Salesforce Sharing and Visibility Certification Practice Exam

How can Universal Containers allow some employees to view and edit records of custom objects without allowing delete access?

• A. Remove the Delete Access for positions from all user roles.
• B. Remove the Delete Permission for positions from all profiles.
• C. Set the Organization-wide default for positions to Read-Only.
• D. Assign the Read-Only profile to all users.

The correct answer is: Remove the Delete Permission for positions from all profiles.

The correct approach to allow some employees to view and edit records of custom objects while preventing them from having delete access is to manage permissions at the profile level. By removing the Delete Permission for positions from all profiles, you ensure that users assigned to those profiles can edit and view the records, but they will not have the ability to delete them. Profiles in Salesforce are used to define the permissions and access levels for users, including the ability to perform certain operations like delete, read, and edit. By specifically restricting the delete permission while allowing read and edit permissions, you can tailor access to the needs of your organization without impacting other functionalities. The mention of removing delete access from all user roles or setting the organization-wide default to read-only does not effectively address the requirement to allow editing without the ability to delete. Removing delete access from roles might prevent even those who should have the ability to edit records from doing so, thus leading to overly restrictive access. Similarly, setting the organization-wide default to read-only would prevent employees from editing records entirely, which does not fulfill the requirement of allowing edits. Assigning a read-only profile to all users would also not allow for any edits. Therefore, adjusting the profiles directly is the best solution.