Sharing and Visibility Gathered Questions To Review 1 1
Sharing and Visibility Gathered Questions To Review 1 1
Sharing and Visibility Gathered Questions To Review 1 1
to Review
1) Universal Computers (UC) is looking to expand its delivery capabilities through a network of
distributors that use a Partner Community license. UC employees currently can view all delivery
records through the organization-wide default (OWD) setting of Public Read Only.
Which approach would an architect recommend to limit the records a distributor can see?
2) Sales managers want their team members to help each other close Opportunities. The
Opportunity and Account organization-wide defaults are private. To grant Opportunity access
to sales reps on the same team, ownership-based sharing rules were created for eachteam.
A. All sales reps will have Read access to Accounts for all Opportunities
B. Sales Reps on the same team will have Edit access to the Accounts for Opportunities owned
by their team members.
C. All sales reps will have Read access to all Accounts.
D. Sales reps on the same team will have Read access to the Accounts for Opportunities owned
by their team members.
3) Universal Containers (UC) delivers training in 500 different regions. The UC Operations Users
team manage course setup, scheduling, and trainer setup. The Operations Users team
members work at a regional level and report to an Operations manager. The Operations
manager requested access to edit ALL scheduled courses owned by the Operation Users
team.
A. The Operations manager will get access to the scheduled courses by granting the Operations
manager modify ALL on scheduled courses.
B. The Operations manager will get access to the scheduled courses owned by the Operations
Users team defined in the role hierarchy.
C. The Operations manager will get access to the scheduled courses by creating an
ownership-based sharing rule and share the scheduled courses with the Operations manager.
D. The Operations manager will get access to the scheduled courses by creating a publicgroup
and add the Operations manager and the Operations Users team to the public group.
4) Universal Containers (UC) has a custom Apex class that enforces a business process and
updates opportunities. UC has noticed that fields with of field-level security permission of read
only on certain users' profiles are being updated by this class.
How should the architect fix this problem?
A. Add With Sharing keyword to the class.
B. Use the IsUpdateable() Apex method to test each field prior to allowing update.
C. Put the code in an inner class that uses the With Sharing keyword.
D. Use the WITH SECURITY_ENFORCED keyword in the SOQL statement.
5) Assuming Person Account is enabled in a Salesforce organization, which three objects can be
configured as "Controlled by Parent" in Sharing Settings?
Choose 3 answers
A. Opportunity
B. Order
C. Asset
D. Contact
E. Case
6) Universal Containers has a customer that meets criteria for two EnterpriseTerritory
Management territories (Portugal and Southern Europe).
What is necessary to assign opportunities to a territory for this account?
A. The territory with the highest TerritoryType Priority is automatically assigned to the
Opportunity.
B. Create a Process Builder Process that updates the Territory field on the Opportunity.
C. Create an Apex class that implements Filter-Based Opportunity Territory Assignment.
D. Create a criteria-based sharing rule on the Opportunity to assign it to a territory.
7) To reduce the case time resolution and improve customer satisfaction, Universal Containers
(UC) wants to allow specialized marketing consultants to have edit access to Case records ofVIP
customers. These cases should be visible only to the support rep who owns the case and the
marketing consultants.
Which recommendation should a Salesforce architect give to allow this scenario?
A. Case organization-wide default Public Read Only and Case Team with Read permission.
B. Case organization-wide default Private and Case Team with Read/Edit permission.
C. Case organization-wide default Private and Account Team with Read/Edit permission.
D. Case organization-wide default Private, role hierarchy, and Read Only ownership-based sharing
rule.
8) Universal Containers (UC) has a mostly private organization-wide default (OWD), as it is a core
principle of UC to respect client data privacy. UC has implemented complex processes for
granting access to Opportunity data. A few key members of the Sales Reporting team need to
always be able to see, but not change, Opportunity data for all Opportunities.
Other than field level security, what other options are available to make these fields accessible to
the Human Resource team?
10) Universal Containers (UC) enables customers to manage issues using a Customer
Community license. The Case external organization-wide default is set to Private. Currently
community users can only see cases they created.
What can be done to allow community users to see all cases for their account?
11) Universal containers (UC) implemented a private organization-wide default for the
Container and Case objects.
How can UC give support representatives access to Container and Case records owned by
Customer Community users?
A. Create an ownership-based sharing rule that gives access to the head of support role and
internal subordinates.
B. Create a Share Group based on the sharing set created for the Customer Community User
Profile.
C. Create a criteria-based sharing rule that gives access to the head of support role and internal
subordinates.
D. Support representatives will automatically get access to these records via the role hierarchy.
12) At Universal Containers there is a team of auditors distributed through the organization
that all need access to high-value Opportunities.
With a Private sharing model, which two options should an architect recommend when
designing a solution for this requirement? Choose 2 answers
13) After testing and deploying a new trigger that creates a related order when an opportunity is
closed, the Architect begins receiving complaints of permission error messages appearing
when closing an opportunity.
How did this error occur?
A. Trigger is using IsCreateable() Apex method and the user doesn't have create permission on
the Order object.
B. The trigger handlers class does not use any sharing keywords and the user does not have
access to the orders related to the opportunity.
C. The trigger should be using RunAs() when creating the order.
D. The trigger handler class is using "with sharing" and the user does not have access to the
orders related to the opportunity.
14) The architect at Universal Containers is trying to ensure that security vulnerabilities are not
present within the Salesforce organization. What two tests should the architect verify?
Choose 2 answers
A. Test for SOQL Injection.
B. Test Cross-Site Scripting on Apex queries.
C. C. Test Cross-Site Scripting on
custompages.
D. Test for invalid user access attempts.
15) What advanced tool can Salesforce enable for large-scale role hierarchy realignments?
A. Partitioning by Divisions
B. Skinny Table Indexing
C. Set external organization-wide default to public read only
D. D. Granular locking
16) An External Object is created to show Invoices from an external accounting system. When
viewing the External Object, a user should only access invoice records the user is authorized to
see.
What two actions are required to achieve the above requirements? Choose 2 answers
A. Create an owner based sharing rule to grant visibility to the Invoice object.
B. Setup External Object to use OAuth to connect to the Accounting system.
C. Grant access to the External Object to only the Account Manager profile.
D. Restrict access to data in the accounting system.
17) Sales executives at Universal Containers (SC) want to create list views to filter opportunities for
large at-risk Opportunities. These list views should only be available to certain executives that
specialize in closing problematic deals. How can UC solve this requirement?
A. Share the List Views with the appropriate Role in the Role Hierarchy
B. Share the List Views with the appropriate Public Group.
C. Share the List Views with the appropriate individual users.
D. Share the List Views with the appropriate Queue.
18) The architect has a requirement to create a criteria-based sharing rule based on the
customer Social Security number. However when setting up the rule in Contact Sharing, the
field is not shown on the list of available fields.
A. Text fields with validation rules are not available for sharing rules.
B. The architect does not have permission to Compliance fields. C.
The field has been configured for encryption.
D. The architect's profile does not have Field level Security (FLS) for this field.
19) At Universal Containers, Accounts and Contacts are normally visible to all employees, and
Proposals (custom object) are visible to the Account owner and managers. However, some
Proposals are considered confidential and are managed by a Strategic Proposals team. These
Proposals should not be visible to anyone in the Sales group other than the owner and the
strategic team.
A. Proposal Owner set to the Strategic Deals Team Queue and create an owner-based sharing
rule to grant visibility to the Account owner.
B. Proposal Owner set to the Strategic Deals Team Queue and set the Account relationship
to Master-Detail.
C. Disable Grant Access Using Hierarchies and set an Owner-Based Sharing rule for Strategic
Deals team.
D. Disable Grant Access Using Hierarchies and set a Criteria-Based Sharing rule for Strategic
Deals team
20) Universal Containers (UC) delivers training and courses to students and companies. UC is
implementing a Salesforce Customer Community for its students granting them a Customer
Community license. As part of the community requirements, UC asked to give studentsaccess
to cases that are related to their account in the UC community.
What is the optimum sharing technique that can achieve the requirements?
21) Which two options can be selected to share data with when creating a sharing rule?
Choose 2 answers
A. Roles
B. Public Groups
C. Users
D. Profiles
22) Jane, a support representative at Universal Containers, created a report to view all her open
cases that have been created in the past 7 days and saved the report in the "Private Reports"
folder.
Who can view and run the report?
A. The report owner and any users who have been given access to the "My Private Reports"
folder
B. The report owner and anybody in the role hierarchy above the report owner C.
The report owner
D. The report owner and users with the "View All Data" permission
23) Universal Containers (UC) provides shipment tracking for its customers on a custom
Shipment object. The total number of shipments made yearly by the customers should be
available on the Account record to the Marketing team, but the Marketing team should not
have access to Shipment records.
24) Universal Containers (UC) sales managers are complaining that they cannot access their teams'
Shipment records (a custom object). Initially, the admin suggested that this is happening due
to misconfigured role hierarchy (Shipment OWD is Private). After investigation, they
determined the role hierarchy for these users is correct.
What can be the reason why Universal Containers sales managers are not able to see Shipment
records?
A. Role hierarchy implicit sharing was incorrectly disabled by the Salesforce admin.
B. The Grant Access Using Hierarchies option on Shipment Sharing Settings wasincorrectly
disabled by the Salesforce admin.
C. Sales managers have only the Read permission on the Shipment object and should not be
able to edit their team records.
D. Ownership-based sharing rule for Shipment was incorrectly disabled by the Salesforce
admin.
25) What vulnerability can exist when controllers use dynamic rather than static queries and
bind variables?
A. Record Access Override
B. Buffer Overflow Attacks
C. Cross-site scripting
D. SOQL Injection
26) Universal Containers (UC) has implemented Customer Community with customer
community plus licenses for their distributors. Some distributors requested granting
specific community users (agents) to view cases submitted by other agents of the same
distributor.
27) What should a Salesforce architect recommend to make sure that users that gained access to
a custom object record through Apex managed sharing do not lose access to it when its
owner is changed?
A. Use "runAs" system method in Apex classes to enforce record visibility.
B. Create a new record in _Share object with RowCause "Manual".
C. Use "With Sharing" keyword to make sure record visibility will be considered.
D. Create a specific Apex Sharing Reason for the custom object.
28) Universal Containers (UC) has implemented Customer Community with customer community
plus license for its distributors. Retail distributors have part-time agents who work for multiple
distributors. Those agents should have access to other distributor accounts as well.
A. Use Apex sharing to share distributor accounts with agents using the Account Share table. B.
Use share group to share distributor accounts with agents who have account contact
relationship.
C. Create sharing rules to share distributor accounts with agents.
D. Create sharing set to share distributor accounts with agents using account contact
relationship.
29) Universal Containers (UC) has 200 distributors that use Partner Community licenses.
Partners cannot see each other's data, but UC is also trying to give more visibility to data for
certain individuals at a distributor.
HOW can an Architect give users in the partner user role access to all Case and Container
records owned by any user, regardless of role, at the same distributor?
What should the architect do to allow viewing Chatter posts from all customers?
31) Universal Containers uses person accounts to represent retail customers and business
accounts to represent commercial customers. The Retail Sales team should not have access
to commercial customers but have access to ALL retail customers.
With organization-wide default on Account set to Private, how might the architect meet these
requirements?
A. Update Retail Sales profile to grant access to Person Account record type.
B. Create an owner-based sharing rule on AccountContactRelation to grant access to all account
contact roles records owned by retail sales reps.
C. Create a criteria-based sharing rule giving Retail Sales role access to Accounts oftype
PersonAccount.
D. Give View All access for Accounts to the Retail Sales profile.
32) Universal Containers (UC) has a private Organization-Wide Defaults (OWD) model for the
Account object and needs to control the access of records and fields according to these
requirements:
• Sales reps can view/edit only their own records and cannot access the field "segment" in
account page.
• Service reps need to view all accounts but cannot edit any information.
• Sales managers can modify any account of reps reporting to them.
• Service managers can modify any account.
How can a Salesforce architect provide an optimal solution for this scenario?
33) Universal Containers has developed a custom Visualforce page that will acceptuser input
and must perform a dynamic SOQL query returning the results to the users.
Which two techniques should be used to ensure the users cannot perform a SOQL injection attack?
Choose 2 answers
35) Universal Containers (SC) has recently changed its internal policy to follow market regulations
and create an internal team to manage the collection process. Only this those should have
access to Invoice records. Currently, Invoice is a child in a Master-Detail relationship to
Account. Although related lists have been removed from the page layouts, some profiles still
have access to the Invoice object.
Which approach should an architect recommend to fix this problem?
A. Create a Permission Set with No Access to the Invoice object and assign tounauthorized
users.
B. Create a new Profile with no access to the Invoice object and assign it to all unauthorized
users.
C. Change the Invoice organization-wide default from Controlled by Parent to Private and
remove Invoice Access from the unauthorized profiles.
D. Replace Account and Invoice Master-Detail Relationship by a Lookup and remove Invoice
Access from the unauthorized profiles.
36) Universal Containers (UC) has a business unit that uses a custom object to track requests
which demands a high level of internal team collaboration. Although all requests must have
an owner, all employees are required to collaborate on requests.
Which recommendation should a Salesforce architect provide to optimize the solution and meet
these requirements?
A. New AccountShare record is created. Row Cause is "Manual" and Access Level is
"Read/Write”.
B. Existing AccountShare record is updated. Row Cause is "Owner" and User/Group is "John".
C. New AccountShare record is created. Row Cause is "Owner" and Access Level is "Full".
D. Existing AccountShare record is updated. Row Cause is "Manual" and Access Level is
"Read/Write".
38) Universal Containers (UC) operates worldwide with offices in more than 100 regions in 10
different countries and has established a very complex role hierarchy to control data visibility.
In the new fiscal year UC is planning to reorganize the roles and reassign accounts owners.
Which three features could an architect recommend to avoid problems on this operation?
Choose 3 answers
40) Universal Containers (UC) uses a custom Visualforce page to display shipment tracking
information (custom object, private OWD) to field manager and agents. The IT team wants to
make sure that users have access to only the information that is allowed. Which Apex method
must be used to make sure only allowed fields are shown to the users?
A. isReadable()
B. isShowable() C.
isAccessible()
D. isViewable()
41) Universal Containers keeps product brochures in Salesforce as files. Sarah shares a public link
to a product brochure with potential customers during a meeting. She wants to ensure they do
not have access to the file after the meeting. How should Sarah accomplish this?
42) Mary is Joe's manager in the role hierarchy. The OWD for a custom Invoice object is Public
ReadOnly and Mary's profile is not granted the Read permission for the Invoice object.
What action can Mary take on Joe's Invoice records,
a. View Only B.
None
C. Read/Write
D. Edit Only
43) Universal Containers provides 24x7 support for its customers worldwide using call centers in
three different countries with each one covering an 8-hour shift in different time zones.
Service reps in a call center have access to the same information but only during their local
working hours.
Which feature in Salesforce controls access for specific login hours?
44) Universal Containers is planning to pilot a new application to a small set of Sales Reps. What
a the optimal way to grant only those Sales Reps access to the new functionality, while
hiding the legacy functionality?
A. Create a permission set to grant access to the new functionality and hide the old
functionality.
B. Clone the Sales Rep profile, adjust settings, and assign the pilot users the new profile.
C. Revoke access to legacy functions in the Sales Rep profile and create a permission set for the
new functionality.
D. Create new user records for the pilot user that they will use for the pilot.
45) Universal Containers (UC) want to reduce the amount of redundant leads entered into the
system. UC also wants to ensure that leads are only edited /reassigned by lead owner.
Choose 2 answers
A. Use "Without Sharing" keyword to make sure record visibility will be considered.
B. Use “With Sharing" keyword to make sure record visibility will always be considered.
C. Use "With Sharing" keyword to enforce field-level security.
D. Use runAs system method to test different users accessing these records.
47) Universal Containers (SC) has created a public group with certain Sales Engineers to help on
complex deals and a sharing rule to grant. access to these opportunities. Opportunity OWD is
private.
A. Sales Engineers direct reports will also have access to these records.
B. Sales Engineers that have a similar role of the Sales Engineers of the public group will also
have access to the records.
C. Sales Engineers Managers and their managers in the role hierarchy will also have access to
these records.
D. Subordinates of Managers who have Sales Engineers in the public group will also haveaccess to
these records.
48) Universal Containers (UC) has created a custom Invoice object. Standard sales users at UC can
see the records in search layout, but when they click to view the detail, only record name,
created date, and last modified date are shown. When the system admin accesses it, he or she
sees the full record detail with many more data fields.
A. Sales users profile does not have access to the remaining fields.
B. Page layout assigned to sales user profile has only read-only access to the fields.
C. Org-wide sharing settings have been set to Private and needto be adjusted to Public
Read/Write.
D. A role-based sharing is missing and should be added for the sales user's role to grant access to
the fields.
49) A sales rep at Universal Containers (UC) has manually shared an Opportunity record with
internal pre-sales users. After some time, the sales rep moved to another position and all
opportunities records that were owned were transferred to a new sales rep. What happened to
the internal pre-sales users access to the opportunity?
A. They still have access to the record due to inherited sharing.
B. They still have access to the record due to implicit sharing.
C. They will no longer have access to the record.
D. They still have access to the record due to team access.
50) Universal Containers would like to control access to records and objects according to the
following business requirements:
• Sales users can view all Account records but only edit their own records.
• Sales managers view all Account records but only edit records of the team.
• Service users can view all Account records that are not marked with a RecordType of
Prospect.
Which organization-wide default configuration should a Salesforce architect recommend to fulfill
these requirements?
A. Public Read Write
B. Private
C. Public tad Only
D. Public Read/Transfer
51) Sales reps at Universal Containers (UC) complain about the manual activities they need to
perform in order to grant access to supporting Internal users (legal, engineering, finance, and a
forth) for customer records when they need help. In general, the sales reps Involved In the
deals will not change.
How Can a Salesforce architect help UC to Improve sales reps productivity?
56. The sales manager in Japan have asked the sales manager in Australia to assist themclosing
their deals. How are these requirements achieved?
a. Use sharing set to give the sales manager access to the deals.
b. Assign the sales manager view all on the opportunity object.
c. Create ownership-based sharing rule.
d. Use opportunity teams to automatically add the sales manager as a team member.
57. Universal Containers (UC) wants all full-time internal employees to be able to view all
leads. A subset of Contractors and temporary employees should also be able to see leads.
Which organization-wide default (OWD) approach should an architect recommend that will
help UC implement these requirements?
a. Implement a Public Read Only OWD on Lead.
b. Implement a Public Read/Write/Transfer OWD on lead. c)
Implement a Private OWD on Lead.
d) Implement a Public Read/Write OWD on Lead.
58) Universal Containers (UC) implemented Sales Cloud and requested that sales agents have
access to products the company sells and be able to create opportunities for its customers.
59) Universal Containers (UC) is implementing Sales Cloud. During the final quarter of the financial
year, sales managers help each other close deals. They requested a solution in Salesforce to
allow them to share opportunities with other sales managers from different teams as needed.
They also requested that sharing deals should expire automatically two weeks after the new
fiscal year starts.
Which two options to propose a solution to meet the requirements? Choose 2 answers
60) Universal Containers (UC) has Affiliates who sell containers in countries where UC does not
have a local office. UC has leveraged the Partner Community to manage the sales cycle. One
oftheir affiliates has exponentially grown in the last years and restructured its internal sales
teamwith the following structure: Sales VP Director of Sales --> Sales Manager --> SalesReps
UC would like to have the ability to open up access to the sales opportunities according to the above
structure.
What is the main problem a Salesforce Architect will face to provide a solution?
62. The sales manager in Japan have asked the sales manager in Australia to assist themclosing
their deals. How are these requirements achieved?
a. Use sharing set to give the sales manager access to the deals.
b. Assign the sales manager view all on the opportunity object.
c. Create ownership-based sharing rule.
d. Use opportunity teams to automatically add the sales manager as a team member.
63. Universal Containers (UC) use External Objects to retrieve Invoice data from a Legacy ERP. A
finance team requested to have access to the Invoice records in the account page. In
addition to the objects access in the finance users Profile, what other features should a
Salesforce Architect recommend?
a. Create a criteria-based sharing rule to grant access to the records. b)
Include the Invoices Related List on the Account page layout.
c) Create an owner-based sharing rule to grant access to the records.
d) Use APEX managed sharing to grant access to the records.
64. A custom invoice object has been created with a master-detail relationship to account. The
Account receivable (AR) team needs access to Invoices AR users do not own nor have access
to Account records. Account OWD is set to Private. The AR team is unable to find Invoices in
List views, Reports, nor in Global Search. The Architect has been asked to helptroubleshoot.
What could be the issue preventing AR team members from seeing invoices?
a. A sharing rule is missing to share Invoices to the AR team.
b. The AR team profile needs to be assigned an Invoice Page layout. c)
A sharing rule is missing to share Accounts to the AR team.
e) The Accounts receivable profile does not have read Permission to the Invoice Object.
65. After setting up Customer community and enabling collaboration, the architectrealizes that
customers are only seeing chatter posts from other customers in their account. What
should the architect do to allow viewing chatter posts from all customers?
a. Enable Chatter Super User.
b. Set View All for Chatter posts.
c. Enable Community User Visibility.
d. Enable Internal Users Visibility.
66. Universal Containers (UC) is in legal dispute regarding several orders. UC has found out
these records were removed from system. The VP of Sales has asked to ensure thiscannot
happen in the future. What approach would meet this requirement?
a. Remove the delete button from the Order page layout.
b. Change the record type/page layout assignment for orders to be read-only. c)
Remove order delete permission from profiles and permission sets.
d) Implement a sharing rule that changes access for the records to read.
67. Universal Containers has expanded to sell virtual containers for data storage. Virtual
container work orders are provisioned immediately by the system and therefore cannotbe
changed by a sales representative. What is an optimal approach to implement these
requirements?
a. Remove the Work Order Edit permission from the sales representative Profile.
b. Remove the edit button from the work order page layout.
c. Change the record type/page layout assignment for Work Order to be Read Only.
d. Implement a sharing rule that changes access for all Work Order to Read.
68. Universal Containers (UC) service reps are assigned to a profile which has “View All” in Case
object (Private OWD). To make sure service reps have access to all relevant information to
attend to customer requests, which two details should a salesforce Architects consider?
Choose 2 answers:
a. Service reps will be able to access all UC contact records if they arecontrolled
byparent.
b. Service reps will not be able to access all UC contact records if they are controlled
byparent.
c. Service reps will be able to access all the UC Account records due to Implicit Sharing. d)
Service reps will not be able to access all the UC Accounts records because Account
OWD is private.
69. Susan posts a file to the chatter feesfor a record of an object which OWD is private. Which
two statements accurately describe who can view the file by default?
Choose 2 answers.
a. Susan and users with the View All Data permission. b)
Susan and users with access to the record.
c) Susan and users with a shared chatter post link to the file.
d) Susan only.
70. Universal Containers (UC) turned off the customer visibility feature in its customer
community. What community functionality is impacted by having the customer user
visibility turned off?
a. Searching for the external users.
b. Updating their user profile.
c. Creating new customer community users.
d. Searching for internal users.
71. Universal containers has a customer that meets criteria for two Enterprise Territory
Management territories (Portugal and Southern Europe). What is necessary to assign
opportunities to a territory for this account?
a. Create a process builder process that updates the territory field on the opportunity. b)
The territory with the highest territory type priority is automatically assigned tothe
opportunity.
c) Create an Apex class that implements Filter-Based Opportunity Territory
Assignment.
d) Create a criteria-based sharing rule on the opportunity to assign it to a territory.
72. A junior Account manager owns an account and creates a new opportunity to manage
complex deal. She needs the help of the product specialist and solution engineer. Giventhe
size of this deal, she knows the account is likely to be reassigned to a senior account
manager in the near future. What is the optimal way for the junior account manager to
share the opportunity, given the private sharing model?
a. Manual Share on the Opportunity. b)
*Opportunity Team.
c) Manual share on the Account.
d) Create an Owner-based sharing rule.
75. Universal Containers is planning to pilot a new application to a small set of sales reps.
What is the optimal way to grant only those sales reps access to the new
functionality, while hiding the legacy functionality?
a. Create a permission set to grant access to the new functionality and hidethe
oldfunctionality.
b. Revoke access to the legacy functions in the sales rep profile and create a
permissionset for the new functionality.
c. Clone the sales rep profile, adjust settings, and assign the pilot users the new
profile.
d. Create new user records for the pilot users that they will use for the pilot.
76. The finance team at universal containers usually does not need access to Account and
Contact records. A finance analyst was temporarily given opportunity access for a big deal
to help with tax calculation. She can now also access Account and Contact records as well.
Which two reasons could be causing this issue?
a. Account records can be accessed due to role hierarchy.
b) Contact records can be accessed due to implicit sharing from Account.
c) Account records can be accessed due to implicit sharing from
d) Contact records can be accessed due to implicit sharing from Opportunity.
77. Sales manager at universal containers (UC) have requested viewing customer invoices in
Salesforce. Invoice data is mastered in the ERP system. The architect at UC decided to
surface the customer invoices in salesforce using external objects and did the following:
-Configured an external object called Invoice.
-Created a lookup relationship between account and the invoice.
How can the architect grant the sales managers access to the customer invoices data?
a. By creating sharing rules to share the invoices records with users in sales
mangersroles.
b. By creating manual sharing to share invoices with relevant sales managers.
c. By creating controlling the invoices object permission on the sales manager’s
profile.
d. By creating a sharing set to share invoices with users in sales manager role.
78. Sales Operations at Universal Containers (UC) has created Public Report and Dashboard
folders for sales managers that report to the VP of sales. Sales Operations currently
spends a few hours each month updating users that should have access to edit items in
these folders.
In which two ways can UC grant access to sales managers to automate access to these Reports
and Dashboards folders?
Choose 2 answers
a. Share the folders lowest roles in the role hierarchy, Superiors will get
accessautomatically.
b. Share the folders with the “VP of Sales” Role and Subordinates.
c. Share the folders with the “Sales Managers” Queue.
d. Share the folders with a “Sales Managers” Public Group.
79. Universal Containers (UC) has 600 sales reps. UC has rollout plan to deploy salesforce in 3
weeks. At the end of the second week, they received a “User Role Limit Exceeded” error.
After investigation, they discovered that during the user provisioning process, a new role
was generated for every new user.
Which two recommendations could solve this problem? Choose
2 answers.
a. Review the user provisioning process to not automatically create auser
role for anynew user.
b. Remove role hierarchy from salesforce org and control the record access using
apexmanaged sharing.
c. Contact salesforce support and request to increase the number of users’
rolesallowed.
d. Create an Apex class to replace the User Roles by generic one as soon as they
arecreated.
80. Universal Containers (UC) is implementing Sales Cloud. During the last quarter of the
financial year, Sales agents help each other close deals. They requested a solution in
Salesforce to allow them to specify an assistant agent on the opportunity record, when the
sales agent changes the assistant field, the system should automatically remove access from
the previous assistant and grant access to the new assistant.
82. Universal Containers (UC) has a custom Apex class that enforces a business process and
updates opportunities. UC has noticed that fields with field-level security permission of read
only on certain users’ profiles are being updated by this class. How should the architect fix
this problem?
a. Add With Sharing keyword to the class.
b. Put the code in an inner class that uses the With Sharing keyword.
c. Use the WITH_SECURITY_ENFORCED keyword in the SOQL statement.
d. Use the IsUpdateable() Apex method to test each field prior to allowing update.
83. The architect has a requirement to create a criteria-based sharing rule based on the
customer Social Security number. However, when setting up the rule in Contact Sharing, the
field is not shown on the list of available fields. What might cause this?
a. The architect does not have permission to Compliance fields.
b. The architect’s profile does not have Field level Security (FLS) for this field.
c. Text fields with validation rules are not available for sharing rules. d)
The field has been configured for encryption.
84. Sales Operations at Universal Containers (UC) wants to create list views to filter
opportunities for certain geographies. In which two ways can UC hide list views that arenot
relevant to an individual user since there will be over 50 list views?
Choose 2 answers
a. Share the list views with the appropriate queue.
b. Share the list views with the appropriate role in the role hierarchy.
c. Share the list views with the appropriate individual users. d)
Share the list views with the appropriate public group.
85. Universal Containers (UC) wants to reduce the amount of redundant leads entered into
system. UC also wants to ensure that leads are only edited/reassigned by the lead owner.
What organization-wide default (OWD) approach should be recommended to help UC
implement these requirements?
a. Implement a Private OWD on Lead.
b. Implement a Public Read Only/Transfer OWD on Lead.
c. Implement a Public Read/Write OWD on Lead. d)
Implement a Public Read Only OWD on lead.
86. Universal Container (UC) has developed a custom Visualforce page that will accept user
input and must perform a dynamic SOQL query, returning the results to the users. Which
two techniques should be used to ensure the users cannot perform a SOQL injection
attack?
Choose 2 answers
a. Use bind variables in the SOQL query.
b. Use the With Sharing keyword on the controller.
c. Use the escapesinglequotes() method to sanitize user input.
d. Escape double quotes in the user input.
87. Universal Containers (UC) wants all full-time internal employees to be able to view all
leads. A subset of Contractors and temporary employees should also be able to see leads.
Which organization-wide default (OWD) approach should an architect recommend that will
help UC implement these requirements?
a. Implement a Public Read Only OWD on Lead.
b. Implement a Public Read/Write/Transfer OWD on lead. c)
Implement a Private OWD on Lead.
d) Implement a Public Read/Write OWD on Lead.
88. Universal Containers (UC) operates worldwide with offices in more than 100 regions in 10
different countries and has established a very complex role hierarchy to control data
visibility. In the new fiscal year UC is planning to reorganize the roles and reassign accounts
owners. Which three features could an architect recommend to avoid problems on this
operation?
Choose 3 answers
a. Partition data using Divisions b)
Granular Locking
c) Skinny table
d) Deferred Sharing Recalculation
e) Parallel Sharing Rule recalculation
89. Universal Containers uses person accounts to represent retail customers and business
accounts to represent commercial customers. The Retail Sales team should not have
access to commercial customers but have access to ALL retail customers. With
organization-wide default on Account set to Private, how might the architect meet these
requirements?
a. Give View All access for Accounts to the Retail Sales profile.
b. Create a criteria-based sharing rule giving Retail Sales role access to Accounts of
typePersonAccount.
c. Update Retail sales profile to grant access to Person Account record type.
d. Create an owner-based sharing rule on AccountContactRelation to grant accessto
allaccount contact roles records owned by retail sales reps.
90. What advanced tool can Salesforce enable for large-scale role hierarchy realignments?
a. Skinny Table Indexing
b. Set external organization-wide default to public read only.
c. Partitioning by Divisions. d)
Granular Locking.
91. Besides their own team accounts, sales managers at Universal Containers need to have
READ access to all accounts of the same segment in other countries. Role hierarchy was
implemented accordingly (based on countries), but a sales manager in the US iscomplaining
that he cannot view account records of the same segment in Canada. What should be done
to grant access in a proper way?
a. Create an owner-based sharing rule to grant access to account records that have
thesame segment to all sales manager roles.
b. Change the role hierarchy and put all of the sales managers in the US
and Canada inthe same role.
c. Create criteria-based sharing rules to grant access to account records that have
thesame segment to all sales manager roles.
d. Create a public group and include all accounts of the same segment andgrant
accessthrough a permission set.
A user comment says that: “Actually, for Apex managed sharing, if using custom objects, you should
be using Apex Sharing Reasons, sharing records using these will not be deleted on owner changes. Too
bad it can only be created for custom objects and not standard ones”
94. Universal Containers (UC) is a non-profit organization and has over 20,000,000 members
(donors). The company decided to assign those accounts to Donations Reps based on their
regions. Donations Reps ended up owning over 50,000 donors each. The donation reps
started to see significant degradation of the system performance. What could be the
reason for this problem?
a. The Donations Reps access to the assigned accounts.
b. Salesforce sharing recalculation kicked off.
c. There is an Account ownership data skew problem.
d. The Account (donor) object OWD is Private.
95. Universal Containers (UC) uses a custom lightning component with an Apex class todisplay
shipment information (custom object, private OWD). UC sales managers are complaining
about two important points:
● Shipment records that belong to their teams can be seen by other users.
● Shipment amount should be visible only by managers, but sales reps are able to
view it.Which two features did the development team miss that is causing the
problems?Choose 2 answers.
a. Use runAs in test class to enforce user permissions and field-level permissions. b)
Use With Sharing keyword in Apex classes to enforce sharing rules evaluation.
c) Use isSharable keyword in Apex classes to assure record visibility.
d) Use isAccessible() method in Apex classes to check field accessibility.
96. Universal Containers (UC) has implemented Service Cloud. There is a flag field on the
case object that marks a case as (Sensitive). UC requested that this flag can be viewed by
all users who have access to the case but only be edited by the assigned case assessor.
The case assessor is a lookup field on the case object. How can an architect achieve this
requirement?
a. Permission Set.
b. Object Permissions.
c. Custom Lightning Component.
d. Field-level security.
97. Universal Containers (UC) has 200 distributors that use Partner Community Licenses.
Partners cannot see each other’s data, but UC is also trying to give more visibility to certain individuals
at a distributor. Which scalable solution would an architect recommend that will give users in the
partner manager role access to all Case and Container records owned by other partner managers and
partner users (but not the partner executive) at the same distributor?
a. Create Sharing sets.
b. Create a permission set granting the View All permission to Case and
Containerrecords.
c. Give Super User permission to the partner manager users.
d. Create ownership-based sharing rules for your distributors.
98. Universal Containers (UC) operates worldwide with offices in more than 100 regions in 10
different countries and has established a complex role hierarchy to control data visibility. In
the new fiscal year, UC is planning to reorganize the roles and reassign accounts owners.
Which two points should an architect consider in this situation?
Choose 2 answers
a. Replacing Account records ownership massively can cause data skew.
b. Using a temporary parking lot account to improve performance.
c. Changing complex role hierarchy can cause a high level of sharing recalculation.
d. Restricting the organization-sharing configurations to private.
99. Sales managers want their team members to help each other close opportunities. The
opportunity and account organization-wide defaults are private. To grant opportunity
access to sales reps on the same team, ownership-based sharing rules were created for
each team. What is the side effect of this approach?
a. Sales Reps on the same team will have Edit access to the Accounts for
Opportunitiesowned by their team members.
b. Sales Reps on the same team will have Read access to the Accounts
forOpportunities owned by their team members.
c. All sales reps will have Read access to all Accounts.
d. All sales reps will have Read access to Accounts for all Opportunities.
100. Universal Containers’ organization wide-default model is private for the account
object. Asales representative user has create/edit access to opportunity records.
Which level of access will the sales rep have to the related account record?
a. Read/Create/Edit access.
b. Read-only access.
c. Read/Create access.
d. No access.
101. Universal Containers (UC) has implemented customer community with customer community
licenses for their customers. UC requested that any record owned by its customers should be accessible
by UC users in the customer support role.
A. Share Group
B. Apex Sharing
C. Sharing Set
D. Sharing Rule
102. Universal Containers has a large network of partners, who each have seasonal workers
that need short-term access to the community.
How might the Architect design the solution to federate user setup to the partners?
Choose two:
103. Universal containers uses 75,000 distributors that have close to 1 million total users.
Distributors need to use the community to see closing opportunities assigned to their distributor for
delivery.
A. Sales Cloud
B. Customer Community
C. Partner Community
D. Customer Community Plus
a. Customer Community
b. Customer Community Plus
c. Partner Community
d. Sales Community
105. Universal Containers (UC) has a custom object to track the internal net promoter
score (NPS) for all its employees.
How can UC ensure that NPS records cannot be accessed by an individual employee’s manager?
a. Use Apex sharing to remove NPS object share records for Manager Profiles
b. Remove Create, Read, Edit and Delete from Manager Profiles and Permission sets.
c. Set organization wide default to Private and uncheck the Access Using Hierarchies
option for the NPS object
d. Create a criteria-based sharing rule to remove access to Manager role and above
in the Role Hierarchy
106. Universal Containers (UC) has a partner community for its 200 distributors. UC
customer accounts are assigned an individual distributor. The organization-wide default
setting for the custom Delivery object is private.
How can architect advise UC to grant all users at a distributor access to delivery records for all customers
assigned to a particular distributor?
a. Disable Grant Access using Hierarchies and set an Owner-Based Sharing rule
for Strategic Deals team.
b. Proposal Owner set to the Strategic Deals Team Queue and set the
Account relationship to Master-Detail.
c. Disable Grant Access Using Hierarchies and set a Criteria-Based Sharing rule for
Strategic Deals team.
d. Proposal Owner set to the Strategic Deals Team Queue and create an owner-
based sharing rule to grant visibility to the Account Owner.
108. The sales managers at the Universal Containers (UC) requested their teams to define
each user’s role on their accounts in order to provide an easy way to establish accountability
and collaboration. Sales managers also requested that sales associates should only get the
following permissions:
Assuming the overall sharing model of the organization is private and no sharing rules are configured on the
account object. How can an Architect achieve these requirements?
a. Use Account teams and use Sharing rules to share cases with sales associates.
No change required to the opportunity object
b. Use Account teams, Case teams. No configuration required for the opportunity object.
c. Use Account teams, Opportunity teams, and Case teams.
d. Use Account Teams to define access to accounts as well as opportunities and
cases related to accounts
111. Universal Containers (UC) has Affiliates who sell containers in countries where
UC does not have a local office. UC has leveraged the partner community to manage the
sales cycle. One of their affiliates has exponentially grown in the last years and
restructured its internal sales teamwith the following structure:
113. A sales rep at Universal Containers (UC) is a member of the Default Opportunity
team for anaccount manager. The account manager created an opportunity and the
sales rep is added to that Opportunity team.
The sales rep is complaining about no longer having access to an opportunity record that the sales
rep was helping with.
What is the cause of this problem?
a. The Account team was changed and consequently the Opportunity team
members werereplaced by the Account team members.
b. The Sales rep was manually removed from the Opportunity team.
c. The Sales rep was removed from the Opportunity team in another opportunity
record ofthe same account.
d. The opportunity owner can enable/disable if the “Default Opportunity team” is
able toaccess the record.
117. What vulnerability can exist when controllers use dynamic rather than static
queries andbind variables?
A. SOQL Injection.
B. Buffer Overflow Attacks.
C. Cross-site scripting.
D. Record Access Override.
118. After testing and deploying a new trigger that creates a related order when an
opportunityis closed, the Architect begins receiving complaints of permission error
message appearing an opportunity.
How did this error occur?
a. The trigger should be using RunAs() when creating the order.
b. Trigger is using Is Createable() Apex method and the user doesn’t
have createpermission on the Order object.
c. The trigger handlers class does not use any sharing keywords and the user
does nothave access to the orders related to the opportunity.
d. The trigger handlers class is using “with sharing” and the user does not have
access tothe orders related to the opportunity.
119. The Corporate Identity and access Team needs to audit User setup in the
Salesforce org.What two permissions should be granted to this team so theycan
perform their audit? Choose 2 answers
Extras questions:
1) Universal Containers (UC) implemented Sales Cloud and requested that only certain branch
staff trained to sell high risk products can create opportunities for high risk products.
In which two ways can an Architect allow only specific branch staff to sell high risk products? Choose 2
answers
A. Set Price Book Organization Wide Default to View Only and share the price book (High Risk)
with the trained staff.
B. Configure Price book Organization wide default to No Access.
C. Share (High Risk) price book with the trained staff via manual sharing.
D. Share (High Risk) price book with the trained staff via sharing rule.
2) Universal Containers has selected a small and diverse group of users to review inactive
accounts. Given the Private sharing model, a public group was created and made available to
this group of users. A sharing rule was created to make inactive Accounts visible to the public
group. However some of these users are reporting they don't see any of the Accounts that
were
shared with the public group.
What is the optimal option to give dealer managers visibility to customer cases only raised by their
service agents?