Security questions - Answers - Salesforce Trailblazer Community
Trailblazer Community
Ask Search:
Alexander PinateAlexander Pinate 

Security questions

Hi Team,

How would you answer this questions related to security in Salesforce:

Universal Containers uses a custom object within the product development team. Product development, executives, and System Administrators should be the only users with access to records of this object. Product development needs read/write access to all the records within the object, while the executives should only be able to view the records.
 
How can the System Administrator configure the security model to meet these requirements?
 
A.Set the Organization-Wide Defaults for the custom object to Public Read Write; create a Read Only Sharing Rule to share all records in the object with the Executive Public Group.
 
B.Set the Organization-Wide Defaults for the custom object to Public Read Write; Give the Product Development Profile Read, Create, Edit permissions; give the Executive Profile Read Only permissions for that object.
 
C.Set the Organization-Wide Defaults for the custom object to Private; add the Executive users to the default team for the object; add the default team to all the records.
 
D.Set the Organization-Wide Defaults for the custom object to Private; give the Product Development Profile Modify All for the object; give the Executive Profile View All access.

6. Universal Containers sells through many different reseller networks. Each reseller's deals are tracked on separate opportunities. The sales manager is concerned that the pipeline report is not accurate due to multiple opportunities for the same end customer.
 
How should the sales process be modified to ensure opportunities are not double-counted in the pipeline?
 
 A. Create one opportunity and use the competitors related list to track the different resellers.
B. Change the forecast category to Omitted on the duplicate opportunities.
C. Enable duplicate management to prevent the creation of the duplicate opportunities.
D. Change the amount on the duplicate opportunities to zero.

7.What should a System Administrator do to enable CRM Content for a custom object?
 
A. Add the Related Content related list to the Page Layout.
B. Create an object-specific Content Library.
C. Create a custom field called "CRM Content".
D. Add the Solution Categories related list to the Page Layout.

4. Universal Containers wants to create a field to store credit card numbers, and needs to make sure the information is protected.
 
Which two actions allow the System Administractor to provide enhanced security for this field?
 
 Choose 2 answers
 
A. Configure different Page Layouts for users.
B. Use different Record Types for users.
C. Update Field-Level Security settings.
D. Create an Encrypted Text field.

Thanks for your help :)
Brendan ConroyBrendan Conroy
Hi Alexander,

Is a test dump for the certification exam? If so, they are not good resources for learning the tool and ultimately are out of data or straight out wrong. I would suggest  in any scenario (ie this is hypothetically actually from Trailhead and I don't recognize it) that you get a free developer instance and test it out yourself. Knowing the answer to this question won't be especially helpful to learning to the tool if you don't have hands on experience building it. 
Brigitte CarrabinBrigitte Carrabin
Hi Alexander. 
I would vote for D on the first question, although the Modify All gives ability to delete the object to PD, which is not part of the requirement. 
However C does not cover all the needs. 
I eliminated A & B as OWD would give the entire org access to the custom object records.

Happy to hear anyone else feedback. 
valerio radicevalerio radice
Hi Alexander, for your first question I think that D is correct too.
Jerry AdautoJerry Adauto
... custom object within product development...  D. +1 
If you mouse over the information icon under Modify All in classic, you can see the following "Modify All - check the boxes in this column if you want users with this profile to have access to all records of the selected object type regardless of the sharing settings for the object. The Modify All permission allows you to: -  Read, Edit, and Delete all records for the object - Transfer all records for the object - share all records for the object - Administer records in an approval process."

...sells through many different reseller networks... B. ... omitted...  See Marina's response in a different thread (https://success.salesforce.com/answers?id=9063A000000l8scQAA).

...CRM Content...  I think it's B.  but that's from memory. If anyone else finds out why, I'd love to know details.

... store credit card numbers...  C and D - this thread (https://success.salesforce.com/answers?id=90630000000gk2YAAQ) has a good debate on the topic. but I think the best options are c and d.

 
James FodyJames Fody
The first question comes straight from trailhead. Set the Organization-Wide Defaults for the custom object to Public Read Write; Give the Product Development Profile Read, Create, Edit permissions; Give the Executive Profile Read Only permissions for that object. https://trailhead.salesforce.com/en/content/learn/modules/administrator-certification-prep-security-and-data-management/study-up-on-security-and-access (Flashcards)
James FodyJames Fody
#6 also comes from trailhead. Change the forecast category to Omitted on the duplicate opportunities. https://trailhead.salesforce.com/en/content/learn/modules/administrator-certification-prep-applications-activities-and-mobile/review-sales-and-marketing-applications
James FodyJames Fody
#4 from trailhead : 
- Update field level security
- Create an encrypted text field
https://trailhead.salesforce.com/en/content/learn/modules/administrator-certification-prep-setup-and-objects/review-standard-and-custom-objects
Steve NaborsSteve Nabors
James Fody is correct,  it is the same question on Trailhead.   Setting the object to Private would work if you also created sharing rules to open access back up, but those steps aren't in the answers.  You have to remember with these questions that even though there may be other ways of doing things, you can't choose those answers unless they include all steps.  D) doesn't work because it doesn't include steps to create more sharing rules.  B) however, will get the job done with the steps provided.
Hrushikesh GudiHrushikesh Gudi
7# - A. 
Here's the documentation. 

https://help.salesforce.com/articleView?id=content_initialsetup.htm&type=5

Implementation Tips : Point 3
Ines GarciaInes Garcia
ANYONE READING THE ABOVE To "Report a Certification Policy Violation" from https://trailhead.salesforce.com/help?support=home > Feedback > report add all details
Please do report is our dutty and interest to keep certifications truthful and a representation of expertise (instead of short memory & sight of life)

Disclosing / and using exam data has serious consequences.

Basically you are shooting yourself in the foot there, as a cheater is rather easy to spot. 
Also dont be an idiot and liaise with scammers... 

If you want a certification go to trailhead.salesforce.com
is the FREE and the OFFICIAL way to learn Salesforce, Salesforce themselves create and update it so that people can learn the skills wanted.