Last Attempt Sharing-and-Visibility-Architect Questions

The user who posted the file and users with access to the record can view the file by default, as files posted to a record’s feed inherit the record’s sharing settings3. Users with a shared chatter post link to the file will not be able to view the file by default, unless they also have access to the record. Only the user who posted the file will not be able to view the file by default, as other users who have access to the record can also view it.

Named Credentials, Protected Custom Metadata, and Protected Custom Settings are three options to secure the credentials for the external system. They allow the developer to store the credentials in a secure way that is not exposed to other users or packages. Storing the credentials in a custom object using encrypted fields or in the apex code are not secure options

 According to this source, the Manage Dashboards permission allows users to create, edit, and delete dashboards in any folder they have access to, and the View All Data permission allows users to view all data in the org regardless of sharing settings. The other options are not necessary for creating a dashboard to compare sales numbers.

To support the requirements with the minimum amount of effort, three platform security features that are required are criteria-based sharing rules, role hierarchy, and permission sets. Criteria-based sharing rules can be used to share all accounts with the custom field “Kay Customer” to all senior account managers based on a filter condition. Role hierarchy can be used to grant access to accounts that users or their subordinates own based on the ownership and role level. Permission sets can be used to grant view and edit access to the custom field that contains sensitive information to the three designated users, regardless of their user groups or profiles