Salesforce Sharing and Visibility Architect Credential
The Salesforce Certified Sharing and Visibility Specialist is designed for architects, analysts, and administrators who want to demonstrate their knowledge, skills, and capabilities to design secure, scalable security models on the Force.com platform. A Salesforce Certified Sharing and Visibility Specialist should be fluent in effectively communicating technical solutions to technical stakeholders and providing a project delivery framework that ensures quality and success.
Here are examples of the concepts you should understand to pass the exam:
◉ Design a security and sharing model within Salesforce based on complex requirements
◉ Articulate system design considerations, benefits, trade offs, and recommendations for a security and sharing model
◉ Describe best practices and justification for when to use standard Salesforce functionality when solutioning for complex security requirements and when customizations are a better fit.
Purpose of this Exam Guide
This exam guide is designed to help candidates evaluate their readiness to pass the Salesforce Certified Sharing and Visibility Architect exam. This guide provides information about the target audience for the certification exam, recommended training and documentation, and a complete list of exam objectives—all with the intent of helping candidates achieve a passing score. Salesforce highly recommends a combination of on-the-job experience and self-study to maximize the likelihood of passing the exam.
Audience Description
A Salesforce Certified Sharing and Visibility Architect assesses the security and sharing requirements necessary to design secure, scalable solutions on the Salesforce Platform. The Architect has experience designing and implementing complex security and sharing models and communicating the solution and design trade-offs to business and technical stakeholders alike.
The Salesforce Certified Sharing and Visibility Architect has the following background:
◉ 2-3 years of Salesforce experience
◉ 4-5 years of experience with implementing complex security models in Salesforce
◉ Understanding security methods and data policies to support the handling of sensitive data
Typical job roles may include:
◉ Advanced Administrator
◉ Technical / Solution Architect
◉ Advanced Business Analyst
A candidate for this exam would be able to the following without assistance:
◉ Describe the usage and implementation of sharing rules, both criteria based and ownership based
◉ Architect the appropriate object relationships and their impact on sharing
◉ Articulate how Org-Wide defaults may impact a security model
◉ Articulate how different Salesforce license types may impact a security & sharing model
◉ Describe how the Role Hierarchy may impact the decisions made when designing a security model
◉ Describe how Profile and PermissionSet configuration may impact a security and sharing model
◉ Articulate different security capabilities with respect to record visibility, CRUD based security, record level access and the differences between the three
◉ Describe the limits of declarative capabilities and when a more custom security solution is required with associated risks and limitations
◉ Articulate what Apex Sharing is and when it should be used
◉ Articulate the security implications of using Dashboards, Apex run as an Administrator, VisualForce pages or other "run in context" tools to expose aggregate data
◉ Identify and mitigate performance and scalability concerns for a recommended solution.
◉ Develop a test process to validate a security model.
◉ Articulate use cases for sharing where features such as territory management, account teams, sales teams, case teams, groups, sharing sets, sharing groups, etc. should be used.
◉ Use correct System permissions needed to manage a security model in Salesforce.
◉ Secure files, reports and dashboards.
◉ Securing Big Objects
◉ Design security for large data volumes.
◉ Extend the security model to external users (i.e. customers, partners, guest users, etc.)
A candidate for this exam will likely need assistance with the following:
◉ Ability to independently design and implement a tokenization strategy
◉ Off platform data security considerations
◉ Determine non-core platform data security considerations (eg. Appexchange) and other Salesforce products (eg. Heroku)
◉ Describe how specific security constructs work (eg. SSL, RSA)
◉ Determine performance issues and scalability of large data sets with sharing
◉ Determine what types of sharing are impacted in an LDV scenario
◉ Determine security requirements around certain kinds of data: PCI, PII, HIPPA, etc
◉ Articulate security concepts such as Least Privilege, Defense in Depth, and Failure Securely
◉ Ability to implement programmatic sharing.
A candidate for this exam is not expected to know the following:
◉ Complex Role Hierarchy Design
◉ Measuring/Predicting LDV impacts on security Design
◉ Documenting/gathering legal requirements around sensitive data
◉ Org merge security design
Salesforce Sharing and Visibility Architect Exam Summary:
| Exam Name | Salesforce Certified Sharing and Visibility Architect |
| Exam Code | Sharing and Visibility Architect |
| Exam Price | Registration fee: USD 400 Retake fee: USD 200 |
| Duration | 120 minutes |
| Number of Questions | 60 |
| Passing Score | 67% |
| Recommended Training / Books | Architect Journey: Sharing and Visibility |
| Sample Questions | Salesforce Sharing and Visibility Architect Sample Questions |
| Recommended Practice | Salesforce Certified Sharing and Visibility Architect Practice Test |
Salesforce Sharing and Visibility Architect Syllabus:
| Section | Objectives | Weights |
Permissions to Standard Objects, Custom Objects, and Fields |
- Given a scenario, recommend the right level of object permissions needed to provide the appropriate access to a set of users. - Given a scenario, recommend the correct level of field permissions needed to provide the appropriate access to a set of users. - Given a scenario, recommend the appropriate mechanism to hide data at the user interface level. - Given a scenario, determine the appropriate access controls to protect sensitive data (e.g. PCI, PII or HIPAA). - Given a scenario, recommend the appropriate programmatic solution to ensure security settings are enforced. |
27% |
| Access to Records | - Given a set of conditions, recommend the appropriate Organization Wide Defaults to restrict access to records. - Given a set of conditions, recommend a solution that leverages the Role Hierarchy to support the Record Access requirements. - Given a set of conditions, determine how Sharing rules can be implemented to support the record access requirements. - Given a set of conditions, determine how groups can support the record access requirements. - Given a set of conditions, determine how Teams can support the record access requirements. - Given a set of conditions, determine the correct object relationships that support record access sharing requirements. - Given a set of conditions, determine how programmatic sharing supports the record access requirements. - Given a set of conditions, determine what sharing mechanism is appropriate to share records with External Users. - Given a set of conditions, determine how Record Access Overrides support the record access requirements. |
39% |
Access to other Data |
- Given a scenario, determine the appropriate access control needed to grant access to data that is not standard or custom objects. | 16% |
| Implications of Security Model Choice | - Given a scenario, determine the scalability implications of the sharing solution. - Given a set of conditions, determine the license limitations that will impact the intended sharing solution. - Given a set of conditions, determine how to test the sharing model. |
18% |
No comments:
Post a Comment