Configuration and Setup III Flashcards
The place where every salesforce end users personal settings are established
User Record
All users must have a “___”, which determines their access to objects in addition to what privileges they have.
Profile
T/F
Users are permanent records that cannot be deleted
True
Since Users cannot be deleted, what are the two options to removing a user from access to their account
Deactivate, Freeze
This license determines the level of access to the org and what profile can be selected for a particular user.
User License
This license, such as Salesforce CRM Content User, provides access to additional features not included with the user license.
Feature License
These 5 steps are part of what creation
User Details User license role feature license profile localization
User setup
To complete the user setup process, the following 3 steps need to be done:
account verification
password
security question
T/F
For account verification links An email will be sent to the new user that contains the account verification link. By default, the link will expire after 7 days. The user will then be prompted to change their password
True
To add multiple users where do you go to click the ‘Add Multiple Users’ button (up to 10 at a time)
Manage User
Ho can users be created in batch
Data Loader
Localization on the user record, not to be confused with locale settings. Creates these 4 settings
Locale
Time and date
Language
Currency
This page provides information on past login attempts to the org
Login history page
MAXIMUM RECORD SIZE for login history is
20,000 attempts over 6 months
How can users self reset
By clicking the forgot password link on the login page
Self deactivation is mainly for these two types of users
External and chatter users
Manage users assign profiles reset/unlock MANAGE PERMISSION SETS PUBLIC GROUPS MANAGE CUSTOM OBJECTS
Are all things that “___” administrators can manage
Delegated Administrators
What are they two types of secondary mobile authentication
SMS, Salesforce Authenticator
What are the 4 levels of security
Org
Object
Object Record
Field Record
●Profiles
●Permission Sets
Are set on what level of security
Object
●Login Hours
●IP Restrictions
●Password Policies
Are set on what level of security
Organization
●Org-Wide Defaults ●Role Hierarchy ●Sharing ●Teams Are set on what level of security
Object Record Level
●Field-Level Security
●Page Layouts
Are set on what level of security
Fields on a Record
The “______” history helps to track the recent setup changes that administrators have made to the org. If there are multiple administrators in the org, this is of great help in keeping a record of the changes. It is located in Setup
setup audit trail
This type of Setup audit trail are Administration-related changes that are tracked include changes to Company Information, default settings like language or locale, users, portal users, roles, permission sets, profiles, etc
Tracked Changes
This type of Setup audit trail are Any changes related to customization are tracked. These include changes to workflow rules, approval processes, flows, page layouts, custom apps, custom objects, custom fields, field-level security, validation rules, etc.
Customization Changes
These changes are Changes to public groups, sharing rules, and organization-wide sharing settings, including the ‘Grant Access Using Hierarchies’ option, are tracked.
GROUPS & SHARING changes
Changes related to “____” that are tracked include use of the Data Import Wizard, exporting data, mass transfer or deletion of records, etc
data management
These changes the affect the connected app’sPIN length, inactivity timeout, email relay and or record filters.
EMAIL DELIVERABILITY AND DELIVERY changes
This can be used to track when users create, change, or delete a custom Lightning component.
Audit Trail
T/F
Admins can set up password restrictionsand lockout policies different from the Salesforce defaults. Those are applied to all users or changed by profile.
True
Password Policies can be set at either of these two levels
organization or profile level
T/F
Profile Password Policies settings do not override the Organization-Wide Password Policies for that profile’s users.
False
T/F
If Password Policies are not set for a profile, the organization-wide Password Policies apply
True
T/F
Changes to the organization-wide password policies do not affect profile-specific password policies which may be different.
True
T/F
Passwords can expire for all users from Security | Expire All Passwords, even for those with the ‘Password Never Expires’ permission.
False (except for those with the ‘Password Never Expires’ permission)
How many days until the default password expiration time expires
90 days
T/F
Users can also use a U2F security key for multi-factor authentication
True
This authentication allows affiliated but unrelated web services to share authentication data.❖It is automatically enabled for an org.
FEDERATED AUTHENTICATION
This allows users in the org to login to Salesforce and other applications using single user credentials with an external identity provider.
Single Sign on
This authentication allows the usage of a preferred authentication provider.❖It uses a stronger form of user authentication and makes the login page private and accessible only behind a corporate firewall.❖Setting is enabled in Setup > Single Sign-On Settings by first disabling login with Salesforce credentials.
DELEGATED AUTHENTICATION
Session security settings can be modified on the “___” , which will override org-wide settings.
user profile
A list of trusted IP addresses can be defined at the organization level by navigating to “______” in Setup.
‘Network Access’
If users try to login from outside the trusted IP range, they are sent an “______” . Once the code is entered, they can access Salesforce.
activation code
To restrict when users can log in, login hours can be set at the “____” but not at the organization level
profile level
This allows Salesforce Administrators to monitor login behavior and keep a Salesforce org secure. It provides critical login information
Login Forensics
Login Forensics can be enabled in the “_____” page in Setup
‘Event Manager
This helps in identifying and fixing potential vulnerabilities in key areas of the security settings.
Security Health Check
This is a feature that allows the creation of a subdomain for the company’s Salesforce org. It is required in order to activate other Salesforce features.
It allows highlighting the brand of the company and making the org more secure.
It helps in better management of login and authentication of the org.
My Domain
T/F
My domain does not replace the instance URL assigned by Salesforce
Fales, it does replace the salesforce url
This enable the use of the company’s unique My Domain name on all URLs across the org, including Experience Cloud sites, Salesforce sites, etc.
Enhanced Domains
This determine which objects a user can access and what actions they can take on those objects.
Profiles
This tab setting Means the tab for the object will be in the navigation bar if it is part of the ‘App’ selected.
Default ON
This tab setting Means that it is available for the user to add by customizing tabs
Default OFF
This Tab setting Means the tab will not be visible for the object.
Tab Hidden
"\_\_\_\_"access determines what a user can do with records of a particular object. Things like Create Read Edit Delete
Record level access
This type of Default determines access to other users’ data for records they do NOT own.
Organization-Wide Defaults
These rules open up record access to users when the OWD settings are set to anything more restrictive than Public Read/Write
Sharing rules
Individual records can be manually shared using the “_____” button
‘Sharing’
The Access to specific fields
Field Access
This controls visibility to data within records at the field level. It does not prevent searching on the values in a field.
Field level security
T/F
The role hierarchy grants access to records to users that have a role above the record owner in the role hierarchy.
True
T/F
Users whose roles are above in the hierarchy do not have access to records of users whose roles are below them in the hierarchy.
False
T/F
The role hierarchy is not an organization hierarchy. It should be thought of as a data access hierarchy.
True
T/F
Role hierarchy is a way that access to records can be controlled based on a user’s role.
True
Roles are accessed via “____” > Roles
Manage Users
This group can be enabled on the ‘Sharing Settings’ page. It is based on the Manager field on the user detail page. Once enabled, users can share records with their managers or manager subordinate groups. It allow users to share records up or down their management chain.
Manager group
Manager Group Sharing is enabled in
Sharing settings
These rules allow record access to be:
EXTEND ACCESS
ACROSS ROLE HIERARCHY
ACROSS TERRITORY HIERARCHY
Sharing Rules
T/F
A profile determines at the base level what can be done with the records of a certain object, while a sharing rule opens up access to the records of the object
True
to share records with other users on a one-off basis use
Manual Sharing
The “___” action can be used in Lightning Experience to share a specific record.
‘Sharing’
The “___” Hierarchy’ button can be used to determine why a user has access to a record. It is available for accounts, opportunities, cases, contacts, leads, and customobjects.
‘Sharing
“____” are used for Sharing Rules, Folder access, Sharing Records, and adding Users to a Content Library. Only Administrators can create them.
Public Groups
“___” profiles (permissions) are assigned to users. These cannot be edited but can be cloned. Profiles include two types of settings, APP SETTINGS AND SYSTEM SETTING
Standard Profiles
These settings define which apps are available to users with a particular profile, permissions specific to apps, access to pages, and objectpermissions.
App Settings
“___” profiles are created when a profile needs to be fully customized and a standard profile does not meet the requirements.
Custom Profiles
“_____“are used to expand user privileges beyond what their profile allows.
permission sets
Instead of assigning multiple permission sets to a user, a “_______” can be created which groups permission sets togethe rand then assigned to the user.
Permission Set Group
