E10 - Database Security (WBT) Flashcards

1
Q

True or false: Eloqua allows you to manage security settings at the database level for the whole organization.

A

true

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

When are security settings configured?

A

At the time of Eloqua installation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How do you access security settings?

A

Settings: Setup: Administration: Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What should you do before modifying security settings?

A

Consult Eloqua

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are your options for password requirements?

A

Use a pre-built password policy or create a new one.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the default security complexity setting?

A

Eloqua Security Complexity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Can you change Password complexity settings if you are using the Eloqua Security Complexity setting?

A

No.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When using Eloqua Security Complexity setting, the password values are _____ and hidden from view.

A

hard-coded

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When using Eloqua Security Complexity setting, the password values are hard-coded and ____.

A

hidden from view

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the difference between Eloqua Security Complexity and Windows Security Complexity?

A

Windows Security Complexity is stricter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If changes are required to Eloqua Security Complexity or Windows Security Complexity, what must you use?

A

Custom Security Complexity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When are the settings active under the Password complexity settings section?

A

Only if you have chosen Custom security complexity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What determines the password expiration timeframe?

A

User passwords expire in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the maximum and minimum values for password expiration?

A

365 days and 0 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the value for password expiration in Eloqua security complexity?

A

120 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the value for password expiration in Windows security complexity?

A

42 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the value for password expiration in Custom security complexity?

A

120 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

If you set the value for password expiration to zero, what does this mean?

A

The password will never expire.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What setting determines how long a user must wait before reusing a previous password?

A

Number of days in which a password cannot be reused.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The value in the “Number of days in which a password cannot be reused” is also driven by the setting in the ___ field.

A

Enforce password history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is the value for Number of days in which a password cannot be reused in the Eloqua security complexity?

A

0 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is the value for Number of days in which a password cannot be reused in the Windows security complexity?

A

2 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the value for Number of days in which a password cannot be reused in the Custom security complexity?

A

0 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What setting determines the number of unique new passwords that must be associated with a user account before an old password can be reused?

A

Enforce password history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

To maintain the effectiveness of the password history, what should you do?

A

Do not allow passwords to be changed right after they were changed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

How do you prevent passwords from being changed after they were just changed?

A

By setting the Number of days in which a password cannot be reused security policy setting to 1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What setting determines the minimum characters in the password?

A

Minimum password length.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the minimum value for password length?

A

5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is the minimum password length for Eloqua security complexity?

A

6 characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is the minimum password length for Windows security complexity?

A

8 characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is the minimum password length for Custom security complexity?

A

5 characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

True or false: “Require at least one uppercase character” is enabled for all complexity levels.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

True or false: “Require at least one lowercase character” is enabled for all complexity levels.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

“Require at least one digit” is enabled for which complexity levels?

A

All

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

True or false: “Require at least one punctuation character” is enabled by default for all complexity levels.

A

False. It is disabled by default for all complexity levels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

“Password cannot contain more than 2 characters from the user name” - enabled or disabled for Eloqua security complexity?

A

Disabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

“Password cannot contain more than 2 characters from the user name” - enabled or disabled for Windows security complexity?

A

Enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

“Password cannot contain more than 2 characters from the user name” - enabled or disabled for Custom security complexity?

A

Enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

“Password cannot contain user’s account name” - enabled or disabled for Eloqua security complexity?

A

Disabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

“Password cannot contain user’s account name” - enabled or disabled for Windows security complexity?

A

Enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

“Password cannot contain user’s account name” - enabled or disabled for Custom security complexity?

A

Enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

“Require the first character to be alphanumeric” mandates that the first character of a user’s password must be ____ and cannot be a ___

A

alphanumeric and cannot be a special or Unicode character.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

True or false: “Require the first character to be alphanumeric” is enabled for all complexity levels.

A

False - it is disabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

True or false: “Require the first character to be alphanumeric” is disabled by default for all complexity levels.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

True or false: Eloqua offers a “Restrict login by IP address” option.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

True or false: Eloqua provides you with options for configuring “Restrict Login By IP”

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What are the three options for configuring “Restrict Login by IP Address”?

A

By IP Range, Specific IP Block, By Network Mask.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What kind of environments would you be most likely to restrict login by IP address to a specific IP block?

A

Where IP addresses are not dynamically assigned.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

How do you enter the “By Network Mask” option?

A

Enter the beginning IP address of the IP range you wish to add, followed by the network mask in slash notation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Use the ____ section to define the timeframe and number of attempts after which a user must have their password reset.

A

Account Lockout Policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

The Account Lockout Policy contains settings for: ____, Lockout effective period, Reset invalid login count after…

A

Maximum invalid login attempts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

The default value for Maximum invalid login attempts is:

A

10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

The default value for Lockout effective period is

A

5 minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

If you set Lockout effective period to 0, what happens?

A

Account will be locked until an admin manually unlocks it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

The __ setting determines the number of minutes that must pass before the lockout threshold is reset.

A

Reset invalid login count after…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

If Reset invalid login count after… is set to zero, what happens?

A

An admin must manually reset the account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

The Account Lockout Policy contains settings for: Maximum invalid login attempts, _____, Reset invalid login count after…

A

Lockout effective period

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

The Account Lockout Policy contains settings for: Maximum invalid login attempts, Lockout effective period, ______

A

Reset invalid login count after…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

______ determines the duration after which a current session will expire in case of abandonment.

A

Session timeout value in minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

The ____ includes Session Timeout value and Forgotten password reset time

A

Session Timeout Policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What is the default Session Timeout value?

A

120 minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

The ___ determines the duration after which a user can get a new Forgot Password email.

A

Forgot password reset time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

The default value for the Forgot password reset time in minutes is…

A

720 minutes (12 hours)

64
Q

___ allows users to log into one product to access all their services.

A

SSO - Single Sign-on

65
Q

Benefits of SSO: (1) ____ (2) productivity (3) easy policy implementation (4) reduced admin overhead

A

security

66
Q

Benefits of SSO: (1) security (2) ____ (3) easy policy implementation (4) reduced admin overhead

A

productivity

67
Q

Benefits of SSO: (1) security (2) productivity (3) ____ (4) reduced admin overhead

A

easy policy implementation

68
Q

Benefits of SSO: (1) security (2) productivity (3) easy policy implementation (4) ____

A

reduced admin overhead

69
Q

Why does SSO provide additional security?

A

Users will create a stronger password

70
Q

3 steps to configuring SSO, in short

A

(1) Upload Metadata (2) Map the usernames (3) Download the Certificate

71
Q

To access the SSO configuration page

A

Settings: Setup: Administration: Users

72
Q

To upload Identity Provider Metadata

A

Single Sign-On down arrow: Identify Provider Settings

73
Q

Where do you find the ACS and the Service Provider Entity URL?

A

On the Identity Provider Details page.

74
Q

You will need the ACS and the Service Provider Entity URL when you…

A

Configure the SSO product

75
Q

To map the usernames…

A

Identity Provider Details screen: Edit

76
Q

What should you type in the “The name of the attribute that contains the user identity” field?

A

email

77
Q

In mapping the usernames, under ____, select “The user identity is located in an assertion attribute value”

A

User Identity Location

78
Q

Where do you download the certificate?

A

Single Sign-On down arrow: Certificate Setup

79
Q

When you download the certificate, you should save it…

A

locally.

80
Q

When a contact is uploaded to Eloqua, who has access to the contact?

A

All users.

81
Q

3 examples of needing to control user access to contacts:

A

(1) Restricting access by business division or geography (3) Restricted access for Sales (4) Sharing access by business division or geography

82
Q

__ indicate how you separate access to contacts

A

Categories

83
Q

To restrict access based on Business Division and Geography, create what categories?

A

Business Division and Geography

84
Q

Labels reside inside ___

A

categories

85
Q

__ indicate the subdivisions under each category.

A

Labels

86
Q

An example of labels is to create APAC, EMEA, and AMER labels under the _____

A

Region category.

87
Q

The second step in Contact Security is to create __

A

security groups

88
Q

You need to create ____ corresponding to each label to define the users that will have access to various contacts.

A

security groups

89
Q

The third step in Contact Security is to map ____ to __

A

map security groups to labels

90
Q

The fourth step in Contact Security is to assign ___ to __

A

assign labels to contacts.

91
Q

To assign labels to contacts, you need to create a ___ that will evaluate the information in the Contact Records and assign a label.

A

program

92
Q

If no label is assigned to a Contact Record, what happens?

A

The record will be available to all users.

93
Q

What happens if a user is in multiple access security groups?

A

Then the user will be able to see all contacts for each security group.

94
Q

What is recommended when configuring contact security?

A

Work with an Eloqua representative

95
Q

where to find categories and labels?

A

Settings: Setup: Administration: Users: Contact Security down arrow: Manage Labels

96
Q

The __ page is where you define categories and labels

A

Manage Labels

97
Q

3 options to create security groups

A

(1) new (2) copy and repurpose (3) use out-of-the-box

98
Q

The _____ security group does not have any actions or interface permissions.

A

standard Everyone

99
Q

The ____ security group is strictly used for determining a user’s __

A

contact access - not feature or function access.

100
Q

True or false: You create a name and an acronym for security groups.

A

True.

101
Q

The last step in creating security groups is…

A

add users to each security group.

102
Q

Where do you assign labels?

A

Contact Security drop-down: Assign Labels

103
Q

The program to examine Contact Records and assign labels is created using the _____ or _____ model.

A

shared or unique model

104
Q

In the program to assign labels, what type of action should you choose for “Remove Labels”?

A

Ownership

105
Q

7 types of actions under Program Builder are (1) ___ (2) Data Tools (3) Groups (4) Integration (5) Marketing Actions (6) Ownership (7) Program Maintenance

A

All

106
Q

7 types of actions under Program Builder are (1) all (2) ___ (3) Groups (4) Integration (5) Marketing Actions (6) Ownership (7) Program Maintenance

A

Data Tools

107
Q

7 types of actions under Program Builder are (1) all (2) Data Tools (3) _____ (4) Integration (5) Marketing Actions (6) Ownership (7) Program Maintenance

A

Groups

108
Q

7 types of actions under Program Builder are (1) all (2) Data Tools (3) Groups (4) ____ (5) Marketing Actions (6) Ownership (7) Program Maintenance

A

Integration

109
Q

7 types of actions under Program Builder are (1) all (2) Data Tools (3) Groups (4) Integration (5) _____ (6) Ownership (7) Program Maintenance

A

Marketing Actions

110
Q

7 types of actions under Program Builder are (1) all (2) Data Tools (3) Groups (4) Integration (5) Marketing Actions (6) ___ (7) Program Maintenance

A

Ownership

111
Q

7 types of actions under Program Builder are (1) all (2) Data Tools (3) Groups (4) Integration (5) Marketing Actions (6) Ownership (7) ____

A

Program Maintenance

112
Q

What Action do you enter in Program Builder to remove labels?

A

Remove Contact Security Labels

113
Q

How can you open a menu for editing decision steps?

A

Click the down arrow on the decision step.

114
Q

In Program Builder, can you restrict the time actions run?

A

Yes.

115
Q

True or false: you can allow Custom Objects in a program step.

A

True.

116
Q

Because a contact will always remain in one geographic region, use the ____ Model to create a program to assign labels to contact records.

A

Unique

117
Q

True or false: You can configure asset-level security in Eloqua.

A

True

118
Q

____ allow you to control levels of access to assets, features, and interfaces.

A

Security groups

119
Q

Access security groups from the User Management page:

A

Groups: All Groups … displays Security Group Overview interface

120
Q

Security Group overview: The ____ section allows you to define the products that users in the group can access

A

Licensing

121
Q

Access to use the core platform requires the __ license.

A

Eloqua Marketing Platform

122
Q

The ___ section controls the features and areas of the application that are visible to users in this group.

A

Interface Access

123
Q

The Interface Access tree is organized…

A

in a hierarchy that matches the hierarchy of how you navigate the platform.

124
Q

In Interface Access, if you are looking at a new security group or the Everyone security group, what is true?

A

No areas of the application are selected.

125
Q

In Interface Access, there are default selections made for the ____ or _____ security groups.

A

System or Default

126
Q

True or false: Access to assets set in Interface Access allow users to create, modify or delete the assets.

A

False. This is set in the Asset Creation section.

127
Q

The ____ section of security group overview controls the actions that can be performed on a particular interface by users in this group.

A

Action Permissions section

128
Q

The Action Permissions section is closely linked with the ____ section of the Security Group overview.

A

Interface Access

129
Q

Security Group Overview 6 sections: (1) _____ (2) Interface Access (3) Action Permissions (4) Asset Creation (5) Default Asset Permissions (6) Business Unit Membership

A

Licensing

130
Q

Security Group Overview 6 sections: (1) Licensing (2) ____ (3) Action Permissions (4) Asset Creation (5) Default Asset Permissions (6) Business Unit Membership

A

Interface Access

131
Q

Security Group Overview 6 sections: (1) Licensing (2) Interface Access (3) _____ (4) Asset Creation (5) Default Asset Permissions (6) Business Unit Membership

A

Action Permissions

132
Q

Security Group Overview 6 sections: (1) Licensing (2) Interface Access (3) Action Permissions (4) _____ (5) Default Asset Permissions (6) Business Unit Membership

A

Asset Creation

133
Q

Security Group Overview 6 sections: (1) Licensing (2) Interface Access (3) Action Permissions (4) Asset Creation (5) ______ (6) Business Unit Membership

A

Default Asset Permissions

134
Q

Security Group Overview 6 sections: (1) Licensing (2) Interface Access (3) Action Permissions (4) Asset Creation (5) Default Asset Permissions (6) _____

A

Business Unit Membership

135
Q

The __ section of the Security Group Overview controls the actions that can be performed on a particular interface by users in this group.

A

Action Permissions

136
Q

The _____ section identifies the types of assets that users of this group have the ability to create.

A

Asset Creation

137
Q

The _____ section controls the default permissions applied to an asset.

A

Default Asset Permissions

138
Q

If you want to only allow the user who created an asset to edit or delete it, what section of the Security Group Overview would you use?

A

Default Asset Permissions

139
Q

The ____ section of the Security Group Overview can select which business unit users will be members of.

A

Business Unit Membership

140
Q

The Business Unit Membership is only applicable if…

A

Categories have been configured for business units.

141
Q

When a user creates a new asset, there are a default set of permissions on that asset. True or false?

A

True.

142
Q

What are the four levels of security that users or security groups can have over an asset?

A

View, Edit, Delete, Security

143
Q

In the ____ level of asset permissions, users can change the asset permissions.

A

Security

144
Q

From the Security Group Overview, where do you assign permissions?

A

Click Default Asset Permissions, and click edit.

145
Q

The __ allows you to secure the entire email template so it cannot be modified, or only mark certain sections as edited.

A

Email Template Manager

146
Q

Where is email template manager:

A

Assets: Emails: Template Manager icon

147
Q

Create an email template as you would create…

A

any email.

148
Q

After saving as a template, what do you do to mark some of the template as protected?

A

Gear menu: Enable Protected Mode

149
Q

How do you mark some sections as editable?

A

Right-click on the component and select Mark as Editable.

150
Q

True or false: When you mark a component as editable you can allow it to be deleted.

A

True.

151
Q

How are editable sections marked in a template?

A

With a blue line around them.

152
Q

What feature of the Email Template allows you to lock an entire email asset or mark certain sections as editable?

A

Protected Mode

153
Q

Configuring __ security insures information confidentiality and system integrity.

A

User Security

154
Q

Configuring __ leads to effective resource utilization.

A

SSO

155
Q

Configuring ____ allows you to implement cost effective guardrails to prevent against unauthorized access and disclosure.

A

Contact Security

156
Q

Configuring ___ allows you to define permissions for each asset type against unauthorized deletion or modification.

A

Asset Security