Permissions

Question 1

Where can Project Roles be used?

Answer 1

1) Permission Schemes
2) Notification Schemes
3) Issue Security Levels
4) Comment Visibility
5) Workflow Conditions

Question 2

What are the default Project Roles for a JIRA installation?

Answer 2

1) Administrators
2) Developers
3) Users

Question 3

What objects can Project Roles be given access to?

Answer 3

1) Issue Filters

2) Dashboards

Question 4

What is the difference between Project Roles and groups?

Answer 4

Project roles are somewhat similar to groups, the main difference being that group membership is global whereas project role membership is project-specific. Additionally, group membership can only be altered by Jira administrators, whereas project role membership can be altered by project administrators. Every project has a project lead and every project component has a component lead. These individual roles can be used in schemes, issues and workflows, just like project roles. You assign project/component leads when defining projects or managing components respectively.

Question 5

What is a Project Role?

Answer 5

Project roles are a flexible way to associate users and/or groups with particular projects.
Jira administrators define project roles — that is, all projects have the same project roles available to them.
Project administrators can then assign members to project roles specifically for their project(s).

Question 6

List the 6 Global Permissions

Answer 6

JIRA System Admin
JIRA Admin
Browse Users
Create Shared Object
Bulk Change
Manage Group Filter Subscriptions

Question 7

What are the Bulk Change Permissions?

Answer 7

Move
Delete
Workflow Transition
Edit

Question 8

Where can you set the Manage Group Filters permission?

Answer 8

This permission does not exist, but Manage Group Filter Subscription permissions does, giving you the ability to manage (create and delete) group filter subscriptions.

Question 9

How do you make a project Read-Only? (Online Archiving)

Answer 9

• Create a permission scheme that is Read-Only and only keep “Browse Project” permission to users.
• You need to also create “Conditions” on the workflow transitions, that only users with Edit Issue permission can transition the issue.
• You should also remove any Notification scheme associated with an archived project.

Question 10

How do you hide a project? (Online Archiving)

Answer 10

Hide a project by removing all permissions in a permission scheme and applying the scheme to the project. No one can view it at all.

• You should also remove any Notification scheme associated with an archived project.

System Administrators see it under Administration > Projects menu and update the scheme to something else, to change its visibility.

Question 11

What permissions do you need to import CSV issues?

Answer 11

If you have the Create Issue project permission and the Bulk Change global permission for relevant projects, you can create issues in bulk using a CSV file.

Question 12

Who can customize the default dashboard for your project?

Answer 12

Only administrators can customize the default dashboard for your project.

Question 13

List the main headings in the Project Permissions

Answer 13

Project
Issues
Comments
Time Tracking
Attachments
Voters and Watchers

Question 14

List the Issue Permissions in Project Permissions

Answer 14

Assign Issues
Assignable User
Close Issues
Create Issues
Delete Issues
Edit Issues
Link Issues
Modify reporter
Move Issues
Resolve Issues
Schedule Issues
Set Issues Security
Transition Issues

Question 15

Who can enable (or edit) an Index Recovery?

Answer 15

Only JIRA System Administrators

Question 16

A new employee at your organization is able to log into JIRA but they are unable to see any projects.

What three actions should be taken to fix their permissions?

Answer 16

• Add the user to the appropriate groups to grant project access.
• Add the user to the appropriate roles to grant project access.
• Add the user to the appropriate applications to grant feature access.

Question 17

What change would you allow you to be able to modify role membership across all of the projects in your JIRA instance?

Answer 17

Create a project-administrators group and add it to the Administer Projects permission in the permission scheme.

Question 18

Which two security options are available in a scenario where the information security team is concerned about usage of the JIRA feature “Remember my login” when users forget to log out of JIRA in public environments.

Answer 18

JIRA administrators can clear “Remember my login” tokens from an individual user profile. JIRA administrators can clear “Remember my login” tokens for all users at once.

Question 19

You are the administrator for a large JIRA installation with multiple projects and teams.

You want your project leads to be able to manage the following:

• Their own team dashboards
• Automatic assignment by component
• Release of versions
• Add/remove users to project roles

Using the default permission scheme, default global permissions and roles, what is the best way to accomplish this?

Answer 19

Assign the project role of Administrator to project leads’ user accounts.

Question 20

A manager you support has issue filters and dashboards configured to provide both weekly and monthly reports on their teams.

One of the manager’s employees recently left the company for a new job. The number of issues has greatly decreased, and many of the trends appear to be incorrect.

What is the likely cause of this problem?

Answer 20

The employee was removed from all groups. (We can guess that the manager’s JQL is based on team membership (membersOf()) from the stem, and if the employee is removed from groups, that would affect their reports.

Question 21

The project lead for one of your JIRA projects has resigned. Which two steps should you take before deactivating the user account?

Answer 21

Move ownership of any shared objects (dashboards or filters). Remove the user from any workflow conditions.

Question 22

You are setting up a new JIRA for your company.

The authentication requirements are as follows:

• All internal employees should be able to access JIRA.
• The corporate Employee Directory is used for storing all and only internal employee usernames.
• JIRA needs Departmental Groups which already exist in Employee Directory (e.g. hr, sales, qa).
• JIRA needs many new groups which do not currently exist in Employee Directory (e.g. hr-reviewers, sales-approvers, etc.)
• One project requires public sign-up from external web users.

Based on the above, evaluate the appropriate method of authentication for your company.

Answer 22

Configure Employee Directory as an LDAP User Directory in JIRA. Make it Read Only, with Local Groups. Add new groups to JIRA Internal Directory as needed. Make Employee Directory first in the directory order.

Question 23

You are a JIRA administrator for an organization with a number of restricted projects. In addition, each project has a robust Issue Security Scheme to ensure issues are restricted to only the relevant users. Without using third-party add-ons, which of the following reasons would necessitate creating a new project to guarantee security is maintained?

Answer 23

Different issue types need different default security levels.

Question 24

Determine the appropriate group structure and user membership.

Answer 24

Groups are global. Roles are on a per-project basis. To save time, using groups would be easier than modifying roles for every project with the same permission scheme.

Question 25

JIRA instance contains sensitive information. It uses JIRA Internal Directory for identity and access management.

Which two actions would you recommend to the server administrator to secure JIRA against external threats?

Answer 25

Restrict access to your index and attachments directories.

Restrict access to the directory in which you installed JIRA.