Week 1: Security & Access
What determines whether or not a user can login without completing a security challenge?
If their IP is within the company's trusted ip ranges.
Julie the administrator wants to make the org more secure with network-based security. When should she use network-based security? Choose 2. 1. When she wants to limit when people can login 2. When she wants to limit where people can login 3. When she wants to limit who can login 4. When she wants to limit access based on specific user licenses
1 & 2
The administrator is told that users with the Sales profile should no longer have access to several fields on a custom object. The administrator employs field level security for these fields. What is true regarding field level security? Choose 2. 1. Fields can be set to read-only by profile 2. If a field is hidden using field level security, it does not appear in page layouts, search results, related lists and list views, but it does appear in reports. 3. If a field is hidden using field level security, it does not appear in page layouts, search results, related lists, list views, or reports. 4. If a field is set to be read-only using field level security for a user's profile but the user has edit access to the object, the user is able to update the field.
1 & 3
The description field on the Account object should be read only for users that are assigned to specific profiles. How can this be achieved? Choose 2. 1. Modify the permission sets assigned to those users. 2. Modify the page layout assigned to the profiles of the users. 3. Set field level security for the user profiles. 4. Assign the users a read only profile.
2 & 3
If a user is assigned a profile that has read object access to accounts, what records will the user be able to see? Choose 2. 1. All account records. 2. Depends on the sharing model. 3. Only records owned by the user. 4. Depends on the user's role.
2 & 4
Dan works for RPI Pharmaceuticals, which uses a Requisition Form custom object to order supplies. Employees create order records. The supply manager then manages the orders, and needs to maintain fields that the employees do not need to see as they are related to order administration. Assuming that Field Level Security is not changed, which configuration should Dan use?
2 page layouts.
Matthew Solutions LLC wants Contacts to be read only for their distribution team, how can they accomplish this? Choose 2. 1. Permission sets to restrict write access. 2. Create a new profile for them. 3. Modify the page layout assigned to the profiles of the users. 4. Set field level security for the user profiles.
3 & 4
In a private sharing model, how can users at the same level of the role hierarchy have access to each other's data?
A sharing group can be set up to grant access.
All users have the Standard User profile assigned. You would now like all users to be able to read, create, and edit contacts but only allow managers to delete contacts. What is the best way to handle this?
Clone the standard profile, remove delete permission on contacts, create a permission set that includes permission to delete contacts, and assign the permission set to managers.
Developers have proposed a recruiting application that covers job vacancies and respective applications. The business wants to display the number of applications of every job vacancy without inheriting the security of the parent record (job vacancy). What should the developer do?
Create a lookup relationship between the 2 objects.
Bob and Patrick are sales users and share the same custom sales profile. The sales profile allows create and edit of contacts but not delete. The sales manager would like Patrick to be able to create and edit contact records, however Bob should also be able to delete contacts. How can this be configured?
Create a permission set and assign it to the users accordingly.
Matthew Solutions LLC has two users, Bob and Susan, which share the same Support profile. The support profile allows for the editing and creation of records, but cannot delete it. Susan is a senior support technician and senior staff should be able to delete records as well. How can this be accomplished?
Create a permission set for Susan.
Michelle wants to open up sharing for a group of records. The 'Deliveries' custom object has Organization-Wide Sharing set to Private and 'Grant Access Using Hierarchies' deselected. Only a certain set of managers with different roles should have visibility to all Delivery records. No other user should have access to these records that they do not have access to already. How can this be achieved?
Create a sharing rule for the Deliveries Object to share the records with a public group containing the Managers that should have access.
A sales manager has requested the administrator to monitor some of the important fields on opportunities that are getting changed by multiple teams from time to time during the sales life cycle. Which security option can the administrator choose to achieve this?
Enable field history tracking for the opportunity object.
True or False: Field History Tracking can track changes to text fields with a size greater than 255 characters.
False
True or False: If a user is logged in when their specified login hours end, they will be able to save their work when finished.
False
ArunTech is excited to begin a new internship program, but want to make sure interns cannot access the org outside of the company HQ, how can you accomplish this?
Login IPs can be set on a profile to ensure they cannot login when not within that range.
What are the levels of security within Salesforce?
Org, object, record, and field.
What makes up field level security?
Page layouts, record types, permission sets, profiles, and custom UI.
What makes up object level security?
Profiles and permission sets.
When using sharing rules, what users can records be shared with?
Public groups, roles, and subordinates.
JessiCorp wants to customize a page layout for a custom object they created. The custom field called Referral Code isn't needed for this page layout but it cannot be removed, what could be the cause?
The field was set as required on the object, and therefore must be on every page layout.
A user has reported that they do not have visibility to the Contacts tab. What would you check?
The profile assigned to the user.
The JessiCorp CEO hasn't been able to log in, and when you check their login history you see nothing, what does this most likely mean?
They are using an incorrect username.
What makes up org level security?
User, login IP, login hour, and trusted IP
