Salesforce Sharing-and-Visibility-Architect Actual Questions

According to this source, users with access to a child case have read-only access to the parent account by default, and owners of a parent account have access to child opportunities by default. The other options are not implicit record access mechanisms.

Creating a permission set that grants the View All permission for Opportunity is the best approach to meet these requirements, as it will allow the sales reporting team members to view all opportunity records without modifying their profiles. Creating a permission set that grants the View All Data permission will work, but it will also grant access to all other objects, which may not be necessary or secure. Giving the View All Data permission to the Sales Reporting profile will work, but it will also affect all users with that profile, which may not be desired.

 Adding the user to the Sales Team for the Presentation record will not work, as Sales Teams are only available for standard objects, not custom objects. Giving Edit rights to the Presentation record via a Permission set will not work, as Permission sets are assigned to users, not records. The best option is to use a trigger on Presenter junction object that uses Apex Managed sharing to add or remove access to the related Presentation record based on the junction object records.

Using Encryption Policy and contacting Salesforce to update the existing records so that their field values are encrypted is the best way to proceed with this new policy change, as it allows admins to encrypt standard and custom fields using Platform Encryption without changing existing business processes3. Using Classic Encryption will not work, as it only supports a limited number of fields and requires changes to the data model and code. Waiting for an email from Salesforce indicating the field values are encrypted will not work, as encryption policy does not automatically encrypt existing records.