Salesforce Certified Platform App Builder — Question 42
Universal Containers allows all employees to submit reviews for leadership using a custom object. These reviews should only be visible to the HR department and the employee who submitted the review.
Which three steps should an app builder take to properly control access to review records? (Choose three.)
Answer options
- A. Remove review read permission from non-HR Department user Profiles
- B. Add a Master-Detail(User) field on the Review object
- C. Set Org Wide Default to Private
- D. Disable Grant Access Using Hierarchies
- E. Create a criteria-based Sharing Rule for the HR Department
Correct answer: C, D, E
Explanation
Setting the Org Wide Default to Private ensures that only the owners of the records and users with explicit access can view them. Disabling Grant Access Using Hierarchies prevents higher-level users from automatically accessing the records of their subordinates, thus maintaining confidentiality. Creating a criteria-based Sharing Rule for the HR Department allows specific sharing for HR without exposing the reviews to others, while options A and B do not directly address the visibility requirements.