|The architect at Universal Containers is trying to ensure that security vulnerabilities are not present within the Salesforce organization. What two tests should the architect verify? Choose 2 answers Test for SOQL Injection. Test Cross-Site Scripting on Apex queries. Test Cross-Site Scripting on custom pages. Test for invalid user access attempts.
What advanced tool can Salesforce enable for large-scale role hierarchy realignments? Partitioning by Divisions Skinny Table Indexing Set external organization-wide default to public read only Granular locking.
An External Object is created to show Invoices from an external accounting system. When viewing the External Object, a user should only access invoice records the user is authorized to see. What two actions are required to achieve the above requirements? Choose 2 answers Create an owner based sharing rule to grant visibility to the Invoice object. Setup External Object to use OAuth to connect to the Accounting system. Grant access to the External Object to only the Account Manager profile. Restrict access to data in the accounting system.
Sales executives at Universal Containers (SC) want to create list views to filter opportunities for large at-risk Opportunities. These list views should only be available to certain executives that specialize in closing problematic deals. How can UC solve this requirement? Share the List Views with the appropriate Role in the Role Hierarchy. Share the List Views with the appropriate Public Group. Share the List Views with the appropriate individual users. Share the List Views with the appropriate Queue.
The architect has a requirement to create a criteria-based sharing rule based on the customer Social Security number. However when setting up the rule in Contact Sharing, the field is not shown on the list of available fields. What might cause this? Text fields with validation rules are not available for sharing rules. The architect does not have permission to Compliance fields. The field has been configured for encryption. The architect's profile does not have Field level Security (FLS) for this field.
At Universal Containers, Accounts and Contacts are normally visible to all employees, and Proposals (custom object) are visible to the Account owner and managers. However, some Proposals are considered confidential and are managed by a Strategic Proposals team. These Proposals should not be visible to anyone in the Sales group other than the owner and the strategic team.
How should the architect design for this requirement? Proposal Owner set to the Strategic Deals Team Queue and create an owner-based sharing rule to grant visibility to the Account owner. Proposal Owner set to the Strategic Deals Team Queue and set the Account relationship to Master-Detail. Disable Grant Access Using Hierarchies and set an Owner-Based Sharing rule for Strategic Deals team. Disable Grant Access Using Hierarchies and set a Criteria-Based Sharing rule for Strategic Deals team.
Which two options can be selected to share data with when creating a sharing rule? Choose 2 answers Roles Public Groups Users Profiles.
Jane, a support representative at Universal Containers, created a report to view all her open cases that have been created in the past 7 days and saved the report in the "Private Reports" folder. Who can view and run the report? The report owner and any users who have been given access to the "My Private Reports" folder The report owner and anybody in the role hierarchy above the report owner The report owner The report owner and users with the "View All Data" permission.
Universal Containers (UC) provides shipment tracking for its customers on a custom Shipment object. The total number of shipments made yearly by the customers should be available on the Account record to the Marketing team, but the Marketing team should not have access to Shipment records. What recommendation should an Architect provide to accomplish this? Private organization-wide default on Shipment, rollup summary, and Master-Detail relationship to Account. Controlled by Parent (Account) on Shipment, trigger, and Master-Detail relationship to Account. Private organization-wide default on Shipment, trigger, and Lookup relationship to Account. Public organization-wide default on Shipment, process builder, and Lookup relationship to Account.
Universal Containers (UC) sales managers are complaining that they cannot access their teams' Shipment records (a custom object). Initially, the admin suggested that this is happening due to misconfigured role hierarchy (Shipment OWD is Private). After investigation, they determined the role hierarchy for these users is correct. What can be the reason why Universal Containers sales managers are not able to see Shipment records? Role hierarchy implicit sharing was incorrectly disabled by the Salesforce admin. The Grant Access Using Hierarchies option on Shipment Sharing Settings was incorrectly disabled by the Salesforce admin. Sales managers have only the Read permission on the Shipment object and should not be able to edit their team records. Ownership-based sharing rule for Shipment was incorrectly disabled by the Salesforce admin.
What vulnerability can exist when controllers use dynamic rather than static queries and bind variables? Record Access Override Buffer Overflow Attacks Cross-site scripting SOQL Injection.
Universal Containers (UC) has implemented Customer Community with customer community plus licenses for their distributors. Some distributors requested granting specific community users (agents) to view cases submitted by other agents of the same distributor. Which feature only supports these requirements? Partner community admin Partner super user Permission set to grant community admin permission. Delegate external user.
What should a Salesforce architect recommend to make sure that users that gained access to a custom object record through Apex managed sharing do not lose access to it when its owner is changed? Use "runAs" system method in Apex classes to enforce record visibility.
Create a new record in _Share object with RowCause "Manual". Use "With Sharing" keyword to make sure record visibility will be considered. Create a specific Apex Sharing Reason for the custom object.
After setting up Customer Community and enabling collaboration, the architect realizes that customers are only seeing Chatter posts from other customers in their account. What should the architect do to allow viewing Chatter posts from all customers? Enable Community User Visibility. Enable Chatter Super User. Enable Internal Users Visibility. Set View All for Chatter posts.
Universal Containers uses person accounts to represent retail customers and business accounts to represent commercial customers. The Retail Sales team should not have access to commercial customers but have access to ALL retail customers. With organization-wide default on Account set to Private, how might the architect meet these requirements? Update Retail Sales profile to grant access to Person Account record type. Create an owner-based sharing rule on
AccountContactRelation to grant access to all account contact roles records owned by retail sales reps. Create a criteria-based sharing rule giving Retail Sales role access to Accounts of type PersonAccount. Give View All access for Accounts to the Retail Sales profile.
Universal Containers (UC) has a private Organization-Wide Defaults (OWD) model for the Account object and needs to control the access of records and fields according to these requirements:
• Sales reps can view/edit only their own records and cannot access the field "segment" in account page.
• Service reps need to view all accounts but cannot edit any information.
• Sales managers can modify any account of reps reporting to them.
• Service managers can modify any account.
How can a Salesforce architect provide an optimal solution for this scenario? Use profiles, sharing rules, and change OWD to public read-only. Use profiles, manual sharing, and field-level security. Use profiles, permission sets, and field-level security. Use profiles, permission sets, role hierarchy, and field-level security.
Universal Containers has developed a custom Visualforce page that will accept user input and must perform a dynamic SOQL query returning the results to the users. Which two techniques should be used to ensure the users cannot perform a SOQL injection attack? Choose 2 answers Use the With Sharing keyword on the controller. Use bind variables in the SOQL query. Use the escapesinglequotes() method to sanitize user input. Escape double quotes in the user input.
A custom ServiceFeedback object is used to collect partner feedback. ServiceFeedback records should be available to all internal employees. The OWD is set to Private for external users so partners cannot see feedback from other partner users. How can the Architect give access to all internal employees? Create a trigger on ServiceFeedback to change ownership to an internal employee. Ensure all the internal users are above the partners in the role hierarchy. Create an Owner based sharing rule for all ServiceFeedback records owned by Partners.
Set OWD, for Internal Users to Public Read Only.
Universal Containers (UC) has recently changed its internal policy to follow market regulations and create an internal team to manage the collection process. Only this those should have access to Invoice records. Currently, Invoice is a child in a Master-Detail relationship to Account. Although related lists have been removed from the page layouts, some profiles still have access to the Invoice object. Which approach should an architect recommend to fix this problem? Create a Permission Set with No Access to the Invoice object and assign to unauthorized users. Create a new Profile with no access to the Invoice object and assign it to all unauthorized users. Change the Invoice organization-wide default from Controlled by Parent to Private and remove Invoice Access from the unauthorized profiles. Replace Account and Invoice Master-Detail Relationship by a Lookup and remove Invoice Access from the unauthorized profiles .
Universal Containers (UC) has a business unit that uses a custom object to track requests which demands a high level of internal team collaboration. Although all requests must have an owner, all employees are required to collaborate on requests. Which recommendation should a Salesforce architect provide to optimize the solution and meet these requirements? Set the Request object's OWD to Public Read/Write. Set the Request object's OWD to Private and grant Modify All Data permission on all Profiles for the Request object. Set the Request object's OWD to Private and criteria-based sharing rule to share all Request records with all internal users. Set the Request object's OWD to Public Read Only and configure role hierarchy.
Universal Containers (UC) operates worldwide with offices in more than 100 regions in 10 different countries and has established a very complex role hierarchy to control data visibility. In the new fiscal year UC is planning to reorganize the roles and reassign accounts owners. Which three features could an architect recommend to avoid problems on this operation? Choose 3 answers Deferred Sharing Recalculation Partition data using Divisions Skinny table Parallel Sharing Rule recalculation Granular Locking.
Universal Containers (UC) uses a custom Visualforce page to display shipment tracking information (custom object, private OWD) to field manager and agents. The IT team wants to make sure that users have access to only the information that is alloweWhich Apex method must be used to make sure only allowed fields are shown to the users? isReadable() isShowable() isAccessible() isViewable().
Universal Containers keeps product brochures in Salesforce as files. Sarah shares a public link to a product brochure with potential customers during a meeting. She wants to ensure they do not have access to the file after the meeting. How should Sarah accomplish this? Rename the file. Move the file to another folder. Delete the file. Delete the public link.
Mary is Joe's manager in the role hierarchy. The OWD for a custom Invoice object is Public ReadOnly and Mary's profile is not granted the Read permission for the Invoice object. What action can Mary take on Joe's Invoice records, View Only None Read/Write Edit Only.
Universal Containers is planning to pilot a new application to a small set of Sales Reps. What a the optimal way to grant only those Sales Reps access to the new functionality, while hiding the legacy functionality? Create a permission set to grant access to the new functionality and hide the old functionality. Clone the Sales Rep profile, adjust settings, and assign the pilot users the new profile. Revoke access to legacy functions in the Sales Rep profile and create a permission set for the new functionality. Create new user records for the pilot user that they will use for the pilot.
Universal Containers (UC) want to reduce the amount of redundant leads entered into the system. UC also wants to ensure that leads are only edited /reassigned by lead owner. What organization-wide default (OWD) approach should be recommended to help UC implement these requirements? Implement a Private OWD on Lead Implement a Public Read Only/Transfer OWD on Lead. Implement a Public Read Only OWD on Lead. Implement a Public Read/Write OWD on Lead.
Universal Containers (SC) has created a public group with certain Sales Engineers to help on complex deals and a sharing rule to grant. access to these opportunities. Opportunity OWD is private. What is the impact of these sharing settings? Sales Engineers direct reports will also have access to these records. Sales Engineers that have a similar role of the Sales Engineers of the public group will also have access to the records. Sales Engineers Managers and their managers in the role hierarchy will also have access to these records. Subordinates of Managers who have Sales Engineers in the public group will also have access to these records.
Universal Containers (UC) has created a custom Invoice object. Standard sales users at UC can see the records in search layout, but when they click to view the detail, only record name, created date, and last modified date are shown. When the system admin accesses it, he or she sees the full record detail with many more data fields. What is the likely cause of this issue? Sales users profile does not have access to the remaining fields. Page layout assigned to sales user profile has only read-only access to the fields. Org-wide sharing settings have been set to Private and need to be adjusted to Public Read/Write. A role-based sharing is missing and should be added for the sales user's role to grant access to the fields.
A sales rep at Universal Containers (UC) has manually shared an Opportunity record with internal pre-sales users. After some time, the sales rep moved to another position and all opportunities records that were owned were transferred to a new sales rep. What happened to the internal pre-sales users access to the opportunity? They still have access to the record due to inherited sharing. They still have access to the record due to implicit sharing. They will no longer have access to the record. They still have access to the record due to team access.
Sales reps at Universal Containers (UC) complain about the manual activities they need to perform in order to grant access to supporting Internal users (legal, engineering, finance, and a forth) for customer records when they need help. In general, the sales reps Involved In the deals will not change. How Can a Salesforce architect help UC to Improve sales reps productivity? Create a criteria-based sharing rule to grant access to other users. Create a permission set with "View all data” and assign to supporting users. Create a public group and replace the account ownership with It. Leverage default Account team.