I recently passed the Salesforce Certified Sharing & Visibility Designer Exam and the 4th one on my Salesforce Architect Domain track. The full exam details can be found here. In this post I’ll provide my general thoughts on the content of the exam.
The Salesforce Certified Sharing and Visibility Designer credential is designed for those who assess the architecture environment and requirements and design sound, scalable, and high-performing technical solutions on the Force.com platform that meet sharing and visibility security requirements. Candidates should have experience communicating solutions and design trade-offs to businesses and IT stakeholders.
Study Guide — (Spring ’17)
The Salesforce Certified Sharing and Visibility Designer exam measures a candidate’s knowledge and skills related to the following objectives.
- Declarative Sharing (67%)
- Programmatic Sharing (8%)
- Performance (25%)
The Salesforce sharing model is an essential element in your organization’s ability to provide secure application data access. Therefore, it’s crucial to architect your sharing model correctly to meet your current and future data access requirements. In my opinion this module is one of the challenging modules in Salesforce CTA path. The exam had a perfect mix of easy, moderately difficult and tricky or hard questions.
The most important topics that you must be well versed with to pass the exam:
Org Wide Default (internal, external)
Sharing Rules (ownership based, criteria based)
Profiles and Permission Sets
Object Relationships and their impact on security — many-to-many, master-detail, lookup
Record-Level Locking — error cause and resolution
Grant Access Using Hierarchies — what happens when it is disabled/enabled
Lookup Skew — resolution to peak performance
Granular Locking — error cause and resolution
Implicit & Explicit sharing
Apex Managed sharing
Sharing options in Communities — Partner vs Customer, Sharing Sets, Sharing Groups
Enterprise Territory Management — features, visibility rules, filter-based Oppty territory assignment
Salesforce Shield Platform Encryption — PII, PCI, PHI data encryption at rest and transit
Enforcing Object level security and FLS in Visualforce & Apex
runAs() method and its uses
With Sharing and Without Sharing keywords
SOQL Injection, Cross-site Scripting (XSS), Arbitrary Redirects, Data Access Controls
Exposing data using Webservices
Account Teams & Opportunity Teams
Report & Dashboard Access
I referred to the following documents, blogs, white-papers for my exam preparation