Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Salesforce > Identity & Access Management > Flashcards

Identity & Access Management Flashcards

1
Q

Q. What is Identity & Access Management (IAM) in Salesforce?

A

A. IAM refers to the policies, processes, and tools used to manage user authentication, authorization, and security controls in Salesforce.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Q. What are the core components of IAM in Salesforce?

A
  • Authentication (Login & SSO)
  • Authorization (Profiles, Permission Sets)
  • Identity Federation (SSO, OAuth, SAML)
  • Security Policies (MFA, IP Restrictions)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Q. What is authentication in Salesforce?

A

A. The process of verifying a user’s identity before granting access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Q. What are the primary authentication methods in Salesforce?

A
  • Username & Password
  • Multi-Factor Authentication (MFA)
  • Single Sign-On (SSO)
  • OAuth 2.0 & OpenID Connect
  • Certificate-Based Authentication
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Q. What is Multi-Factor Authentication (MFA)?

A

A. MFA requires users to verify their identity using two or more factors (e.g., password + mobile authenticator app).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Q. What are best practices for enforcing strong authentication?

A
  • Require MFA for all users
  • Implement SSO for enterprise users
  • Enable IP Whitelisting & Login Restrictions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Q. What is Single Sign-On (SSO) in Salesforce?

A

A. SSO allows users to log in once and access multiple applications without entering credentials again.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Q. What are the main SSO protocols supported by Salesforce?

A
  • SAML (Security Assertion Markup Language)
  • OAuth 2.0
  • OpenID Connect
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Q. What is the difference between SP-initiated and IdP-initiated SSO?

A
  • SP-initiated SSO: The user starts from Salesforce and is redirected to the Identity Provider (IdP) for authentication.
  • IdP-initiated SSO: The user logs into the IdP and then accesses Salesforce.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Q. What is Just-in-Time (JIT) provisioning in SSO?

A

A. A method that automatically creates and assigns user roles when they log in via SSO.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Q. What is OAuth 2.0?

A

A. An open standard for secure API authentication and authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Q. What are the main OAuth 2.0 grant types in Salesforce?

A
  • Authorization Code Flow (for web apps)
  • JWT Bearer Flow (for server-to-server auth)
  • Password Grant Flow (for legacy use, not recommended)
  • Client Credentials Flow (for machine-to-machine API calls)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Q. What is OpenID Connect?

A

A. A protocol built on top of OAuth 2.0 for authentication, allowing users to log in with their identity provider credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Q. What is identity federation?

A

A. A system where users authenticate through an external Identity Provider (IdP) instead of Salesforce.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Q. What are common Identity Providers (IdPs) used with Salesforce?

A
  • Okta
  • Microsoft Azure AD
  • Google Workspace
  • Ping Identity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Q. What is Delegated Authentication?

A

A. A method that allows an external system to authenticate users instead of Salesforce.

17
Q

Q. How does Delegated Authentication differ from SSO?

A
  • Delegated Authentication uses an external system but requires Salesforce credentials.
  • SSO fully bypasses Salesforce authentication.
18
Q

Q. What is authorization in Salesforce?

A

A. The process of defining what actions and data a user can access after authentication.

19
Q

Q. What is the difference between profiles and permission sets?

A
  • Profiles: Define baseline access and security settings for users.
  • Permission Sets: Grant additional permissions beyond a user’s profile.
20
Q

Q. What are Roles in Salesforce?

A

A. Roles control record-level access based on a hierarchy.

21
Q

Q. How do permission set groups improve access management?

A

A. They allow multiple permission sets to be combined and assigned to users as a single entity.

22
Q

Q. What is record-level security?

A

A. Controls access to individual records using OWD, Role Hierarchy, Sharing Rules, and Manual Sharing.

23
Q

Q. What is the purpose of Organization-Wide Defaults (OWD)?

A

A. OWD sets the baseline record visibility for objects.

24
Q

Q. What are the different types of record-sharing mechanisms in Salesforce?

A
  • Role Hierarchy (higher roles inherit access)
  • Sharing Rules (criteria-based record sharing)
  • Manual Sharing (ad-hoc record access)
  • Apex Sharing (programmatic sharing)
25
Q

Q. What security policies can be enforced in Salesforce?

A
  • Password policies (expiration, complexity)
  • Login hours & IP restrictions
  • Two-Factor Authentication (MFA)
  • Session timeout policies
26
Q

Q. What is the Security Health Check in Salesforce?

A

A. A tool that evaluates an org’s security settings and provides recommendations.

27
Q

Q. What is Login IP Range, and how does it enhance security?

A

A. Restricts user logins to specific trusted IP addresses.

28
Q

Q. What is a session timeout policy?

A

A. A setting that logs out inactive users after a defined period.

29
Q

Q. What is Salesforce Shield?

A

A. A security suite that includes Event Monitoring, Field Audit Trail, and Platform Encryption.

30
Q

Q. What is Event Monitoring in Salesforce?

A

A. A tool that tracks user activities (e.g., logins, data access, API usage) for security auditing.

31
Q

Q. How does Salesforce comply with GDPR?

A
  • Data encryption for personal data
  • Right to be forgotten (record deletion policies)
  • Consent management features
32
Q

Q. What are best practices for managing user access in Salesforce?

A
  • Implement MFA for all users
  • Use SSO for centralized authentication
  • Assign minimal necessary permissions
  • Monitor API access and login history
  • Regularly audit user roles and profiles
33
Q

Q. How can you prevent unauthorized access in Salesforce?

A
  • Enable IP whitelisting
  • Set strong password policies
  • Implement audit logs for tracking logins and access

Salesforce (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions