A sales manager says reps can see too many opportunities. How would you investigate?

Direct Answer

I would start by identifying the affected user, the object, and a sample record, then trace access through OWD, role hierarchy, sharing rules, manual sharing, teams, and any permission or group-based exceptions.

Detailed Explanation

A strong answer emphasizes working from actual user-record examples instead of guessing from setup screens. It also notes that profile access and record visibility are different layers, which helps avoid wasted troubleshooting.

Why the Interviewer Asks This

The interviewer wants to see whether you troubleshoot security methodically.

Weak Answer Warning

A weak answer jumps straight to changing profiles or removing permissions without tracing current visibility.

Stronger Answer Direction

Show a sequence: reproduce, inspect sharing, identify the source of access, then correct the design.

Follow-up Question

What tools would you use to confirm why the user has access?