Free Preparation Discussions
MENU
Salesforce Certified B2C Solution Architect (Arch-302) Exam - Topic 3 Question 102 Discussion
Topic #: 3
A company needs to have specific fields encrypted in the user interface on the contact record in Service Cloud as well as on some fields in data extensions that exist only in the Marketing Cloud. The merchant believes that Salesforce Shield Encryption is a suitable solution.
Which two considerations are relevant for the merchant when determining an appropriate solution?
Choose 2 answers
Salesforce Shield Encryption is a feature that allows encrypting sensitive data at rest in Salesforce without compromising functionality or performance. Shield Encryption uses probabilistic encryption to protect data while preserving its format and length. Field-Level Encryption is a feature in Marketing Cloud that allows encrypting sensitive data at rest in Marketing Cloud using customer-managed keys. Field-Level Encryption uses deterministic encryption to protect data while preserving its format and length. When determining an appropriate solution for encrypting specific fields in Service Cloud as well as in data extensions in Marketing Cloud, the following considerations are relevant:
With Shield, encrypted fields cannot be used to filter or sort in Process Builder and Flow Builder. Process Builder and Flow Builder are tools in Salesforce that allow creating automated workflows and processes based on certain criteria or conditions. However, Shield Encryption does not support filtering or sorting on encrypted fields in these tools, because probabilistic encryption does not allow exact matching or comparison of values.
Shield encryption can be done on any standard or custom field on all field types, but cannot be set to encrypt those fields in Marketing Cloud. Shield Encryption supports encrypting any standard or custom field on any field type in Salesforce, such as text, email, phone, date, etc. However, Shield Encryption does not apply to Marketing Cloud fields or data extensions, because they are stored in a separate database from Salesforce. To encrypt fields in Marketing Cloud, Field-Level Encryption must be used.
Option A is incorrect because with Shield, encrypted fields are visible to the user if they have the View Encrypted Data permission, but there are other feature impacts such as filtering, sorting, searching, etc. Option C is incorrect because Field-Level Encryption is not required on Marketing Cloud to encrypt the custom fields if they are already encrypted by Shield Encryption in Service Cloud. However, Field-Level Encryption can be used on Marketing Cloud if additional encryption or customer-managed keys are needed. Reference:
https://help.salesforce.com/s/articleView?id=sf.security_pe_overview.htm&type=5
https://help.salesforce.com/s/articleView?id=sf.security_pe_considerations_general.htm&type=5
https://help.salesforce.com/s/articleView?id=sf.mc_overview_field_level_encryption.htm&type=5
Amber
3 days ago