Other Flashcards Preview

SFDC Sharing and Visibility Designer > Other > Flashcards

Flashcards in Other Deck (29)
Loading flashcards...
1

How can you restrict users from seeing custom text field that you want to keep private (but you do want them to be able to edit the same field)?

Use classic encryption for custom fields. Only users with the permission "View Encrypted Data"

2

Can you use encrypted fields in email templates?

Yes, but the value is always masked regardless of whether you have the "View Encrypted Data" permission

3

Can encrypted fields be cloned using the standard Salesforce record cloning functionality?

Only if you have the "view Encrypted Data" permission can you clone the value of an encryped field

4

Are encrypted fields searchable?

No, but they can be included in search results

5

Which objects can you check (via SOQL) to determine the custom permissions that a user have?

SetupEntityAccess and CustomPermission sObjects

6

If you have access to an account's child record, what type of access do you have to the parent account?

Implicit Read Only access

7

If you have access to a parent account, what access do you have to the child records?

You have access to the associated child records, but the account owner's role determines the level of access to the child records

8

What is the sharing behavior for portal users on account and case access?

An account's portal user has Read Only access to the parent account and to all of the account's contacts

9

What is the sharing behavior for portal users when the data is owned by Service Cloud portal users?

Since Service Cloud portal users don't have roles, portal account owners can't access their data via the role hierarchy. To grant them access, you can add account owners to the portal's share group where the service cloud portal users are working.

10

What is the sharing behavior for portal users for cases?

If a portal or customer community plus user is a contact on a case, then the user has Read and Write access to the case

11

What does implicit parent sharing provide?

Read-only access to the parent account for a user with access to a child record

12

What does implicit child sharing provide?

Access to child records for the owner of the parent account

13

What does implicit portal sharing provide?

Access to portal account and all associated contacts for all portal users under that account

14

What does implicit High Volume sharing provide?

Access to data owned by high volume users associated with a sharing set for users that are a member of the sharing set's access group

15

Scenario: If visibility to records are determined by data that could change (ex Amount), but the people who should gain access to that data (the Top Deals team) remain the same, what sharing solution would work?

A criteria-based sharing rule that both uses the Amount field as the criterion for sharing and provides access to a public group containing all Top Deals team members

16

Scenario: If visibility to records are determined by data that could change (ex Escalation Level), and the users who should be given access are also data dependent (the account executive and renewals manager associated to the Account), what sharing solution would work?

An update trigger on the object that uses Apex managed sharing would work well. The purpose of the trigger would be to:
- Identify the account executive and renewals manager on the account
- Write two manual shares to the case sharing table, extending access to the case directly to these users

17

How does encryption protect data?

A. It makes users enter an extra strong password

B. It scrambles information so that only someone with the right key can decode it

C. It places information behind a secondary firewall

D. It stores information in a locked vault for safekeeping

B. It scrambles information so that only someone with the right key can decode it

18

What is the difference between Shield Platform Encryption and Classic Encryption?

A. Shield Platform Encryption uses an HSM-based derived AES-256 bit key. Classic Encryption uses a AES-128 bit key

B. Classic Encryption is available by default and provided free of charge. Shield Platform Encryption is a licensed feature available for an additional fee

C. Classic Encryption is available in the Salesforce Classic UI. Shield Platform Encryption is available through the Lightning Experience UI

D. A and B

E. A and C

D. A and B

19

Salesforce generates master secrets three times per year. How do these master secrets help encrypt your data?

A. Each org has its own master secret

B. You use the master secret to access encrypted data.

C. The master secret pairs with the tenant secret to create encryption keys, and these keys encrypt and decrypt your data

C. The master secret pairs with the tenant secret to create encryption keys, and these keys encrypt and decrypt your data

20

You're setting up a second org and training another admin. The new admin needs to set up Shield Platform Encryption on the second org. Which permissions does the new admin need to complete this task?

A. Customize Application and Manage Encryption Keys

B. Manage Encryption Keys and View Setup and Configuration

C. View Setup and Configuration

D. Customize Application

A. Customize Application and Manage Encryption Keys

21

What is the first step an organization should take when setting up Shield Platform Encryption?

A. Test encryption in a sandbox

B. Encrypt everything

C. Identify the individuals who will manage your encryption keys

D. Identify the threats that are most likely to affect it

D. Identify the threats that are most likely to affect it

22

How does Shield Platform Encryption interact with apps?

A. All apps are fully supported

B. Some apps are supported, some aren't, and a small number prevent Shield Platform Encryption from being enabled

C. Some apps are supported and some aren't

D. Shield Platform Encryption doesn't support apps

B. Some apps are supported, some aren't, and a small number prevent Shield Platform Encryption from being enabled

23

Which other tools should you use with Shield Platform Encryption to control who sees which data in your org?

A. Permissions

B. Roles and Profiles

C. Field-level security settings

D. All of the above

D. All of the above

24

A remote user is complaining that they can't see a certain account when they run a particular Private Account List View that they created for themselves. How might a System Administrator assist in troubleshooting this issue?

A. VPN to the user's location and establish a remote desktop session

B. Have the User send the List View link URL via email and investigate

C. Use the Login As feature to see what the User is seeing in her login

D. Temporarily make the user a System Administrator so she can fix the issue.

C. Use the Login As feature to see what the User is seeing in her login

25

Universal Containers has created a custom Sales Operations profile with read and edit access to the Category field on a custom object. There is a new requirement that 3 of the 100 users assigned to the Sales Operations Profile should have read-only access to the Category field

How can the Architect support this request?

A. Create a permission set in the Category field to read-only and assign it to the users

B. Create a new profile without edit access to Category and assign it to the users

C. Create a new page layout with the Category Field set to read-only for these users

D. Create a custom permission to grant read-only access to Category and assign it to the users

B. Create a new profile without edit access to Category and assign it to the users

26

At UC, the Sales VP likes to re-assign Opportunity Teams every six months. Each Opportunity Team has the following resources: AE (Owner), Sales Engineer, Vertical overlay, Sales Ops. What should the architect use to re-assign Opportunity Team members so they have access to the appropriate Opportunity records

A. From the User Setup menu, click "Update Team members on open Opportunities"

B. Build a Visualforce page that will query the default team and update open Opportunities

C. From the Opportunity record detail page, use the "Update Team Members" function

D. Use the Mass Reassign Opportunity Team wizard on the Opportunity Tab Home Page

D. Use the Mass Reassign Opportunity Team wizard on the Opportunity Tab Home Page

27

UC has successfully implemented a large Service Cloud roll out for their national call center 3 months ago. One of their largest customer accounts, United Automotive, has over 15,000 open cases. Agents are now having trouble opening new cases for United Automotive. When they try to create a case, the following Error message appears for them: UNABLE_TO_LOCK_ROW

They notice that this only occurs for the United Automotive account. If they try to save the case again it will usually work, but the problem seems to be happening more and more often.

What can be done?

A. Review all Account sharing rules to ensure that the Customer Service team has Read/Write access to the United Automotive Account

B. Review the Account structure to split the United Automotive account into multiple branch accounts

C. Review all Case Sharing Rules and consolidate where appropriate to reduce the total number of sharing rules

D. Review the Customer Service Profile to ensure that they have Read/Write access to the appropriate Case and Account fields

B. Review the Account structure to split the United Automotive account into multiple branch accounts

28

Describe Granular Locking

When you make changes to roles and groups Salesforce locks the entire group membership table, which makes it impossible to process group changes in multiple threads to increase throughput on updates. Once you request enablement of this feature from Salesforce you can process some of updates simultaneously if there is no hierarchical or other relationship between the roles or groups involved in the updates.

29

Describe Deferred Sharing

Imagine you have to rebuild the whole role hierarchy. If you have millions of records each change to the role hierarchy and group membership can take significant time as Salesforce has to recalculate the access to records. Instead , you would like to switch off sharing calculations, then do all the changes and after that switch on calculations again.