These questions may be harder than ones asked on a certification exam. Don’t be concerned if you don’t answer these correctly on the first attempt, so long as you understand the correct answer.
50 Responses to “Security: Advanced Quiz”
Leave a Reply
You must be logged in to post a comment.
there was a “How to you change the sales process for two diff reps?” question on the SP17 201
Thanks for brainstorming questions.
I have one doubt for #1. If we put Outside sales team higher on Role hierarchy than Inside sales team then option #3 that is ” Create a sharing rule: the outside sales team will be granted read access to opportunities owned by the inside sales team” would not be required. Please suggest if can we do this?
Yeah that’s a good approach as well
Yes, I was assuming role hierarchy would take care of it, if you put the outside team above the inside team.
Hi John, first of all thanks and congrats for the site!!
I did answer correctly both quizes, but you said in your last comment that “you woud have to maintain the groups manually…” which I realized I did not understand (you optionally assign a role when creating a user, and you assign a user to a group manually as well).
Could you clarify me what you meant?
Gotcha- so you could either user roles, group, or roles and goups.
If you had just roles then your sharing rules would reference the role directly.
If you had just groups, then you could add the users to each respective group (and have one shared role); the problem with this approach is that each user would need to be associated to a group manually.
The last option would be to use a roles; then add each role to a group. That group would then be referenced by the sharing rule. This would let you assign users to the role, but then also add users outside of that role to a group.
First of all … great site. Something that cannot be found anywhere = A structured learning method for the exam.
Secondly, really pleased I got .5 on this one. Really tricky second question although it’s the one I got right! First one just got me on the “and view opportunities owned by users within both the inside and outside sales teams”. Got me on the “both”. Selected D instead of E.
I agree with someone who stated they would love more quizzes of this nature – harder questions than expected in the exam!
Sorry, I meant selected just E when both are required.
Awesome- I’ll keep that feedback in mind. I’ve got some ideas for some other fun challenges in the future as well 🙂
I got question 2, but still trying to “get it” question 1:
I chose “Configure org-wide defaults for opportunity to private” and “Create a sharing rule: the outside sales team will be granted read access to opportunities owned by the inside sales team.”, but didn’t exactly understand why the 2 other:
– “Create a sharing rule: the outside sales team will be granted read access to opportunities owned by the outside sales team.”
– ” Create two roles: one for the inside sales team and one for the outside sales team.”
Can you elaborate?
You create sharing rule to extend visibility for records they don’t own (other members of outside team).
Roles is for sharing (roles , roles and subordinates, public groups).
“Create two roles”, very tricky… That might have been the very 2nd step after making the OWD for Oppt as private, right? The “curved ball” is when you see sharing “rule” and creating “role”, hence the confusion.
I hope I get it right.
– E caters for the requirement to “share” the Opportunities between the Outside Team. This is necessary since the OWD are set to Private, meaning only the record owner will see his/her Opps.
– D caters for the requirement to “share” the Inside Team’s Opportunities with the Outside Team.
– F is a given since each User needs have a Profile.
Yep- F change “profile” to “role”
F since each user branch of users needs a role (to be assigned in the sharing rules for E/D)
Hi John ,
What about (question 2) set OWD to Private, and on each user profile set to Read on Commission?
Is it possible?
Yes- OWD controls record access. Field level security determines access to the field- you need both access to read the record and the field to view that data.
If you assume “OWD to Private” then option 2 is the right answer. please let me know if that is wrong and why ?
After I got Question 2 wrong, I went back and pondered reasons and explanations. It did occur to me that if you set the OWD to private, then you’d be able to open up access with profiles or groups. However, if the organization must have OWD set to read for some reason, then you’re stuck with not being able to accomplish this scenario with Salesforce. I’ve noticed over and over that different training programs recommend setting OWDs are restrictive as possible and then opening access with profiles, roles, groups and permission sets.
Yep – setting most or all objects to private is not at all uncommon
I think question 1, last option is redundant. If you are creating sharing rules between the inside and outside sales reps, then creating these different roles would have already had to be completed. The question ask how would this be configured. The use of the word “configured” recalls thoughts of switch/button actions.
Not sure I follow – you mention that it would have to have been completed, why wouldn’t that then be a valid option?
Great quiz. I did get stumped on the ‘Create two roles: one for the inside sales team and one for the outside sales team.’ as I figured you could use the public groups (if you wanted to anyways). I am a little nervous sometimes about those items where I know the answer would be preferred, but not necessary.
On question 1 the 5th option doesn’t make sense. Why would the Outside Sales team need a sharing rule to view their own Opportunities.
If you have multiple members within the team – users in the same role cannot view each others records by default when the OWD is private.
Why would you need a sharing rule for the inside team if “Each user within the inside sales team must only be able to view records that they own”. That’s already defaulted with the org-wide defaults.
You would not need a sharing rule for inside sales – if you look at the answers both of the sharing rules are providing access for the outside sales role.
In Question 1: If you setup the roles and had the Outside Sales Team above the Inside Sales Team would you have to create the sharing rules?
Great idea – no you would not.
Was going to ask the same thing. In my mind, the Outside Sales Role was going to be above Inside Sales in the hierarchy, thereby making the sharing rule for OS to see IS unnecessary.
But I won’t say all that, and just say I’m really enjoying and getting a lot out of your site. You’ve given me a great outline to not only study for the test, but learn more about SF in general.
Awesome, love the feedback 🙂
Tricky questions sir!!! So it seems like groups and roles truly work for a solution. I will have to practice using both.
John: for the last bullet point in the first question, wouldn’t “Public Groups” more suited than “Roles” to accomplish this task?
No, as you have separation between the two sets of users (inside sales and outside sales), roles are appropriate. With public groups, if you had all of those users sharing the same role, each time you created a user in the sales role, you would then need to assign them either to the inside sales group or outside sales group. You definitely need the roles, but you could use groups in addition if you wanted too…
Got the first wrong. RTFQ – “Check all that apply.” Hate that. I just checked one.
Admittedly got the first one wrong due to thinking Profiles rather than Roles. Walked through it in the developer org and completely made sense. Thanks for the curve ball.
I scored 100% on both security quizzes. Yep I work in a highly regulated industry live and die by this stuff. Great questions.
thank you, John! Good clarification. Also, thank you for taking time to respond to inquiries providing well, thoughtout responses. Really look forward to confirming when I pass exam, thanks to your guides!
Hi John, for Q#1, the reason I didn’t select 2nd & 3rd options chosen was because it only said to provide “Read” access. According to scenario, Outside Sales team needs to Read/Edit opportunities- my mind thought “read/Write” dropdown option from Sharing Rules…
Dissecting the question a bit:
The outside sales team must have the ability to create and edit opportunities, and view opportunities owned by users within both the inside and outside sales teams.
The outside sales team must have the ability to create and edit opportunities <<-- create and edit rights set by profile/permission set and view opportunities owned by users within both the inside and outside sales teams. <<-- sharing rule with read access (as read/write to other opportunities is not outright specified) I can understand how you might interpret this slightly differently but that was thinking going into the question. This is also typically why I avoid open-ended "select all that apply" as there is more room for misinterpretation, but thought it was OK for an advanced question like this. So long as you've got the concepts here you're good to go!
I just passed my Admin 201 exam, and I believe your website had a lot to do with it. I can’t thank you enough, and will be sure to recommend this site to anyone who needs to pass the exam. Thanks again!!!!
Reading this really motivates me to keep studying hard. I’m a newbie when it comes to Salesforce, but hopefully soon it will be the beginning of something great. If you are still on this thread, where has your career taken you now? Just curious.
In question #1, why would you need roles at all? Wouldn’t creating sharing rules take care of the outside sales reps’ ability to see both their opportunities and those of the inside sales reps?
Exactly – the sharing rule would be defined by role (that’s how inside vs outside sales would be identified).
For the last option on #1, don’t you need only 1 Role to be created containing the Outside Sales Team users?
In the given scenario, the Role Based Sharing Rule would only need to leverage the outside sales team users but not the other to satisfy the given requirement.
So ideally, the last option should state something like “A Role need to be created that contain all outside sales team members”.
Please advise as I’m having hard time to believe why the second Role is required to achieve this.
You would only need one role for outside sales – but inside sales would need a separate role.
The reason is that if you created a sharing rule that granted access to a single role (e.g. sales group role) – this would grant access to both the outside sales (correct) and inside sales (incorrect).
This could also be done with public groups instead of roles.
It could, but then you would have to maintain the groups manually…
Some harder questions are great to have a crack at! Thanks,