Configuration and Setup Flashcards

1
Q

What is the benefit of entering trusted IP ranges in the Network Access section?

A

Users that login within the network will not be required to verify their identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which are the Levels of Data Access?

A

Organization
Objects
Fields
Records

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain the Organization level of Data Access:

A

For your whole org, you can maintain a list of authorized users, set password policies, and limit logins to certain hours and locations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain the Objects level of Data Access:

A

Access to object-level data is the simplest thing to control. By setting permissions on a particular type of object, you can prevent a group of users from creating, viewing, editing, or deleting any records of that object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain the Fields level of Data Access:

A

You can restrict access to certain fields, even if a user has access to the object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Records level of Data Access:

A

You can allow particular users to view an object, but then restrict the individual object records they’re allowed to see.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which are the 4 ways you can manage record-level access?

A

Organization-wide defaults
Role hierarchies
Sharing rules
Manual sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Organization-wide defaults:

A

specify the default level of access users have to each others’ records. You use org-wide sharing settings to lock down your data to the most restrictive level, and then use the other record-level security and sharing tools to selectively give access to other users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Role hierarchies:

A

give access for users higher in the hierarchy to all records owned by users below them in the hierarchy. Role hierarchies don’t have to match your organization chart exactly. Instead, each role in the hierarchy should represent a level of data access that a user or group of users needs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Sharing rules:

A

are automatic exceptions to organization-wide defaults for particular groups of users, so they can get to records they don’t own or can’t normally see. Sharing rules, like role hierarchies, are only used to give additional users access to records. They can’t be stricter than your organization-wide default settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Manual sharing:

A

allows owners of particular records to share them with other users. Manual sharing isn’t automated like org-wide sharing settings, role hierarchies, or sharing rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What can an Audit System Use do?

A

Record Modification Fields
Login History
Field History Tracking
Setup Audit Trail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What Features Does Salesforce Identity Provide?

A

Single sign-on
Connected apps
Social sign-on
Multi-factor authentication
My Domain
Centralized user account management
User provisioning
App Launcher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Single Sign-On?

A

Single sign-on (SSO) lets users access all authorized resources without logging in separately to each one—and without having to create (and remember) different user credentials for each app.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Social Sign-On?

A

With social sign-on, users log in to a Salesforce org with their username and password from an external authentication provider, like Facebook, Twitter, LinkedIn, or Google.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is Connected Apps?

A

Connected apps bring Salesforce orgs, third-party apps, and services together. If a connected app is created without implementing SSO, it acts like a bookmark. Users can get to the app from the App Launcher or dropdown app menu, but they sometimes have to sign in again to use it.

So to get the most out of connected apps, configure them for SSO. With SSO, admins can set security policies and have explicit control over who uses which apps. You can also use connected apps to manage authentication and policies for mobile applications.

17
Q

What is Multi-Factor Authentication?

A

Multi-factor authentication (MFA) is a Salesforce Identity feature that is required for all users who log in directly to Salesforce.

18
Q

What is My Domain Identity feature?

A

You can customize your Salesforce URL to include your company or brand name.

19
Q

Salesforce requires you to have a My Domain in place to:

A

-Work in multiple Salesforce orgs in the same browser
-Set up single sign-on (SSO) with external identity vendors
-Set up authentication providers, such as Google and Facebook, so that your users can log in to your Salesforce org with their social account credentials

20
Q

Which are 3 Identity Standards and Protocols Salesforce uses?

A

SAML
OAuth 2.0
OpenID Connect

21
Q

What is SAML Protocol?

A

When you want users to move seamlessly between Salesforce orgs and applications without logging in repeatedly, you set up single sign-on (SSO).

22
Q

Which protocol makes the SAML work?

A

Security Assertion Markup Language (SAML)

23
Q

What is SAML and XML?

A

SAML is an XML-based protocol, which means that the packages of information being exchanged are written in XML. XML is supposed to be (almost) human-readable so that you can get some idea of what’s going on.

24
Q

What is OAuth 2.0 Protocol?

A

OAuth (Open Authorization) 2.0 is an open protocol used to allow secure data sharing between applications. The user works in one app but sees the data from another. For example, you’re logged in to your Salesforce mobile app and see your data from your Salesforce org.

25
Q

What is OpenID Connect Protocol?

A

The OpenID Connect protocol adds an authentication layer on top of OAuth 2.0 to enable secure exchange of user information. Like SAML, OpenID Connect sends identity information from one service to another. Unlike SAML, OpenID Connect is built for today’s world of social networks.

26
Q

What is the the advantage of the OpenID Connect protocol for users

A

they can reduce the number of separate accounts, usernames, and passwords.

27
Q

What is the difference between Service Providers and Identity Providers?

A

In the process of authenticating users, SAML exchanges identity information between the holder of the information, called an identity provider (IdP), and the desired service, called a service provider.

In the case where a user logs in to Salesforce and then accesses Gmail, Salesforce is the identity provider, and Google is the service provider.

28
Q

Can you delete an user?

A

No, you can only freeze and deactivate them.

29
Q

Steps to Restrict Login Hours on a Profile:

A

–Setup.
–Profiles.
–Click on the desired profile
–Login Hours click Edit
–set up the schedule

30
Q

Steps to restrict the Login IP Range on a Profile

A

–Setup.
–Profiles.
–Click on the desired profile
–Under Login IP Ranges
–New

31
Q

Steps to set Log in as Any User:

A

–Setup
–Login Access Policies
–Select the Enabled checkbox next to Administrators Can Log in as Any User.
–Save.

32
Q

Field history tracking data is available for how many months?

A

18

33
Q

Password Policies can be applied to which 2 levels of security?

A

Organization
Profile

34
Q

T/F
Profile Password settings override the Org-Wide password policies for the specific user

A

True

35
Q
A