An analytics user at Cloud Kicks needs Read, Create, and Edit access for objects and should be restricted from deleting any records. What should the administrator do to meet this requirement?
A.
Create and assign a custom profile with Delete access removed for each object.
B.
Create and assign a permission set that includes Read, Create, and Edit access.
C.
Assign the standard System Administrator profile to the analytics user.
D.
Give the user View All access and assign them to the highest role in the role hierarchy.
B. Create and assign a permission set that includes Read, Create, and Edit access. ❌
* Permission Sets only add permissions, not restrict them.
* If the user's profile already includes Delete permissions, a permission set cannot remove that permission.
C. Assign the standard System Administrator profile to the analytics user. ❌
* System Administrator has full access, including Delete permissions.
* This would give more access than required, which is against security best practices.
D. Give the user View All access and assign them to the highest role in the role hierarchy. ❌
* View All does not provide Create or Edit access.
* The role hierarchy only affects record visibility, not CRUD permissions.
There's no need to create a new profile, answer B (permission set)(is enough.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Jason_R
1 week ago83f117f
7 months, 2 weeks ago