Data Security Flashcards
The simplest way to control data access is to set permissions on a particular type of ____
Object
Determines the objects they can access and the things they can do with any object record
A users profiles
Grant additional permissions and access settings to a user.
Permission sets
____ settings determine which data the user can see, and _____ determine what the user can do with that data.
Profile, permissions
The____ in a user’s profile determine whether she can see a particular app, tab, field, or record type.
settings
The _____ in a user’s profile determine whether she can create or edit records of a given type, run reports, and customize the app.
permissions
The System Administrator profile also includes two special permissions
View all data and modify all data
The profiles functionality in an org depends on the _____ _____ type.
user license
The ____overview page provides an entry point for all of the settings and permissions for a single profile
profile
Salesforce has an ______ profile user interface that makes it easy to find and modify profile setting
enhanced
A ______set is a collection of settings and permissions that give users access to various tools and functions
permission
Using permission sets for two general purposes
- to grant access to custom objects or apps
2. grant permissions—temporarily or long term—to specific fields.
____-level security settings—or ____ permissions—control whether a user can see, edit, and delete the value for a particular field on an object
Field, Field
Which 4 ways can you control record level access?
Org wide
Role Hierarchies
Sharing rules
manual sharing
___-___ defaults specify the default level of access users have to each other’s records.
Org-wide defaults
___ ____ensure managers have access to the same records as their subordinates
Role hierarchies
____ rules are automatic exceptions to org-wide defaults for particular groups of users, to give them access to records they don’t own or can’t normally see.
Sharing
_____sharing lets record owners give read and edit permissions to users who might not have access to the record any other way.
Manual
A user’s baseline permissions on any object are determined by their _____
profile
Access to records a user does not own are set first by the ____-___ defaults.
org-wide
____permissions determine the baseline level of access for all the records in an object
Object
____-___ defaults can never grant users more access than they have through their object permission
Org-wide
Only the record owner, and users above that role in the hierarchy, can view, edit, and report on those records.
Private
All users can view and report on records, but only the owner, and users above that role in the hierarchy, can edit them.
Public Read/Write
A user can view, edit, or delete a record if she can perform that same action on the record it belongs to.
Controlled by Parent
Use org-wide defaults to specify the baseline level of access that the most ______user should have.
restricted
Setting an object to ____makes those records visible only to record owners and those above them in the role hierarchy
Private
Each sharing rule has three components.
Share which records?
With which users?
What kind of access?
A _____ group is an admin-defined grouping of users that can be used to simplify the creation of sharing rules. Each public group can be a combination of:
individual users
public
What types of access can be used in sharing rules?
Read-Only or Read/Write access.
