Salesforce / Data Security & Access
What do Record Modification Fields do?
All objects include fields to store the name of the user who created the record and who last modified the record. This provides some basic auditing information
Sharing rules
Automatic exceptions to OWD for particular groups of users, so they can get records they don't own or can't normally see.
What feature would you use to assign limited admin privileges to users in your org who aren't administrators?
Delegate Administrative Duties
When asked "What fields on those objects can a user see?" - What type of security features are they referring to?
Field-level security / Field Permissions
Role hierarchies
Give access for users higher in the hierarchy to all records owned by the users below them in the hierarchy
What do permission sets do for a user?
Grant additional permissions and access
When asked "What objects can a user see?" - What type of security features are they referring to?
Object-level security / Object Permissions
For each _______, you can specify the hours when users can log in
Profile
When asked "Which records should be hidden b default?" - What type of security features are they referring to?
Record-level security / Org-wide defaults
When asked "What exceptions should we make?" - What type of security features are they referring to?
Record-level security / Role hierarchy, sharing rules and/or manual sharing
Organization-wide defaults
Specify the default level of access uers have to each others' records.
What happens when you set up Login IP Ranges?
Users outside of the Login IP Range set on a profile can't access your Salesforce org.
What do the settings in a user's profile determine?
Whether she can see a particular app, tab, field or record type
How do you set object permissions?
With profiles or permission sets
What does the Login History provide?
You can review a list of successful and failed login attempts for the past six months
What does Field History Tracking do?
You can turn on auditing to automatically track changes in the values of individual fields. Although field-level auditing is available for all custom objects, only some standard objects allow it.
How do you use organization-wide defaults?
You use OWD settings to lock down your data to the most restrictice level, and then use other record-level security and sharing tools to selectively give access to other users
Manual Sharing
allows owners of particular records to share them with other users
What does the Setup Audit Trail provide?
logs when modifications are made to your organization's configuration
In terms of security, what does a user's profile determine?
the objects they can access and the things they can do with any object record (such as create, read, edit, or delete).
What happens If users are logged in when their login hours end?
they can continue to view their current page, but they can't take any further action.
When is a good example to use manual sharing?
when a recruiter going on vacation needs to temporarily assign ownership of a job application to someone else
What do the permissions in a users profile determine?
whether she can create or edit records of a given type, run reports, and customize the app
What are the four types of record-level access?
1) Org wide defaults (OWD) 2) Role hierarchies 3) Shring Rules 4) Manual Sharing
There are 4 levels of data access
1) Organization 2) Objects 3) Fields 4) Records
What are the four audit methods?
1) Record Modification Fields 2) Login History 3) Field Tracking History 4) Setup Audit Trail
At the org level, you can maintain (3)
1) list of authorized users, 2) set password policies, 3) and limit logins to certain hours and locations.
What happens when you set up Trusted IP Ranges
1) users shouldn't be able to log in if they're using an IP address that's outside your corporate firewall. 2) users with addresses outside that range can log in if they complete a challenge question, typically by entering an activation code sent to their phone or email.