Sharing-and-Visibility-Architect Exam Questions

Explanation: Creating a criteria-based sharing rule to give access to the public group for high-value opportunities and creating a public group and assigning the auditors to the group are the best options to give access to high-value opportunities to a team of auditors distributed through the organization. Option A is incorrect, since putting the auditors as the highest level of the role hierarchy would give them access to all opportunities, not just high-value ones. Option B is incorrect, since adding the auditors to the default opportunity team would require manual configuration and maintenance.

Explanation: The field has been configured for encryption, which might cause it to not show up on the list of available fields for creating a criteria-based sharing rule. Encrypted fields are not available for sharing rules, as they may contain sensitive data that should not be exposed. Option B is incorrect, since the architect does not need permission to Compliance fields to create a sharing rule. Option C is incorrect, since the architect’s profile does not need field-level security for this field to create a sharing rule. Option D is incorrect, since fields with validation rules are available for sharing rules.

Explanation: The error occurred because the trigger handler class is using ‘‘with sharing’’ and the user does not have access to the orders related to the opportunity. The ‘‘with sharing’’ keyword enforces the sharing rules that apply to the current user. This means that if the user does not have access to a record, they will get a permission error when trying to create or update it1. The trigger should use ‘‘without sharing’’ keyword instead, which ignores the sharing rules that apply to the current user. The trigger should not use RunAs(), IsCreateable(), or no sharing keywords as they will not prevent the error from occurring.

Explanation: Order, Asset, and Contact are the three objects that can be configured as “Controlled by Parent” in Sharing Settings when Person Account is enabled in a Salesforce organization. Controlled by Parent means that the sharing setting for the object is determined by the parent record. For example, an order’s sharing setting is determined by its associated account. Opportunity and Case are not objects that can be configured as “Controlled by Parent” in Sharing Settings.

Explanation: Searching for external users is the community functionality that is impacted by having the customer user visibility turned off. When customer user visibility is turned off, community users cannot find or interact with other community users in global search, people search, or chatter. Option B is incorrect, since updating their user profile is not affected by customer user visibility. Option C is incorrect, since creating new customer community users is not affected by customer user visibility. Option D is incorrect, since searching for internal users is not affected by customer user visibility.

Explanation: Partner super user is the only feature that supports the requirement of granting specific community users (agents) to view cases submitted by other agents of the same distributor. Partner super users are community users who can access and edit data owned by other partner users in their account. They can also access reports and dashboards that display data from their account1. Permission set to grant community admin permission, delegate external user, and partner community admin are not features that can achieve the same result.

Explanation: Leveraging default Account team is the best way to help improve sales reps productivity by granting access to supporting internal users for customer records when they need help. Default Account teams are predefined groups of users who work together on an account. When a user creates or owns an account, Salesforce automatically adds the default Account team to the account team related list on the account2. Creating a permission set with “view all data” and assigning it to supporting users would give them too much access to data that they may not need. Creating a public group and replacing the account ownership with it would not be feasible or scalable. Creating a criteria-based sharing rule to grant access to other users would require manual maintenance and may not reflect the changes in the account team.

Explanation: Cloning the Sales Rep profile, adjusting settings, and assigning the pilot users the new profile is the optimal way to grant only this Sales Reps access to the new functionality, while hiding it from other users. This way, the pilot users can have different permissions and access than the other Sales Reps who are not part of the pilot. Option B is incorrect, since revoking access to legacy function in the Sales Rep profile and creating a permission set for the new functionality would affect all Sales Reps, not just the pilot users. Option C is incorrect, since creating a permission set to grant access to the new functionality and hide the old functionality would not work, as permission sets cannot revoke access. Option D is incorrect, since creating new user records for the pilot user that they will use for the pilot would be unnecessary and inefficient.

Explanation: The internal Pre-Sales users will no longer have access to the opportunity after the ownership transfer, since manual sharing is removed when a record owner changes. Option A is incorrect, since inherited sharing does not apply to manual sharing. Option B is incorrect, since implicit sharing does not apply to internal users. Option D is incorrect, since team access does not apply to manual sharing.

Explanation: Deleting the public link is the best way to ensure that the potential customers do not have access to the file after the meeting. Renaming the file, deleting the file, or moving the file to another folder will not affect the public link, which will still point to the file.