Answer:
The correct option is B. Set all Organization-Wide Default security to be "Private" for both internal and external users and use Sharing Rules to grant the desired access.
Explanation:
Note: This question is not complete as the options are not included. The complete question with the options is therefore provided before answering the question as follows:
Universal Containers is designing a new community using the Customer Community license type. They would like to have the users complete survey questions through the community interface and store the responses in a Custom Object that has a lookup to the account object. Any internal user who has access to the account should be able to see all survey responses. All Customer Community users should be able to see surveys filled in by other users for their company, but not surveys for other companies. What are the correct security settings to achieve this?
A. Set all Organization-Wide Default security to be "Public Read/Write" for internal users and "Private" for external users.
B. Set all Organization-Wide Default security to be "Private" for both internal and external users and use Sharing Rules to grant the desired access
C. Set all Organization-Wide Default settings to be "Public Read/Write" for both internal and external users.
D. Set the custom object to be master-detail to the Account and leave the Organization-Wide Default settings as their default values.
The explanation of the answer is now provided as follows:
Organization Wide Default security refers to settings that provides most restrictive settings that may be opened up by Role Hierarchy and Role hierarchy can be opened by Sharing rules. And the visibility of records at the record level is determined by all of these factors. Private, Public Read, Read/Write, and Read/Write & Transfer are the four permissions available in Sharing Rules.
The rules that are used to offer sharing access to users in public groups, roles, or territories are referred to as sharing rules. By introducing automatic exceptions to your org-wide sharing policies, sharing rules allow certain users more access.
By implication, the correct security settings to achieve the objective stated in the question is to set all Organization-Wide Default security to be "Private" for both internal and external users and use Sharing Rules to grant the desired access.
Therefore, the correct option is B. Set all Organization-Wide Default security to be "Private" for both internal and external users and use Sharing Rules to grant the desired access.