Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CathyG Security > Configurable Security Fundamentals > Flashcards

Configurable Security Fundamentals Flashcards

1
Q

Which report would you use to see which security policy the Print Pay slip task is secured to?

	a. View security for Securable Item 
	b. Security Analysis for Securable Item and Account
	c. Domain Security Policies for Functional Area
	d. Payment printing business process security policy

Chapter 1

A

View security for Securable Item

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or False? You can change which delivered items are in a given domain.

Chapter 1

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or False?

You can only send a business process approval step to security groups permitted for approvals in the business process security policy

Chapter 1

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How can you find which security groups are permitted to initiate a given business process? (e.g., Hire, Account Journal Event)

	a. Run the Functional Area Report
	b. View the business process definition initiation step.
	c. View the business process security policy - Who Can Start section
	d. All user, by default, can initiate a business process

Chapter 1

A

View the business process security policy - Who Can Start section

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False?

A domain security policy can inherit permissions from a parent domain or override parent permissions and have its own permissions.

Chapter 1

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

True or False?

If there are three delivered reports in a given domain, you can configure access so that a security group can only access one of the three reports.

Chapter 1

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which report would you use to see a hierarchical view of all the domain in a given functional area?

	a. Functionals Areas
	b. Maintain Functional Areas
	c. Domain Security Policies for Functional Area
	d. Business Process Security Policies for Functional Area

Chapter 1

A

Domain Security Policies for Functional Area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which security groups are Workday owned? (Select two correct answers)

	a. HR Administrator 
	b. IT Workers
	c. Employees as Self
	d. All Employees

Chapter 2

A

Employees as Self

All Employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

True or False?

Workday determines the tasks that employees can perform “as self” and they cannot be changed.

Chapter 2

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

True or False?

A Security Administrator can manually remove all security groups from a user’s Workday account.

Chapter 2

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which reports can be used to view the security access of a user? (Select two correct answers.)

A. View Security for Securable Item
B. View Security Groups for user
C. Security Analysis for Workday Account
D. Action Summary for Security Group

Chapter 2

A

View Security Groups for user

Security Analysis for Workday Account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

True or False?

Automatically-assigned security groups like All Users and All Employees typically provide access to public items that should be visible to everyone.

Chapter 2

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Ture or False?

The Activate Pending Security Policy Changes task activates all pending domain or business process policy changes in a tenant since last activation.

Chapter 3

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

True or False?

When you change the membership in security groups you must run the Activate Pending Security Policy Changes task.

Chapter 3

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The activate Previous Security Timestamp task initiates which type of change?

	a. Security group membership reverts to a prior point in time
	b. Security group definitions revert to a prior point in time
	c. Security policy permissions revert to a prior point in time

Chapter 3

A

Security policy permissions revert to a prior point in time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which domain allows users to edit domain and business process security policies?

	a. Security Configuration
	b. Security Activation
	c. Security Administration
	d. All Workday Accounts

Chapter 3

A

Security Configuration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which domain allows users to run the Activate Pending Security Policy Changes task?

	a. Security Configuration
	b. Security Activation
	c. Security Administration
	d. All Workday Accounts

Chapter 3

A

Security Activation

18
Q

True or False?

If a worker changes jobs, their user-based security group assignments will remain on their account unless manually removed.

Chapter 4

A

True

19
Q

True or False?

If you want to give a user access to run a task or report but only for certain target instances, you should use a user-based security group.

Chapter 4

A

False

20
Q

Which task allows you to configure domain security policy permissions for a security group without having to edit each policy individually?

	a. Domain Security Policies for Functional Area
	b. Edit Security Group
	c. Maintain Permissions for Security Group
	d. Assign Users to User-Based Security Group

Chapter 4

A

Maintain Permissions for Security Group

21
Q

Which report shows who is a member of user-based group and the permissions the security group has in the system?

	a. Assign User-Based Security Groups for Person
	b. Assign User-Based Security Group to Users
	c. Maintain Permission for Security Group
	d. View Security Group

Chapter 4

A

View Security Group

22
Q

When adding a security group to a security policy to give members access to secured items, what determines what target data a member sees when accessing the secured item?

	a. The security policy restrictions
	b. The secured item permission required
	c. The security group context type
	d. The functional area

Chapter 4

A

The security group context type

23
Q

Which report shows the roles assigned to a given worker?

	a. View Assignable Roles
	b. Role Assignments for Worker Position
	c. Roles for Organization and Subordinates
	d. Role Assignment permissions

Chapter 5

A

Role Assignments for Worker Position

24
Q

How does a worker become a member of a role-based security group?

	a. Based on the organization the worker is currently in.
	b. The worker must be manually added to the role-based security group.
	c. Based on the job profile the worker is currently in.
	d. Via a role assignment

Chapter 5

A

Via a role assignment

25
Q

When a worker changes jobs, how can you ensure that the role assignments are reviewed?

	a. Add the role assignments manually after the job change has occurred. 
	b. Add the Assign Roles for worker action step to the Change Job business process definition.
	c. Add the Assign Roles - Change Assignments action step to the Change Job business process definition.
	d. Role assignments will automatically follow the worker from one job to the next and must be reviewed after the
                fact

Chapter 5

A

Add the Assign Roles - Change Assignments action step to the Change Job business process definition.

26
Q

Which method of assigning roles does not involve a business process?

	a. From an organization's Related Actions, select Roles > Assign Roles.
	b. From a worker's Related Actions, select Assign Roles > Add/Remove.
	c. From a worker's Related Actions, select Assign Roles > Change Assignments.
	d. Using the assign Roles web service operation.

Chapter 5

A

From an organization’s Related Actions, select Roles > Assign Roles.

27
Q

True or False?

To remove a member from a role-based security group, you must remove the role assignment for the assignable role used in the group.

A

True

28
Q

Chapter 1 Summary - Configurable Security Framework p37

• Workday delivers the application grouped in functional areas, which bread down into domains and business process 
       types
• Delivered items, such as tasks, reports, and web services, are secured in either a domain or business process type. 
• WD determines what domain or business process type a given item is secured in.
• You control which users can access secured items by configuring security groups to the corresponding security policy.
• Security is configured to items, not to the data itself.
A
29
Q

Chapter 2 Summary - Workday-Assigned Access p48

* A user's WD account has many security groups associated with it.
* The user's access is a union across all the permissions granted by all the security groups on the account.
* Security groups can be automatically assigned by the system, can be manually assigned, or derived. 
* You can configure what domain or business process security policies any security group has permission to.
A
30
Q

Chapter 3 Summary - Security Configuration and Activation p60

• When a security group is added or removed from a security policy, the change is pending until the Activate Pending 
       Security Policy Changes task is run.
• Security policy change control allows you to keep your security policy changes in a pending state and allows you to 
      revert back to a previous version of your security configuration.
A
31
Q

Chapter 4 Summary - Tenanted Security Groups p 76

• Security groups can enforce constraints on what target data members see when access items.
• WD delivers many security group types.
• The security group type determines how members are identified and whether members will have target data 
       constraints when accessing items.
• User-based is a security group type where members are assigned manually and there is no target constraint enforced  on members when accessing items.  It is an unconstrained security group type. 
• You can create, edit, copy, delete, and inactivate tenanted security group definitions.
A
32
Q

Chapter 5 Summary - Role-Based Security p108

• Role-based constrained security groups are commonly used to grant your support and leadership staff access to 
      targets in assigned organizations.
• Membership in role-based security groups occurs via role assignments for the assignable role defined in the security 
      group.
• Access rights to subordinate organizations are dependent on the configuration of the role-based constrained security group. 
• It is important to maintain role assignments in your staffing transactions such as change job or termination.
A
33
Q

Chapter 6 Summary - Additional Security Group Types

• Location membership, organization membership, and job-based security groups are often used in other security 
      group types.
• Membership in these security groups is automatic when criteria is met. 
• Combination security group types like intersection, aggregation, and segment-based allow you to include one or 
       more security group for more complex requirements.
• Integration system security groups are specific to ISUs and service center security groups are specific to third party 
      users
• Level-based security groups identify and constrain by defined levels, not organizations.
A
34
Q

What does it mean when a security group is “constrained”, such as a role-based constrained security group or a job-based constrained security group?

a. Security group membership is limited
b. Workday product access is limited
c. Desktop versus mobile access is limited
d. Members’ target access is limited

A

Members’ target access is limited

35
Q

If you need a security group where members are those at a specific manage level (e.g., Vice presidents), what security group type automatically gives you the needed members based on the criterion of management level?

a. User-based
b. Segment-based
c. Role-based
d. Job-based

A

Job-based

36
Q

Which statements are true about user-based security groups?
(Select two correct answers)

a. User-based security groups follow the user
b. User-based security groups are assigned at the Workday account level
c. User-based security groups are assigned at the worker position or job level
d. User-based security groups are constrained

A

a. User-based security groups follow the user

b. User-based security groups are assigned at the Workday account level

37
Q

Which steps are required to configure rule-based security groups?
(Select three correct answers)

a. Create a custom organization
b. Identify baseline security group
c. Create a security rule
d. Create a rule-based security group
e. Create an assignable role

A

Create a rule-based security group
Identify baseline security group
Create an assignable role

38
Q

Organization Types

How do you create a new custom organization type?

A

Maintain Organization Types to configure a new organization type

39
Q

True or False

Custom Organization Rules to dynamically assign workers to the organization, the organization type must be configured wit the following settings:

Allow Reorganization Tasks must be set to Yes
Position Assignment Unique must be set to No

A

True

40
Q

True or False

Custom Organization Membership Rules

You can only use membership rules with custom organization type

A

True

41
Q

True or False

Custom Organization Membership Rules

You can use rules with Workday delivered organizations

A

False

42
Q

true or false

Use the Create Membership Rule task to configure the selection criteria by which workers will be evaluated. Membership rules can be based on a variety of criteria such as organizations and subtypes, job families, job profiles, management levels, and locations.

A

Ture

CathyG Security (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions