Which three steps should an app builder take to properly control access to Reviews?

Universal Containers allows all employees to submit reviews for leadership using a custom object called Review. These Reviews should only be visible to the HR department and the employee who submitted the record.

Which three steps should an app builder take to properly control access to Reviews? Choose 3 answers
A . Disable Grant Access Using Hierarchies.
B . Add a Master-Detail (User; field on the Review object.
C . Create a criteria-based Sharing Rule for the HR Department.
D . Remove Review Read permission from non-HR Department user Profiles.
E . Set organization-wide default to Private.

View Answer

Answer: B, C, E

Explanation:

Disable Grant Access Using Hierarchies, Create a criteria-based Sharing Rule for the HR Department, and Remove Review Read permission from non-HR profiles. These are correct because disabling Grant Access Using Hierarchies prevents users above the record owner in the role hierarchy from viewing the Review records, creating a criteria-based Sharing Rule for the HR Department allows users in that group to view all Review records, and removing Review Read permission from non-HR profiles prevents users in other profiles from viewing any Review records.