Use the stripInaccessible method to enforce field- and object-level data protection. This method can be used to strip the fields and relationship fields from query and subquery results that the user can’t access. The method can also be used to remove inaccessible sObject fields before DML operations to avoid exceptions and to sanitize sObjects that have been deserialized from an untrusted source.
The field- and object-level data protection is accessed through the Security and SObjectAccessDecision classes. The access check is based on the field-level permission of the current user in the context of the specified operation—create, read, update, or upsert.
1. Getting accessible records
SObjectAccessDecision securityDecision = Security.stripInaccessible(sourceRecords);
System.debug(securityDecision.getRecords()); // prints records with fields to which user has access
2. Printing removed field-
System.debug(securityDecision.getRemovedFields().get('Account')); // Prints "Rating"
//This prints removed fields from account object.
3. To check whether field is accessible to user or not-
Contact c = securityDecision.getRecords()[0];
System.debug(c.isSet('social_security_number__c')); // prints "false"
//Since social_security_number__c is not available to user.
4. You can also use ‘contains’ to check whether the field is inaccessible or not-
securityDecision.getRemovedFields().get('Campaign').contains('ActualCost');
//if true, it means field is inaccessible.
Reference–
SFDC Arjuna 