Universal Containers has the following requirements:* The Commercial Account and Consumer Account support departments should not collaborate.* The Commercial and Consumer sales users roll up to the same VP of Sales, but there should be no collaboration between sales departments.* The Commercial sales department should share its customers with the Commercial support department.* The Consumer sales department shares its customers with the Consumer support department.* The Commercial and Consumer support departments roll up to the same Support Director.* The sales departments will remain the Account Owner for the Accounts that they sell to.What is the recommended Org-Wide Sharing Default for Accounts, and how would the Architect enable proper Commercial and Consumer Sales to Support Account Sharing for this scenario?

Private Account Sharing with Sharing Rules from Commercial Sales Group(s) to Commercial Support Groups(s) and Consumer Sales Group(s) to Consumer Support Group(s).

Private Account Sharing with Sharing Rules from Commercial Sales Role(s) to Consumer Support Role(s) and Consumer Sales Role(s) to Commercial Support Role(s).

Private Account Sharing with Sharing Rules from Commercial support Role(s) to Commercial Support Role(s) and Consumer Sales Role(s) to Consumer Support Role(s).

Read-Only Account Sharing with Sharing Rules from Commercial Sales Role(s) to Consumer Support Group(s) and Consumer Sales Role(s) to Commercial Support Groups(s).

Private Account Sharing with Sharing Rules from Commercial Sales Group(s) to Commercial Support Groups(s) and Consumer Sales Group(s) to Consumer Support Group(s).

Universal Containers has a Private Sharing Model and restrictive data access settings in place. The data governance team is planning to deploy a master data management tool that will need write access to all system data, and the Architect has been asked to prepare a Data Governance User Profile that has full access to all data regardless of Sharing and CRUD Settings. What is the optimal way to enable this requirement?

Ensure the profile has the 'Modify All Data permission enabled

Create a Sharing Rule for required Objects, on an API Only profile

Create an All Data Access app as a default for this Profile.

Enable the 'Edit Read -Only Fields' permission for this Profile.

When writing test methods, what functionality is verified by the system method'runAs()'?

Enforcement of a user's record sharing.

Enforcement of user permissions.

Enforcement of a user's field-level security.

Enforcement of user's public group assignments.

Universal Containers has successfully implemented a large Service Cloud rollout for their national call center 3 months ago. One of their largest customer accounts, United Automotive, has over 15,000 open cases. Agents are now having trouble opening new cases for United Automotive. When they try to create a case, the following Error messages appear for them UNABLE_TO_LOCK_ROW They notice that this only occurs for the United Automotive account. If they try to save the case again it will usually work, but the problem seems to be happening more and more often. What option should the Architect recommend?

Review the Account structure to split the United Automotive account into multiple branch accounts.

Review the Customer Service Profile to ensure that they have Read/Write access to the appropriate Case and Account Fields.

Review all Case Sharing Rules and consolidate where appropriate to reduce the total number of sharing rules.

Review all Account sharing rules to ensure that the Customer Service team has Read/Write access to the United Automotive Account.

Universal Containers is a fast-growing company that sells containers globally. It has thousands of dealerships throughout the world where local dealers service Containers sold locally. They recently opened two dealerships in California: NorthCal and SoCal. Universal Containers implemented a new partner community to enable their dealers. Each dealership has a dealer Manager who has all service agents report into them. Assuming a private sharing model, what is the best option to enable dealer managers to have visibility to customer cases within their dealership and not across all dealerships?

No changes are needed to the sharing and visibility model to implement this requirement.

Create sharing groups that share all cases to all agents under the Dealer manager.

Create a batch job that creates sharing rules as needed, based on the cases created.

Build a trigger that create manual sharing of cases as needed whenever a new case is created.

No changes are needed to the sharing and visibility model to implement this requirement.

Universal Containers is designing a new community using the Customer Community license type. They would like to have the users complete survey questions through the community interface and store the responses in a Custom Object that has a lookup to the account object. Any internal user who has access to the account should be able to see all survey responses. All Customer Community users should be able to see surveys filled in by other users for their company, but not surveys for other companies. What are the correct security settings to achieve this?

Set all Organization-Wide Default security to be 'Private' for both internal and external users and use Sharing Rules to grant the desired access

Set all Organization-Wide Default settings to be 'Public Read/Write' for both internal and external users.

Set all Organization-Wide Default security to be 'Private' for both internal and external users and use Sharing Rules to grant the desired access

Set all Organization-Wide Default security to be 'Public Read/Write' for internal users and 'Private' for external users.

Set the custom object to be master-detail to the Account and leave the Organization-Wide Default settings as their default values.

Universal Containers has a custom object, Employee Review, with an Organization-Wide Default security setting of Private. A user lookup on the Employee Review object is populated when a reviewer is assigned to perform a review. How can this user be granted edit access to the record if they are not the owner?

Create a criteria-based sharing rule to share the record with the user in the lookup field.

The user will be granted access to the record automatically when the user lookup is populated.

Create a workflow rule to share the Employee Review record with the user in the lookup field.

Create an Apex trigger to insert an Employee Review Share record with an access level of Edit.

Create a criteria-based sharing rule to share the record with the user in the lookup field.

Universal Containers has created a custom Sales Operations profile with read and edit access to the Category field on a custom object. There is a new requirement that 3 of the 100 users assigned to the Sales Operations Profile should have read-only access to the Category field.How can the Architect support this request?Choose one answer:

Create a new profile without edit access to Category and assign it to the users.

Create a permission set in the Category field to read-only and assign it to the users.

Create a new profile without edit access to Category and assign it to the users.

Create a new page layout with the Category Field set to read-only for these users.

Create a custom permission to grant read-only access to Category and assign it to the users.

Universal Containers is updating its Organization-Wide Sharing Settings for the Account Object from a 'Public Read/Write' model to a 'Private' model, so that they can hide certain national accounts from sales reps and sales managers. These national accounts should only be accessible by sales directors and above. Universal Container's Role Hierarchy matches its organizational hierarchy. Which two options should the Architect consider when designing the solution? Choose 2 answers

National accounts must be owned by a user who is above the sales managers in the Role Hierarchy.

If a sales rep is added to the Opportunity Team for a national account, they will gain access to account data.

Sales directors will need a sharing rule created so that they can see accounts owned by Sales Users.

National accounts must be owned by a user who is above the sales managers in the Role Hierarchy.

Apex managed sharing will have to be disabled for the account object to protect the national accounts.

If a sales rep is added to the Opportunity Team for a national account, they will gain access to account data.

Universal Containers has set the Org-Wide Sharing Default for Accounts to Private and has created some sharing rules to extend access based on certain data access policies. An architect has been asked to review access to a certain set of key customer accounts. How might this review be conducted?

Export the Account Share table and review.

Run a Report on Sharing in the Admin Console.

Log in as each user and Run the All Accounts List View.

Use the Sharing button on each customer Account.

Universal Containers has a set of Account Management users that should only see Accounts once the Account becomes a customer. The Type field on the Account identifies whether the Account is a Prospect, Customer, Partner or Other. Which two methods could an Architect use to enable this sharing requirement, assuming a private sharing model for Accounts?Choose 2 answers.

Institute a process that calls for the Account Manager to be added to the Account Team once the Account becomes a customer.

Create a Criteria-based Sharing rule that shares the Account to the Account Management Group when the Type is Customer.

Institute a process that calls for the Account Manager to be added to the Account Team once the Account becomes a customer.

Create an Account Sharing Rule that shares all Accounts owned by Sales to be shared with Account Management roles and subordinates.

Create a Public List View, where Accounts of Type Customer are included and share the List view with the Account Management public group.

Create a Criteria-based Sharing rule that shares the Account to the Account Management Group when the Type is Customer.

Universal Containers, a global corporation of 50,000 users, has a 24x7 call center operated by 20,000 users that includes employees and contractors. Their sales organization is 10,000 strong and they started processing about 100,000 updates to opportunity custom fields called Priority and NextStep. They also started processing 20,000 updates to a highly nested territory hierarchy. There was a third mass update on a Next Step field on the Action Plan custom object that has Case as a lookup field. Users started seeing a Group membership lock error in the system. What is a probable cause for this error?

Lock contention due to system-initiated sharing rule recalculation

Lock contention on Case records because of Action Plan custom object updates.

Lock contention on Territory object because of Territory object updates.

Lock contention on Account records because of Opportunity object updates.

Universal Containers would like to restrict users' access to export reportsWhat option supports this requirement?

Remove the 'Export Reports' profile permission.

Remove the 'Report Manager' user permission.

Remove the Export button from the report page layout.

Remove 'Allow Export' on the report folder settings.

Remove the 'Export Reports' profile permission.

Universal Containers has recently implemented an integration that is populating 50 custom fields on the account object. They would like these fields to be available to Managers for reporting but do not want them to clutter the page layouts. What should the Architect recommend as a solution?

Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.

Add the fields to the Managers' Account Page Layout; mark the page layout section as Collapsed.

Grant the Managers access to the fields using a Role-Based Sharing Rule; leave them hidden on the page layout.

Add the fields to a Custom Report; grant the Managers' Role access to the report folder.

Grant Managers access to the fields using Field-Level Security; do not add them to a page layout.

Universal Containers would like to customize the security and sharing features of Salesforce Account Teams. They have decided to implement a Custom Account Team object. They would like the new enhancement to include all of the features of the existing account team, but also utilize Apex and Visualforce on the custom Account Team object.Which two different approaches should the Architect consider when designing this enhancement?Choose 2 answers

The need to synchronize the AccountTeamMember object with the Custom Account Team object data.

The need to maintain the Account_share object based upon the Custom Account Team object data.

The need to synchronize the AccountTeamMember object with the Custom Account Team object data.

The need to maintain the Account_share object based upon the Custom Account Team object data.

The need to dynamically create Criteria-Based Sharing rules with Custom Account Team object data.

The need to customize Account screens in Visualforce, as the Account_share object cannot be maintained programmatically.

What is the best practice for testing sharing and visibility changes?

Use the Login As feature for a sample user in each role and profile.

Use Administrative and User reports to view the Active Users.

Use the Login As feature for a sample user in each role and profile.

Use Field Audit Trail to audit the field meta-data and visibility.

Use the Sharing button to test Profile and Permission set changes.

Which two reasons should the Architect consider regarding the use of Apex Sharing Reasons?Choose 2 answers

Ensuring the developer can more easily troubleshoot programmatic sharing.

Ensuring the Share record is not deleted upon ownership change.

Ensuring the developer can more easily troubleshoot programmatic sharing.

Ensuring the Share record is not deleted upon ownership change.

Ensuring the Share record is deleted upon ownership change.

Ensuring there is additional criteria available for Criteria-Based Sharing.

Universal Containers has set Opportunity Sharing to Private with Opportunity Teams enabled. Which three options can change the Owner of the Opportunity?Choose 3 answers.

The current Opportunity Owner can transfer the current ownership.

The System Administrator or a user with the 'Transfer Records' permission.

Someone above the Opportunity Owner in the Role Hierarchy.

Any Opportunity Team Member on the current Opportunity.

The current Opportunity Owner can transfer the current ownership.

The System Administrator or a user with the 'Transfer Records' permission.

The user specified as the Manager on the Owner's User Profile.

Someone above the Opportunity Owner in the Role Hierarchy.

Universal Health is planning to store patient notes in Salesforce. Patient notes consist of long text notes taken by a use to document phone calls with a patient.A date audit has identified that these notes can contain Personally Identifiable Information (PII) and PersonalHealth Information (PHI). The regulatory requirements state that this data must be encrypted at rest as well as in transit.What should the Architect do in order to make sure Universal Health stays compliant?

Enable Salesforce Shield Platform Data Encryption and mark the patient notes field as encrypted.

No action is required; all Salesforce data is encrypted at rest as part of Salesforce's standard trust measures.

Enable Salesforce Shield Platform Data Encryption and mark the patient notes field as encrypted.

Create a new Custom Field of type 'Text (Encrypted)' and move the patient notes data into the new field.

Use an Apex trigger and the Apex Crypto class to encrypt patient notes as soon as they are saved to Salesforce.

Universal Containers has implemented a community for its customers using the Customer Community sense type. They have implemented a custom object to store service requests that has a look up to the account record. The Organization Wide Default External Access for the service request object is set to Private. Universal Containers wants their customers to be able to see service requests for their account through the community Customers should not see service requests for other accounts. What Salesforce feature can the Architect use to implement this?

Use a Sharing Set to share service requests related to the account based on the community user's profile.

Use manual sharing to share the service requests manually when a new community user is added.

Use a Sharing Set to share service requests related to the account based on the community user's profile.

Use a Sharing Rule to share service requests to the community user based on their role.

Use Apex Managed Sharing to share service requests related to the account to the appropriate community users.

Universal Containers maintains Job information in a Custom Object that contains sensitive information. The only users who should be able to view and edit Job records are the user who owns the record and all users in the Delivery profile. Which three platform sharing tools are required to support the above requirements?Choose 3 answers.

Grant access Using Hierarchy sharing setting on the Job Object set to false.

'Modify All' permission for Job Object on the Delivery Profile.

Organization-Wide Default sharing setting of Private on the Job Object.

Grant access Using Hierarchy sharing setting on the Job Object set to false.

'Modify All' permission for Job Object on the Delivery Profile.

Criteria-Based sharing rule for the Delivery Profile on the Job Object.

Organization-Wide Default sharing setting of Private on the Job Object.

'View All Data' profile permission on the Delivery Profile.

Universal Containers (UC) has a requirement to expose a web service to their business partners. The web service will be used to allow each business partner to query UC's Salesforce instance to retrieve the status of orders. The business partner should only be allowed access to orders for which the business partner is the fulfillment vendor. The Architect does not want the business partners to utilize the standard APIs and would prefer a custom API be developed. Which three design elements should the Architect consider in order to ensure the data security of the solution?Choose 3 answers

Query the Orders object with Dynamic SOQL based upon the fulfillment ID.

Set the Orders object's sharing settings to Private in the Org-Wide Defaults

Develop a custom Apex web service using the 'With Sharing' keyword.

Query the Orders object with Dynamic SOQL based upon the fulfillment ID.

Set the Orders object's sharing settings to Private in the Org-Wide Defaults

Provide each partner with their own Salesforce login set to API Enabled on the profile.

Develop a custom Apex web service with a fulfillment ID input attribute

Develop a custom Apex web service using the 'With Sharing' keyword.

Universal Containers has set Account Sharing to Private with Account Teams enabled. Which two user groups can add team members on the Account? Choose 2 answers

Someone above the Account Owner in the Role Hierarchy with read access

The current Account Owner can add team members.

The user specified as the Manager on the Owner's User record

Someone above the Account Owner in the Role Hierarchy with read access

Any Account Team Member with read access on the Account

The Architect notices that there are many duplicate Account records and numerous sharing rules created in Salesforce. What would be the reason?

The Organization-Wide Default for the Account object is Private.

The Organization-Wide Default for the Account object is Public Read/Write.

The Organization-Wide Default for the Account object is Public Read-Only.

The Object permissions for the Account object are Create, Read, and Edit.

What is required to implement Filter-Based Opportunity Territory Assignment?

Define a custom Apex class for Filter-Based Opportunity Territory Assignment in the system.

Define an account assignment with a filter criteria rule for Filter-Based Opportunity Territory Assignment.

Define a Territory assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment.

Define a custom Apex class for Filter-Based Opportunity Territory Assignment in the system.

Define an Opportunity assignment rule with filter criteria for Filter-Based Opportunity Territory Assignment.

What is a workaround to ownership data skew?

You can minimize possible performance impacts by not assigning the user(s) to a role.

Salesforce Certified Sharing and Visibility Architect Practice Test 4

How should the Architect ensure that OBJECT-LEVEL SECURITY is enforce within a custom Visualforce application that was a standard Apex controller on the Lead object?

Become a Premium Member for full access

Unlock Premium Member

Salesforce Certified Sharing and Visibility Architect Practice Test 4

Question

Drag and Drop

Hot Area

Salesforce Certified Sharing and Visibility Architect Practice Tests

Practice Tests