Security: Advanced Quiz

These questions may be harder than ones asked on a certification exam. Don’t be concerned if you don’t answer these correctly on the first attempt, so long as you understand the correct answer.
To view the remainder of this content, you must register for a free account.  Please Login or Sign Up.

50 Responses to “Security: Advanced Quiz”

  1. v_hoehne April 28, 2017 at 12:00 am #

    there was a “How to you change the sales process for two diff reps?” question on the SP17 201

  2. March 17, 2017 at 1:43 pm #

    Thanks for brainstorming questions.
    I have one doubt for #1. If we put Outside sales team higher on Role hierarchy than Inside sales team then option #3 that is ” Create a sharing rule: the outside sales team will be granted read access to opportunities owned by the inside sales team” would not be required. Please suggest if can we do this?

    • JohnCoppedge March 23, 2017 at 1:53 pm #

      Yeah that’s a good approach as well

    • msjohncox July 19, 2017 at 9:44 pm #

      Yes, I was assuming role hierarchy would take care of it, if you put the outside team above the inside team.

  3. egraells January 15, 2017 at 5:55 pm #

    Hi John, first of all thanks and congrats for the site!!

    I did answer correctly both quizes, but you said in your last comment that “you woud have to maintain the groups manually…” which I realized I did not understand (you optionally assign a role when creating a user, and you assign a user to a group manually as well).
    Could you clarify me what you meant?


    • JohnCoppedge January 18, 2017 at 5:58 pm #

      Gotcha- so you could either user roles, group, or roles and goups.

      If you had just roles then your sharing rules would reference the role directly.

      If you had just groups, then you could add the users to each respective group (and have one shared role); the problem with this approach is that each user would need to be associated to a group manually.

      The last option would be to use a roles; then add each role to a group. That group would then be referenced by the sharing rule. This would let you assign users to the role, but then also add users outside of that role to a group.

  4. meticulousmeerkat September 3, 2016 at 2:08 am #

    Hi John,

    First of all … great site. Something that cannot be found anywhere = A structured learning method for the exam.

    Secondly, really pleased I got .5 on this one. Really tricky second question although it’s the one I got right! First one just got me on the “and view opportunities owned by users within both the inside and outside sales teams”. Got me on the “both”. Selected D instead of E.

    I agree with someone who stated they would love more quizzes of this nature – harder questions than expected in the exam!


    • meticulousmeerkat September 3, 2016 at 2:15 am #

      Sorry, I meant selected just E when both are required.

    • JohnCoppedge September 5, 2016 at 7:00 pm #

      Awesome- I’ll keep that feedback in mind. I’ve got some ideas for some other fun challenges in the future as well 🙂

  5. CarlosSiqueira May 16, 2016 at 2:34 am #

    I got question 2, but still trying to “get it” question 1:

    I chose “Configure org-wide defaults for opportunity to private” and “Create a sharing rule: the outside sales team will be granted read access to opportunities owned by the inside sales team.”, but didn’t exactly understand why the 2 other:

    – “Create a sharing rule: the outside sales team will be granted read access to opportunities owned by the outside sales team.”
    – ” Create two roles: one for the inside sales team and one for the outside sales team.”

    Can you elaborate?


    • hayirina May 16, 2016 at 4:43 am #

      You create sharing rule to extend visibility for records they don’t own (other members of outside team).
      Roles is for sharing (roles , roles and subordinates, public groups).

      • CarlosSiqueira May 16, 2016 at 12:40 pm #

        “Create two roles”, very tricky… That might have been the very 2nd step after making the OWD for Oppt as private, right? The “curved ball” is when you see sharing “rule” and creating “role”, hence the confusion.

    • meticulousmeerkat September 3, 2016 at 2:19 am #

      Hi Carlos,

      I hope I get it right.

      – E caters for the requirement to “share” the Opportunities between the Outside Team. This is necessary since the OWD are set to Private, meaning only the record owner will see his/her Opps.
      – D caters for the requirement to “share” the Inside Team’s Opportunities with the Outside Team.
      – F is a given since each User needs have a Profile.


      • JohnCoppedge September 5, 2016 at 7:02 pm #

        Yep- F change “profile” to “role”

        F since each user branch of users needs a role (to be assigned in the sharing rules for E/D)

  6. hayirina May 14, 2016 at 7:35 pm #

    Hi John ,

    What about (question 2) set OWD to Private, and on each user profile set to Read on Commission?
    Is it possible?

    • JohnCoppedge May 16, 2016 at 11:58 pm #

      Yes- OWD controls record access. Field level security determines access to the field- you need both access to read the record and the field to view that data.

      • sanfranmovers August 14, 2016 at 8:16 pm #

        If you assume “OWD to Private” then option 2 is the right answer. please let me know if that is wrong and why ?

    • msjohncox July 19, 2017 at 9:52 pm #

      After I got Question 2 wrong, I went back and pondered reasons and explanations. It did occur to me that if you set the OWD to private, then you’d be able to open up access with profiles or groups. However, if the organization must have OWD set to read for some reason, then you’re stuck with not being able to accomplish this scenario with Salesforce. I’ve noticed over and over that different training programs recommend setting OWDs are restrictive as possible and then opening access with profiles, roles, groups and permission sets.

  7. dgallegos1975 March 1, 2016 at 6:23 pm #

    I think question 1, last option is redundant. If you are creating sharing rules between the inside and outside sales reps, then creating these different roles would have already had to be completed. The question ask how would this be configured. The use of the word “configured” recalls thoughts of switch/button actions.

    • JohnCoppedge April 13, 2016 at 9:22 pm #

      Not sure I follow – you mention that it would have to have been completed, why wouldn’t that then be a valid option?

  8. wheelernewman November 2, 2015 at 9:56 pm #

    Great quiz. I did get stumped on the ‘Create two roles: one for the inside sales team and one for the outside sales team.’ as I figured you could use the public groups (if you wanted to anyways). I am a little nervous sometimes about those items where I know the answer would be preferred, but not necessary.

  9. ryanyoung429 August 12, 2015 at 3:06 am #

    On question 1 the 5th option doesn’t make sense. Why would the Outside Sales team need a sharing rule to view their own Opportunities.

    • JohnCoppedge August 13, 2015 at 10:13 pm #

      If you have multiple members within the team – users in the same role cannot view each others records by default when the OWD is private.

  10. Alyna Briscoe April 20, 2015 at 8:02 pm #

    Why would you need a sharing rule for the inside team if “Each user within the inside sales team must only be able to view records that they own”. That’s already defaulted with the org-wide defaults.

    • JohnCoppedge April 20, 2015 at 9:38 pm #

      You would not need a sharing rule for inside sales – if you look at the answers both of the sharing rules are providing access for the outside sales role.

  11. Shakeria Walker April 11, 2015 at 9:18 pm #

    In Question 1: If you setup the roles and had the Outside Sales Team above the Inside Sales Team would you have to create the sharing rules?

    • JohnCoppedge April 13, 2015 at 4:49 pm #

      Great idea – no you would not.

      • bkladd July 16, 2015 at 11:51 pm #

        Was going to ask the same thing. In my mind, the Outside Sales Role was going to be above Inside Sales in the hierarchy, thereby making the sharing rule for OS to see IS unnecessary.

        But I won’t say all that, and just say I’m really enjoying and getting a lot out of your site. You’ve given me a great outline to not only study for the test, but learn more about SF in general.


  12. Kevin Parsakia February 3, 2015 at 8:04 pm #

    Tricky questions sir!!! So it seems like groups and roles truly work for a solution. I will have to practice using both.

  13. Dario Di Bella January 8, 2015 at 9:40 pm #

    John: for the last bullet point in the first question, wouldn’t “Public Groups” more suited than “Roles” to accomplish this task?

    • JohnCoppedge January 13, 2015 at 12:23 am #

      No, as you have separation between the two sets of users (inside sales and outside sales), roles are appropriate. With public groups, if you had all of those users sharing the same role, each time you created a user in the sales role, you would then need to assign them either to the inside sales group or outside sales group. You definitely need the roles, but you could use groups in addition if you wanted too…

  14. James Pecot December 18, 2014 at 12:35 am #

    Got the first wrong. RTFQ – “Check all that apply.” Hate that. I just checked one.

  15. Mark Thomas October 16, 2014 at 8:34 pm #

    Admittedly got the first one wrong due to thinking Profiles rather than Roles. Walked through it in the developer org and completely made sense. Thanks for the curve ball.

  16. Cheryl Feldman June 29, 2014 at 4:41 pm #

    I scored 100% on both security quizzes. Yep I work in a highly regulated industry live and die by this stuff. Great questions.

  17. Jose Tejeda May 11, 2014 at 5:48 am #

    thank you, John! Good clarification. Also, thank you for taking time to respond to inquiries providing well, thoughtout responses. Really look forward to confirming when I pass exam, thanks to your guides!

  18. Jose Tejeda May 7, 2014 at 7:29 pm #

    Hi John, for Q#1, the reason I didn’t select 2nd & 3rd options chosen was because it only said to provide “Read” access. According to scenario, Outside Sales team needs to Read/Edit opportunities- my mind thought “read/Write” dropdown option from Sharing Rules…

    • JohnCoppedge May 10, 2014 at 10:05 pm #

      Hey Jose,

      Dissecting the question a bit:

      The outside sales team must have the ability to create and edit opportunities, and view opportunities owned by users within both the inside and outside sales teams.

      The outside sales team must have the ability to create and edit opportunities <<-- create and edit rights set by profile/permission set and view opportunities owned by users within both the inside and outside sales teams. <<-- sharing rule with read access (as read/write to other opportunities is not outright specified) I can understand how you might interpret this slightly differently but that was thinking going into the question. This is also typically why I avoid open-ended "select all that apply" as there is more room for misinterpretation, but thought it was OK for an advanced question like this. So long as you've got the concepts here you're good to go!

  19. Kathleen Renn April 11, 2014 at 7:08 pm #

    I just passed my Admin 201 exam, and I believe your website had a lot to do with it. I can’t thank you enough, and will be sure to recommend this site to anyone who needs to pass the exam. Thanks again!!!!

    • JohnCoppedge April 26, 2014 at 10:35 pm #

      Congrats Kathleen!

    • Yazz April 15, 2016 at 5:16 pm #

      Reading this really motivates me to keep studying hard. I’m a newbie when it comes to Salesforce, but hopefully soon it will be the beginning of something great. If you are still on this thread, where has your career taken you now? Just curious.

  20. Kathleen Renn March 31, 2014 at 9:55 pm #

    In question #1, why would you need roles at all? Wouldn’t creating sharing rules take care of the outside sales reps’ ability to see both their opportunities and those of the inside sales reps?

    • JohnCoppedge April 11, 2014 at 4:46 pm #

      Exactly – the sharing rule would be defined by role (that’s how inside vs outside sales would be identified).

  21. Kathleen Renn March 31, 2014 at 9:52 pm #


  22. Jason Shin February 9, 2014 at 3:54 am #

    For the last option on #1, don’t you need only 1 Role to be created containing the Outside Sales Team users?

    In the given scenario, the Role Based Sharing Rule would only need to leverage the outside sales team users but not the other to satisfy the given requirement.

    So ideally, the last option should state something like “A Role need to be created that contain all outside sales team members”.

    Please advise as I’m having hard time to believe why the second Role is required to achieve this.

    • JohnCoppedge February 10, 2014 at 2:38 am #

      You would only need one role for outside sales – but inside sales would need a separate role.

      The reason is that if you created a sharing rule that granted access to a single role (e.g. sales group role) – this would grant access to both the outside sales (correct) and inside sales (incorrect).

    • annatso August 27, 2015 at 6:17 pm #

      This could also be done with public groups instead of roles.

  23. Kaira Bergstra January 17, 2014 at 9:53 pm #

    Some harder questions are great to have a crack at! Thanks,


Leave a Reply