Salesforce Security and Access

Ace your homework & exams now with Quizwiz!

Based on the Salesforce Baseline Standard, what are the grades in relation to score %?

90% and above = Excellent 80%-89% = Very Good 70%-79% = Good 55%-69% = Poor 54% and below = Very Poor

A salesforce administrator wants to insert records using Data Loader, but he does not have access to his email where the security token has been sent. How can he proceed?

Add the IP address to the trusted IP ranges

Sia is helping Jobelle on an opportunity and needs to view and update the details of the account, account contacts, and the opportunity record. The sharing setting on accounts and opportunities is set to Private. How should the Salesforce Administrator meet this requirement?

Ask Jobelle to add Sia to the Account Team

2 senior marketing users need to be able to delete contracts

Assign the marketing user profile, and create a permission set to grant them access to the 'Delete' permission

The admin needs to provide access to a group of external users but would like to ensure that they have read-only access to all the major standard objects. What is the best way to accomplish this?

Clone the standard 'Read-only' profile and assign it to the external users

How do you restrict access to Salesforce from other locations?

Define Login IP Ranges for all profiles

what are organization-wide sharing defaults?

Internal organization-wide sharing defaults set the baseline access for your internal users for your records. You can set the defaults separately for different objects.

How can an administrator ensure the security of the data sent to and returned from their Salesforce community site?

Require secure connections for the community site to redirect traffic from HTTP to HTTPS

Different sales teams should not have access or visibility to Price Books of other teams when adding them to opportunities. How can this be configured?

Ser the organization-wide default sharing setting for Price Book to 'No Access' and add sharing to grant access to users that should have visibility to each Price Book.

A user does not see a field they need. What would the Administrator check first?

The contact page layout displayed for the profile assigned to the user. Page layouts determine which fields are visible. Field level security determine which fields are visible on a page layout however it is configured at the profile level, not the user level.

A user can't see a tab. What do you check first?

The profile assigned to the user. Profiles determine what users can see and what they can do in an application.

What can be included in a public group?

a combination of users, roles, users assigned to specific territories , other public groups and roles, and subordinates in the hierarchy. Profiles and permission sets cannot be included in a public group definition.

What can be stored in folders?

reports, dashboards, files, and email templates

What can profiles be used for?

to define how users access objects and data, and what they can do within the application.

what are sharing rules used for?

to extend sharing access to users in public groups, roles, or territories. Sharing rules give particular users greater access by making automatic exceptions to your org-wide sharing settings.

What is true regarding using subfolders to organize reports and dashboards in Lightning Experience?

-A hierarchy of subfolders can be created to represent a logical structure -Folder sharing is at the root level, not subfolder level -Subfolders can be created in user created folders, but no in the Public or Private folder. -Folders can be renames or deleted (if the folder doesn't contain any reports or dashboards)

If a Sales manager wants to add a Powerpoint file to a new Content Library but not make it visible to other sales users until a later time, what should the Sales Manager do?

-Add the file to the library but not add any library members -users/groups can be added later. permissions must be added at the same time.

What is the most appropriate way to grant a user partial administrative rights?

-Assign the user to a delegated group that has selected user administration permission -Can only be done by the organizations system administrator

What info can login forensics provide?

-Average number of logins per user in a specified time period -who logged in more than the average number of times -who logged in during non-business hours -who logged in using suspicious IP ranges

What are the Org-Wide default access settings for custom objects and most standard objects?

-Controlled by parent: A user can perform an action (such as view, edit, or delete) on a contact or order based on whether he or she can perform that same action on the record associated with it. -Private: Only the record owner, and users above that role in the hierarchy, can view, edit, and report on those records. -Public Read only: All users can view and report on records but not edit them. Only the owner, and users above that role in the hierarchy, can edit those records. -Public Read/Write: All users can view, edit, and report on all records. -Public Read/Write/Transfer: All users can view, edit, transfer, and report on all records. Only available for cases or leads. -Public Full Access: All users can view, edit, transfer, delete, and report on all records. Only available for campaigns.

How do you restrict a field on an object to read-only for specific profiles?

-Modify the page layout assigned to the profiles of the users -Set field-level security for the users' profiles

What are the User access levels?

-Private: All users have read access to their own user record and those below them in the role hierarchy. -Public Read only: All users have read access on one another. You can see all users' detail pages. You can also see all users in lookups, list views, ownership changes, user operations, and search.

What are the Activity access levels?

-Private: Only the activity owner, and users above the activity owner in the role hierarchy, can edit and delete the activity; users with read access to the record to which the activity is associated can view and report on the activity. -Controlled by Parent: A user can perform an action (such as view, edit, transfer, and delete) on an activity based on whether he or she can perform that same action on the records associated with the activity.

A user would like that when he clicks on the 'New' button on the accounts page, the 'Prospect' record type is selected automatically for creating the account record. What can be used to enable this?

-Record type preferences in User settings -Default record type settings in the user's profile

What are the types of record-level sharing?

-Roles -Sharing Rules -Organization-wide defaults

What is true regarding the Security Health Check?

-Settings are grouped into High Risk, Medium Risk, Low Risk, and Informational -A higher score indicates more values are at a lower risk setting and closer to the standard. -The Health Check score is a measure of how the settings in Session Settings, Password Policies and Network Access Settings meet the Salesforce baseline standard values.

Which features can a Salesforce Administrator use to control record sharing?

-Sharing Rules -Role Hierarchy -Organization Wide Default Settings

What are the Price Book access levels?

-Use: All users can view price books and add them to opportunities. Users can add any product within that price book to an opportunity. -View only: All users can view and report on price books but only users with the "Edit" permission on opportunities or users that have been manually granted use access to the price book can add them to opportunities. -No Access: Users can't see price books or add them to opportunities.

What does a Salesforce Administrator need to consider before enabling the My Domain feature?

-Visualforce page URLs will change -After the new domain has been deployed, it cannot be reversed

When should network-based security be used?

-When you want to make it difficult to use stolen credentials. -When you want to limit when people can login -When you want to limit where people can login

What are the benefits of delegated authentication SSO?

-configured at the permission level, sot it can be turned on or off for individual users -allows the login page to be inside a corporate firewall

What is true regarding the sharing of Reports and Dashboards?

-for a user to view a report or dashboard, the folder needs to be shared with the user -Folders that contain the reports are shared, but not the report or dashboard itself -The Folder Manager can set permissions for Users, Public Groups, and Roles

How to restrict access to an application and tabs created for it?

-remove the object-level and field-level access for the objects in the application, from the users you want restricted -uncheck the 'visible' checkbox for the application in the appropriate profiles

A user cant view the information on the Health Check page. What could be the problem?

-the user must have permission for the 'View Setup and Configuration' and 'View Health Check' permissions. Enabling 'View Health Check' automatically enables 'View Setup and Configuration'.


Related study sets

Ch 8: Care of the Older Adult PrepU

View Set

California Real Estate Chapter 14

View Set

MHR 300: Chapter 5: Motivating Behavior

View Set

Uworld - P/S - Sensation, Perception, & Consciousness

View Set

Parts of A Sentence: Clauses, Phrases and Sentences

View Set

California Hunter Safety - Unit 9 Quiz

View Set