Configuration and Setup Flashcards
What is the benefit of entering trusted IP ranges in the Network Access section?
Users that login within the network will not be required to verify their identity
Which are the Levels of Data Access?
Organization
Objects
Fields
Records
Explain the Organization level of Data Access:
For your whole org, you can maintain a list of authorized users, set password policies, and limit logins to certain hours and locations.
Explain the Objects level of Data Access:
Access to object-level data is the simplest thing to control. By setting permissions on a particular type of object, you can prevent a group of users from creating, viewing, editing, or deleting any records of that object.
Explain the Fields level of Data Access:
You can restrict access to certain fields, even if a user has access to the object.
Records level of Data Access:
You can allow particular users to view an object, but then restrict the individual object records they’re allowed to see.
Which are the 4 ways you can manage record-level access?
Organization-wide defaults
Role hierarchies
Sharing rules
Manual sharing
Organization-wide defaults:
specify the default level of access users have to each others’ records. You use org-wide sharing settings to lock down your data to the most restrictive level, and then use the other record-level security and sharing tools to selectively give access to other users.
Role hierarchies:
give access for users higher in the hierarchy to all records owned by users below them in the hierarchy. Role hierarchies don’t have to match your organization chart exactly. Instead, each role in the hierarchy should represent a level of data access that a user or group of users needs.
Sharing rules:
are automatic exceptions to organization-wide defaults for particular groups of users, so they can get to records they don’t own or can’t normally see. Sharing rules, like role hierarchies, are only used to give additional users access to records. They can’t be stricter than your organization-wide default settings.
Manual sharing:
allows owners of particular records to share them with other users. Manual sharing isn’t automated like org-wide sharing settings, role hierarchies, or sharing rules.
What can an Audit System Use do?
Record Modification Fields
Login History
Field History Tracking
Setup Audit Trail
What Features Does Salesforce Identity Provide?
Single sign-on
Connected apps
Social sign-on
Multi-factor authentication
My Domain
Centralized user account management
User provisioning
App Launcher
What is Single Sign-On?
Single sign-on (SSO) lets users access all authorized resources without logging in separately to each one—and without having to create (and remember) different user credentials for each app.
What is Social Sign-On?
With social sign-on, users log in to a Salesforce org with their username and password from an external authentication provider, like Facebook, Twitter, LinkedIn, or Google.