Universal Containers allows all employees to submit reviews for leadership using a custom
object called Review. These Reviews should only be visible to the HR department and the
employee who submitted the record.
Which three steps should an app builder take to properly control access to Reviews?
(Choose 3 answers)
A. Disable Grant Access Using Hierarchies.
B. Add a Master-Detail (User; field on the Review object.
C. Create a criteria-based Sharing Rule for the HR Department.
D. Remove Review Read permission from non-HR Department user Profiles.
E. Set organization-wide default to Private
B. Add a Master-Detail (User; field on the Review object.
C. Create a criteria-based Sharing Rule for the HR Department.
E. Set organization-wide default to Private
Explanation:
Disable Grant Access Using Hierarchies, Create a criteria-based Sharing Rule for the HR
Department, and Remove Review Read permission from non-HR profiles. These are
correct because disabling Grant Access Using Hierarchies prevents users above the record
owner in the role hierarchy from viewing the Review records, creating a criteria-based
Sharing Rule for the HR Department allows users in that group to view all Review records,
and removing Review Read permission from non-HR profiles prevents users in other
profiles from viewing any Review records.