Today, I’ve passed Salesforce ‘Sharing and Visibility Designer Exam’. Phew! This was a little tough! In-spite of studying all the topics, Still I was finding difficulty answering many types of questions. And this is not without reasons!
- Firstly I found quite a few questions(5-6) with confusing answers choices. It seemed none was correct.
- Some questions seem to have multiple correct answers but you were forced to select one.
- Some were very very lengthy. Few took me more than 4-5 minutes. Considering, you’ve just, on an average of 2 minutes( 60 ques/120 min) to answer each question, This seems a pretty big number.
Above problems, you’d normally face in any salesforce certification but considering, you don’t have any many sample questions set etc available for architect-level certifications, this has become pretty challenging.
Now coming to the main points:
What helped me to prepare for this certification:
- I would say ‘official’ trail mix for this is all that you need: Architect-sharing-and-visibility
- This pretty much covers everything ! if you can read everything twice, then that is sufficient as per my experience.
- To find what are important topics/concepts – visit those, which are mentioned by these fellow bloggers in below posts. I’m not going to repeat them. These are what I faced in the exam today.
Now comes the most interesting part:
Few samples questions, which I’ve come across in today’s exam. Please note, don’t treat this as a dump because firstly, I don’t remember all the details of questions mentioned below. This is just to give you an idea what is expected from you in the exam.
- In a force.com platform based health application, large text area field is used by doctors to enter their notes. Business found that this field contains sensitive PII information and asked an architect to suggest a solution so that data remains encrypted in both ‘REST’ as well as in ‘Transit’.
- Out of options given 2 were obviously not correct. Only contention was, between the following 2 options:
- Enable Platform encryption and makes notes field as encrypted
- Create a new encrypted field(Classic encryption) and move notes data to the new field.
- It was tricky, as I was not considering option 1 because I was not sure in Platform encryption keeps data encrypted in both ‘Rest’ and ‘Transit’.
- create new encrypted field also doesn’t seem correct as it has just 175 character limit and might not be sufficient to store large text area data.
- This is the reason, I selected Platform encryption as the correct answer
- Read the first line of this article and I think above is correct :
- A developer is creating a managed package for their internal org which makes call out to an external system. The architect wants that username and password (to call out external system) should be secured properly. Basic authentication is done to make a call out. Where should credentials be stored? Choose 3 options:
- Protected custom settings
- Protected custom metadata
- named credentials
- encrypted text field
- I don’t remember ( as was not relevant)
- First 2 choices were obviously correct. I got confused in the next two ones. But since named credentials are still visible to anyone with ‘customize application’ permission, so I chose 3rd option as ‘encrypted text field’.(I may be wrong, please verify yourself)
- Find a vulnerability in the following code snippet
- Again 4 choices were given, two were something different, not able to recall. We’ve to basically choose from either :
- SOQL injection
- XSS attack ( which was the correct answer as escape was set as false)
- Universal Container wants synchronization between an external ERP system and its Salesforce Org. The external system has thousands of Accounts & Contacts, while Salesforce has only contacts but no Account(s). The external system wants to run synchronization to update 100,000 Contacts in Salesforce. In OWD setting in Salesforce- Accounts are Private & Contacts are controlled by Account. How can architect design a solution so that Salespeople within Salesforce can view all the Contacts (not necessary for them to view ‘Accounts’)
- Create a dummy Account. Run synchronization & link all newly created/updated Contacts to that Account and create Sharing rule on Account
- Create a dummy Account. Run synchronization & link all newly created/updated Contacts to that Account and create Sharing rule on Contact
- Run Synchronization and create(or update) both Accounts and Contacts and create sharing rule on Contact to share them to Salespeople
- Run Synchronization and create(or update) both Account and Contacts and create sharing rule on Account to share them to Salespeople
- This was a big question. But a key point is, when Contacts are controlled by Account, you can’t create sharing rules on Contact. So options 2nd and 3rd are straightforward to be ruled out.
- Creating a dummy account for 100, 000 contacts could create locking issues and parent-child skew, so not much desirable.
- Best seems to be last one – create both Account and Contact via synchronization and create Account sharing Rules
- A developer has created visual force page on the lead object using Standard Controller. How he can ensure user permissions(FLS) are enforced
- First two options are related to using ‘isAccessible()’ etc on the appropriate Describe Field Result in associated apex controller.
- One was obviously wrong, like using with Sharing/Without sharing keywords in apex controller.
- Last option was something like :
- This seems correct as first two options can also be ruled out as ‘standard’ controller was used so apex code based checks are not appropriate
- Please read this article wholeheartedly to grasp concepts
- What is the required to remove permission to exports reports?
- Remove export button option from report page layout
- Remove manager permission from corresponding report folder
- Remove export report permission from the user profile
- Another(not able to recall ).
- 3rd seems to be the correct answer
- UC has enabled the feature of Case teams in their Org, what are the options available to filter when creating List views. Select 2 options.
- Seems, last two (Queues and Teams) are correct answers.
- What type of Grants are stored in Group membership tables? Choose two :
- Inherent Grant
- Group membership Grant
- Implicit Grant
- Explicit Grant
- (confusing one, able to recall just little bit). Basically, it was like- how to ensure manual sharing given on Account didn’t get deleted, when ownership changes
- As usual, the first two options were not seemed to be related.
- Set Sharing reason as ‘Manual’.
- Set Custom sharing reason
- Now, none seemed to be as correct.
- If you set Sharing reason was ‘Manual’ , manual sharing would get deleted. On the other hand, you can’t set custom sharing reason on Standard object(Account) as per my understanding.
- Still, I selected the last one(Custom Sharing reason) as the correct reason.
I’d keep adding more questions if I’m to recall. Till then wish you, all the best in your preparations!