systems that update their data in scheduled batches or continuously in real time, which two situations may pose a risk of producing locking errors. Choose 2 answers A. Updates to parent and child records are being processed in the same batch. B. Updates to child records that have the same parent records are being processed simultaneously in separate transactions. C. Updates to parent records and their child records being processed simultaneously in separate D. threads. E. Updates to parent and child records are being processed synchronously in the same threads.
B. Updates to child records that have the same parent records are being processed simultaneously in separate transactions. C. Updates to parent records and their child records being processed simultaneously in separate
Universal Containers has implemented a community for its customers using the Customer Community sense type. They have implemented a custom object to store service requests that has a look up to the account record. The Organization Wide Default External Access for the service request object is set to Private. Universal Containers wants their customers to be able to see service requests for their account through the community. Customers should not see service requests for other accounts. What Salesforce feature can the Architect use to implement this? A. Use manual sharing to share the service requests manually when a new community user is added. B. Use a Sharing Set to share service requests related to the account based on the community user's profile. C. Use a Sharing Rule to share service requests to the community user based on their role. D. Use Apex Managed Sharing to share service requests related to the account to the appropriate community users.
B. Use a Sharing Set to share service requests related to the account based on the community user's profile.
Universal Containers wants to store Payment Term Details on the Account object, but the fields should only be visible on certain record types and for certain user profiles.How can a System Administrator quickly determine which user profiles, page layouts, and record types include certain fields? A. Log in as each user profile and view the Account Page Layouts. B. Use the Field Accessibility Viewer for the fields in question C. Universally require the field at the field level. D. Click the Field-Level Security for the field on each Profile.
B. Use the Field Accessibility Viewer for the fields in question
Universal Containers has requirement to integrate Salesforce with an external system to control record access. What option should the Architect consider when designing a solution? A. Use the Security API to modify the role hierarchy in Salesforce. B. Use the SOAP API to maintain the related SObject_share records. C. Use the Metadata API to maintain the related SObject records. D. Use the SOAP API to create new Criteria-Based Sharing Rules in Salesforce.
B. Use the SOAP API to maintain the related SObject_share records.
How should the Architect ensure that object-level security is enforce within a custom Visualforce application that was a standard Apex controller on the Lead object? A. Use the runAs() method to enforce user permissions in the Apex controller. B. Use the Schema.DescribeSObjectResultisAccessible() method in the Apex controller. C. Use the {!$ObjectType.lead.accessible} expression within the Visualforce page. D. Use the "With Sharing" keyword when defining the Visualforce page.
B. Use the Schema.DescribeSObjectResultisAccessible() method in the Apex controller.
How should the Architect ensure that object-level security is enforced within a custom Visualforce application that uses a custom Apex controller? A. Use the "With Sharing" keyword when defining the Visualforce page. B. Use the Schema.DescribeSObjectResultisAccessible() method in the Apex controller. C. Use the "With Sharing" keyword when defining the Apex controller class. D. Use the "Without Sharing" keyword when defining the Apex controller class.
B. Use the Schema.DescribeSObjectResultisAccessible() method in the Apex controller.
Universal Containers has a custom object, Employee Review, with an Organization-Wide Default security setting of Private. A user lookup on the Employee Review object is populated when a reviewer is assigned to perform a review. How can this user be granted edit access to the record if they are not the owner? A. Create an Apex trigger to insert and Employee Review Share record with an access level of Edit. B. The user will be granted access to the record automatically when the user lookup is populated. C. Create a criteria-based sharing rule to share the record with the user in the lookup field. D. Create a workflow rule to share the Employee Review record with the user in the lookup field.
C. Create a criteria-based sharing rule to share the record with the user in the lookup field.
Universal Health is planning to store patient notes in Salesforce. Patient notes consist of long text notes taken by a use to document phone calls with a patient. A date audit has identified that these notes can contain Personally Identifiable Information (PII) and Personal Health Information (PHI). The regulatory requirements state that this data must be encrypted at rest as well as in transit. What should the Architect do in order to make sure Universal Health stays compliant? A. No action is required; all Salesforce data is encrypted at rest as part of Salesforce's standard trust measures. B. Enable Salesforce Shield Platform Data Encryption and mark the patient notes field as encrypted. C. Create a new Custom Field of type "Text (Encrypted)" and move the patient notes data into the new field. D. Use an Apex trigger and the Apex Crypto class to encrypt patient notes as soon as they are save to Salesforce.
C. Create a new Custom Field of type "Text (Encrypted)" and move the patient notes data into the new field.
Universal Containers has a custom Job object with a private sharing model. Based on the size and location of the Job, different teams must have access to edit the specific Job record. To support this requirement, Apex Managed Sharing has been implemented to share records with the required users. Since the teams change frequently, managed sharing recalculations need to be manually run frequently. What can the Architect do to optimize this process? A. Change the sharing model on the Job object to Public Read/Write. B. Create a scheduled job to automatically run the sharing recalculations on a nightly basis. C. Create public groups for each team, and share the jobs with the groups instead of users. D. Create a custom Visualforce page to edit the jobs and specify Without Sharing on the controller.
C. Create public groups for each team, and share the jobs with the groups instead of users.
What is the security vulnerability in the following code snippet? <apex:form> <apex:commandButtonrerender="outputIt" value="Update It"/> <apex:inputText value="{!myTextField}"/> <apex:form> <apex:outputPanel id="outputIt"> Value of my Textfield is <apex:outputText Value="{!myTextField}" escape="false"/> <apex:outputPanel> A. SOQL Injection B. Arbitrary Redirects C. Cross-Site Scripting D. Access Control
C. Cross-Site Scripting
What is required to implement Filter-Based Opportunity Territory Assignment? A. Define an account assignment with a filter criteria rule for Filter-Based Opportunity Territory Assignment. B. Define a Territory assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment. C. Define a custom Apex class for Filter-Based Opportunity Territory Assignment in the system. D. Define an Opportunity assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment.
C. Define a custom Apex class for Filter-Based Opportunity Territory Assignment in the system.
A sales representative at Universal Container needs assistance from specific product managers when selling certain deals. Product managers do not have access to opportunities they don't own, as the sharing model is Private, but need to gain access when they are assisting with a specific deal.How can an Architect accomplish the requirement? A. Create a sharing rule to allow the product manager to access the opportunity. B. Use similar opportunities to share opportunities related to the product manager. C. Enable opportunity teams and allow users to add the product manager. D. Enable account teams and allow users to add the product manager.
C. Enable opportunity teams and allow users to add the product manager.
Which two access grants are stored in the Group Maintenance tables? Choose 2 answers A. Inherited access grants B. Explicit grants C. Group Membership grants D. Implicit grants
C. Group Membership grants D. Implicit grants
In order to comply with Regulatory Requirements, Universal Containers must store sensitive customer information on-premise. Universal Containers would like this on-premise information to be accessible from Salesforce. What technology can Universal Containers use to achieve this? A. Implement a third-party tokenization service. B. Implement an on-premise database. C. Implement a third-party proxy server. D. Implement the Salesforce Shield toolkit.
C. Implement a third-party proxy server.
Universal Containers has recently activated an integration that synchronizes customer information and orders into their CRM of choice: Salesforce.com. One of their largest customers, United Air, has over 12,000 unique contacts. Since the integration was activated, sales reps are having trouble adding contacts to the United Air account. When a sales rep adds a contact, they get the following error message: UNABLE_TO_LOCK_ROW. This issue seems to affect the United Air account and several other large customers. The sales rep can usually save the contact by trying again later in the evening. What should the Architect recommend as a possible solution? A. Add a role-based sharing rule so all sales team members have Read/Write access to contacts. B. Remove sharing rules and replace them with Apex sharing for Unite Air and the other large accounts. C. Implement an account hierarchy and redistribute the contacts evenly under the child accounts. D. Create a permission set for the sales team to grant them Read/Write access to all account fields.
C. Implement an account hierarchy and redistribute the contacts evenly under the child accounts.
A Sales Rep at Universal Containers wants to create a dashboard to see how his sales numbers compare with his peers.Assuming a Private model, which two permissions would the Sales Rep need to meet this requirement? A. Manage Custom Report Types B. Customize Application C. Manage Dashboards D. View All Data
C. Manage Dashboards D. View All Data
The System Administrator at Universal Containers has created two list views called ListV1 and ListV2. One group of users should only see ListV1 and the second group of users should only see ListV2. Two public groups were created to restrict visibility to the respective list views. However, users in both groups are able to see both list views. What system permission in their profile enabled the users to see all list views? A. Manage Custom List Views B. Manage Private List Views C. Manage Public List Views D. Manage Custom Permissions
C. Manage Public List Views
Universal Containers has a custom object to maintain Job information with a private sharing model. The Delivery group is distributed through the Role Hierarchy based on geography. As the Delivery group often collaborates on Jobs, all users in the Delivery profile required View access to all Job records. In special case, the Delivery user who owns a job must be able to grant a Product Development user access to a Job record.Which two platform features can be used to support these requirements?Choose 2 answers A. Criteria-based Sharing Rules B. "View All" Profile settings C. Owner-based Sharing Rules D. Manual Sharing
C. Owner-based Sharing Rules D. Manual Sharing
Universal Containers has enabled External Default Sharing and wants to allow for external users to have the External Sharing Default set to Public Read-Only for a custom object.Which two options are valid Internal Default sharing settings for the custom object? A. Controlled by Parent B. Public Read/Write C. Private D. Public Read Only
C. Private D. Public Read Only
Universal Containers has the following requirements: · The Commercial Account and Consumer Account support departments should not collaborate. · The Commercial and Consumer sales users roll up to the same VP of Sales, but there should be no collaboration between sales departments. · The Commercial sales department should share its customers with the Commercial support department. · The Consumer sales department shares its customers with the Consumer support department. · The Commercial and Consumer support departments roll up to the same Support Director. · The sales departments will remain the Account Owner for the Accounts that they sell to. What is the recommended Org-Wide Sharing Default for Accounts, and how would the Architect enable proper Commercial and Consumer Sales to Support Account Sharing for this scenario? A. Private Account Sharing with Sharing Rules from Commercial Sales Role(s) to Consumer Support B. Role(s) and Consumer Sales Role(s) to Commercial Support Role(s). C. Private Account Sharing with Sharing Rules from Commercial Sales Group(s) to Commercial Support Groups(s) and Consumer Sales Group(s) to Consumer Support Group(s).
C. Private Account Sharing with Sharing Rules from Commercial Sales Group(s) to Commercial Support Groups(s) and Consumer Sales Group(s) to Consumer Support Group(s).
Which features does Salesforce provide for restricting login access to the application? Choose 2 answers. A. Organization-wide login hour restrictions B. Role-based IP restrictions C. Profile-based login hour restrictions D. Profile-based IP restrictions
C. Profile-based login hour restrictions D. Profile-based IP restrictions
Which two options are available to share a Report or Dashboard folder with other users in the Organization? Choose 2 answers A. Teams B. Profiles C. Public Groups D. Roles.
C. Public Groups D. Roles.
Universal Containers has Public Read Only sharing settings on the Opportunity object.What Opportunity access options can the user see while adding account team members to the Account? A. Private B. Read only C. Read only and Read/Write D. Private and Read Only
C. Read only and Read/Write
Which two are potential security vulnerabilities in the following code snippet? <apex:page> <apex:form> <apex:outputText value="Enter Name" /> <apex:inputText value=" { !name}" /> <apex:commandButton value="Query" action=" {!query}" /> <apex:form> <apex:page> Public class SOQLController { Public String name{ Get {return name;} Set {name=value;} } Public PageReferencequery() { String qryString= 'SELECT Id FROM Contact WHERE' + '(IsDeleted = false and Name like \'#' + name + '#\')'; queryResult = Database.query{qryString}; return null; } } Choose 2 answers A. Cross-Site Scripting B. Arbitrary Redirects C. SOQL Injection D. Bypassing Field and Object Security
C. SOQL Injection D. Bypassing Field and Object Security
Universal Containers is designing a new community using the Customer Community license type. They would like to have the users complete survey questions through the community interface and store the responses in a Custom Object that has a lookup to the account object. Any internal user who has access to the account should be able to see all survey responses. All Customer Community users should be able to see surveys filled in by other users for their company, but not surveys for other companies.What are the correct security settings to achieve this? A. Set all Organization-Wide Default settings to be "Public Read/Write" for both internal and external users. B. Set all Organization-Wide Default security to be "Private" for both internal and external users and use Sharing Rules to grant the desired access. C. Set all Organization-Wide Default security to be "Public Read/Write" for internal users and "Private" for external users. D. Set the custom object to be master-detail to the Account and leave the Organization-Wide Defaultsettings as their default values.
C. Set all Organization-Wide Default security to be "Public Read/Write" for internal users and "Private" for external users.
A user at Universal Containers would like to give access to a Report folder to someone else in the organization. Which two access permissions should the user have to support this requirement? Choose 2 answers A. The "Viewer" Report folder permission B. The "Editor" Report folder permission. C. The "Manage Reports in Public Folders" Profile permission. D. The "Manager" Report folder permission.
C. The "Manage Reports in Public Folders" Profile permission. D. The "Manager" Report folder permission.
Universal Containers is implementing a community of High-Volume Community users. Community users should be able to see records associated to their Account or Contact record. The Architect is planning to use a Sharing Set to provide access to the records. When setting up the Sharing Set, certain objects are not available in the list of Available objects. Which two reasons explain why an object is excluded from the list of Available Objects in a Sharing Set? A. The object's Organization-Wide sharing setting is set to Private. B. The object is a custom object, and therefore not available for a sharing set. C. The custom object does not have a lookup to Accounts or Contacts. D. The object's Organization-Wide sharing setting is set to Public Read/Write.
C. The custom object does not have a lookup to Accounts or Contacts. D. The object's Organization-Wide sharing setting is set to Public Read/Write.
Universal Containers has junction object called "Job Production Facility", with 2 master-detail relationships to the Job and Production Facility custom objects. Both master records have a private sharing model.What statement is true if a user's profile allows access (Create/Read) to the Job, but no access to the Production Facility Object? A. The user will be granted read access to the Production Facility record B. The user will see the junction object and the link to the Production Facility. C. The user will see the junction object but not the link to the Production Facility. D. The user will not be able to see the junction object records or the field values.
C. The user will see the junction object but not the link to the Production Facility.
Universal Containers has just deployed a change to its role hierarchy. A manager is reporting that their staff can now see Accounts that they do not own and should not have access to. How should the Architect troubleshoot? A. While logged in as the System Administrator, use the Field Accessibility Viewer to view a matrix of who has access to Accounts. B. While logged in as the one of the Staff members navigate to a sample account and use the Sharing button to determine who has access. C. While logged in as the one of the Staff members navigate to their user record and inspect their profile and role membership. D. While logged in as the System Administrator, use the Field Accessibility Viewer to view a matrix of who has access to Accounts.
C. While logged in as the one of the Staff members navigate to their user record and inspect their profile and role membership.
12. Universal Containers has the following requirements: · A custom Loan object requires Org-Wide Defaults set to Private. · The owner of the Loan record will be the Loan Origination Officer. · The Loan record must be shared with a specific Underwriter on a loan-by-loan basis. · The Underwriters should only see the Loan records for which they are assigned. What should the Architect recommend to meet these requirements? A. Use criteria-based sharing rules to share the Loan object with the Underwriter based upon the criteria defined in the criteria-based sharing. B. Create a lookup relationship from the Loan object to the User object. Use a trigger on the Loan object to create the corresponding record in the Loan_share object. C. Create a master-detail relationship from the Loan to the User object. Loan records will be automatically shared with the Underwriter. D. Create an Apex Sharing Reason on the Loan object that shares the Loan with the Underwriter based upon the criteria defined in the Sharing Reason.
D. Create an Apex Sharing Reason on the Loan object that shares the Loan with the Underwriter based upon the criteria defined in the Sharing Reason.
Universal Containers has recently implemented an integration that is populating 50 custom fields on the account object. They would like these fields to be available to Managers for reporting but do not want them to clutter the page layouts.What should the Architect recommend as a solution? A. Add the fields to the Managers' Account Page Layout; mark the page layout section as Collapsed. B. Grant the Managers access to the fields using a Role-Based Sharing Rule; leave them hidden on the page layout. C. Add the fields to a Custom Report; grant the Managers' Role access to the report folder. D. Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.
D. Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.
Universal Containers is a fast-growing company that sells containers globally. It has thousands of dealerships throughout the world where local dealers service Containers sold locally. They recently opened two dealerships in California: NorthCal and SoCal. Universal Containers implemented a new partner community to enable their dealers. Each dealership has a dealer Manager who has all service agents report into them. Assuming a private sharing model, what is the best option to enable dealer managers to have visibility to customer cases within their dealership and not across all dealerships? A. Create sharing groups that share all cases to all agents under the Dealer manager. B. Create a batch job that creates sharing rules as needed, based on the cases created. C. Build a trigger that create manual sharing of cases as needed whenever a new case is created. D. No changes are needed to the sharing and visibility model to implement this requirement.
D. No changes are needed to the sharing and visibility model to implement this requirement.
For the Universal Containers Commercial and Consumer support departments, having access to Activities for Contacts with which they interact is important. Commercial support users should not see Consumer Accounts/Contacts and Consumer support users should not see Commercial Accounts/Contacts. Assuming the Organization-Wide Default for Activities is set to "Controlled by Parent" what is the minimum level of Sharing access a support user would need to Accounts/Contacts to view associated Activities? A. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read/Write access to Accounts/Contacts. B. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Private access to Accounts/Contacts. C. The users need no access to Accounts/Contacts with the proper Activity Sharing Rules and Profile Permissions for the Accounts Tab. D. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read only access to Accounts/Contacts.
D. Private Account/Contact Sharing Default with a Sharing Rule for each department set to Public Read only access to Accounts/Contacts.
What feature in Salesforce is needed to restrict access to a custom object that has Public Read/Write access? A. Role Hierarchy B. Record Type C. Page Layout D. Profile
D. Profile
Universal Containers has a Private Sharing Model for the Opportunity object. Sales Rep A at Universal Containers created the Opportunity record and then transferred ownership of the Opportunity record to Sales Rep B. Both Sales Rep A and B have the same role in the Role Hierarchy. What access will Sales Rep A have to the Opportunity after the transfer? A. No Access. B. Read/Write. C. Full Access. D. Read Only.
D. Read Only.
Universal Containers would like to restrict users' access to export reports,what option supports this requirement? A. Remove the "Report Manager" user permission. B. Remove the Export button from the report page layout. C. Remove "Allow Export" on the report folder settings. D. Remove the "Export Reports" profile permission.
D. Remove the "Export Reports" profile permission.
Universal Containers does not want the Users in the Custom Sales Department Profile to be able to delete Opportunities. How would the Architect prevent a certain set of users from deleting Opportunities? A. Remove the Delete button from the Opportunity Page Layout and Record Type settings. B. Create a Validation Rule that checks the User's Profile before allowing the IsDeleted flag to be set to True. C. Override the Standard button with a Visualforce Page that warns them that they do not have permission to delete. D. Remove the "Opportunity Delete" Permission from the Sales Team's User Profile in the Object Permissions.
D. Remove the "Opportunity Delete" Permission from the Sales Team's User Profile in the Object Permissions.
Universal Containers is a global Telco that has recently implemented Enterprise Territory Management to better align their sales teams and sales processes. They are in Q4 of their fiscal year and they have completely revamped their Territory structure and created a plan for a new structure that would support the new fiscal year. Their current territory model has 8,000 territories. Their new model would be a new set of 8,500 territories, and their org limit is 10,000 territories.Which Enterprise Territory Management feature can Universal Containers take advantage of in order to help them stay within their org limits? A. Territory Hierarchy B. Territory Model State C. Territory Type D. Territory Type Priority
D. Territory Type Priority
The Collections department at Universal Containers uses Salesforce to track its efforts. All Invoices and invoice line items are store in salesforce. Invoice line item object details, such as quantity and extended amount, should be summarized at the invoice object level, and all users who can see a given invoice should always see all invoice line items. Without leveraging Apex code, how should an Architect create the relationship between the Invoice object and the Invoice Line Item object? A. The invoice Line Item object should have a Look up to the Invoice object. B. The Invoice object should have a Master-Detail to the Invoice Line Item object. C. The Invoice object should have an inner join to the Invoice Lice Item object. D. The Invoice Line Item object should have a Master-Detail to the Invoice Object.
D. The Invoice Line Item object should have a Master-Detail to the Invoice Object.
Universal Containers is implementing a community of High-Volume Community users. Community users should be able to see records associated to their Account or Contact record. The Architect is planning to use a Sharing Set to provide access to the records. When setting up the Sharing Set, certain objects are not available in the list of Available Objects. Which two reasons explain why an object is excluded from the list of Available Objects in a Sharing Set? A. The object is a custom object, and therefore not available for a sharing set. B. The object's Organization-Wide sharing setting is set to Public Read/Write. C. The object's Organization-Wide sharing setting is set to Private. D. The custom object does not have a lookup to Accounts or Contacts.
D. The custom object does not have a lookup to Accounts or Contacts.
Universal Containers is creating a custom Visualforce page to allow users to edit contact records. The developer has used an apex:outputField for the Phone field on the contact object. What is the expected behavior if a user without field-level security accesses the Visualforce page? A. The user encounters an error while saving the record. B. The output field is visible to the user. C. The user is able to enter a value into the Phone field. D. The field is automatically removed from the page.
D. The field is automatically removed from the page.
What is the best practice for testing sharing and visibility changes? A. Use Administrative and User reports to view the Active Users. B. Use the Login As feature for a sample user in each role and profile. C. Use Field Audit Trail to audit the field meta-data and visibility. D. Use the Sharing button to test Profile and Permission set changes.
D. Use the Sharing button to test Profile and Permission set changes.