Section 10 Admin Deck Flashcards
PW restriction settings
pw question requirement can be set to none or cannot contain a pw obscure secret answer can be set for pw resets pw complexity requirement - allows enforcing a certain combination of characters required for pw
users of an org can only see campaign mbrs whose lead or contact records they have access to in SF mrking director would like them to access campaign records only if they have access to the related campaign also users belong to certain pub groups require access to all campaign members regardless of the default access
- set owd sharing setting for campaign member object to controlled by campaigns (it will be used to allow users to only be able to see campaign members if they have access to the campaign associated with them) 2. since the campaign member object would inherit the sharing rules form the campaign object, a campaign sharing rule can be created to give the public group access to all the campaigns (which would automatically give access to the related campaign member records )
everyone should be able to see
ALL opportunities
but only managers
should be able to see the opp value
- set OWD for opps to public read
- set field level security for opp value to visible for users w/ manager profile
MFA - multi factor authentication
increases an orgs security by requiring a 2nd level of auth for every user login it can be service or policy based users provide the 2nd factor by installing a mobile auth app such as the salesforce authenticator app they can also use a U2F security key
PW restrict settings
Min length - 5 to 50 characters Requires a minimum 1 day pw lifetime Enforce pw history - limits the number of previous PW that can be reused
what is sf login forensics
allows SF admin to monitor login behavior & keep a SF org secure; login forensics provides critical login information
When is identity confirmation triggered
it is invoked when user logs in from unrecognized browser or device and is logging in from outside a trusted IP range
everyone should see all opps BUT only managers should be able to see the OPP value
- Set OWD for opps to public read 2. Set the field level security for Opp value to visible only for users with with the manager profile
folders control access to
reports dashboards documents email templates OWD do not apply to folders instead they have their own security and access control folders access can range from private to OWD
Name 4 summary report features
- data in a sum report contains group records and subtotals
- up to 3 levels of grouping can be defined in a sum report
- charts can be created in summary reports
- summary reports can be used as the source for dashboard components
users are assigned to a profile which outlines
which objects they can access and ACTIONs that can be preformed on the objects obj permissions can be set at the profile level and include NO ACCESS READ CREATE EDIT DELETE and VIEW ALL/ MODIFY ALL
identity confirmation highest priority verification order
- SF authenticator mobile app 2. UF security key 3. One time pw generator 4. SMS text message 5. email
users should have the ability to import leads; they have diff profiles depending on the dept they are in
due to having diff profiles; admin should create a perm set with the perm “import leads” and assign to appropriate users
is stacked summaries option available in matrix reports
yes it is available and enabled by default
admin is testing a new app select users are helping test the app
during the testing use a perm set to add access to the app
Profiles also determine
app and tabs access IP restrictions various permissions page layouts
stored browser cookies
must be clear cookies
Org would like marketing dept to see only the details of campaign mbrs whose contract or lead records they have access to
Set the OWD for campaign member object to controlled by lead or contract it would allow all users to see only the campaign member whose contract or lead records they have access to in SF
how can folder access be controlled
folders can be private or shared
describe joined report features
joined reports are used for analyzing SF data across multiple report types or getting multiple simultaneous views of an object joined report run page can be used to add a chart edit filters add the report to a dashboard and sort columns and groups joined report can consist of up to 5 blocks each block of data returns 2,000 records joined report can return up to 10,000 records filter panel displays filters by block
bucket fields in reports features
ranges # % $ picklists and text bucket fields are used for grouping and filtering and categorizing report values based on defined criteria there can be up to 5 bucket fields and 20 buckets for each field in a report buckets can be created in JOINED reports
when to use a joined report
sales rep pref scorecards support cases by status with diff columns for new and closed cases opp pipeline report with columns for diff opp statuses
IP restrictions can be set at
profile and org level
Org level trusted ip ranges
users ip address if outside of the trusted ip range then the verification/login challenge is sent if inside the trusted ip range then the user is allowed to login in without verifying the identity
sales team teams should not see others opps managers need to see everyone on team finance and comp president should have access to all opps
set OWD for opps to PRIVATE establish a role heirarchy have sales at the bottom with managers in a role above them put finance above managers president above all roles
enable login forensics
set up> event manager > login event > enable streaming
Profile types
Standard > app settings + system settings (data visibility) Types include: Standard, Read Only, Minimum Access/Read Only, Marketing User, Solution Mgr, Contract Mgr, System Admin Custom > not available in Contract Manager and Group Editions *create this custom by CLONING a standard profile
highlighted features of joined reports
create a cross block formula sort block order (filter order)
users share record by record when needed help with contract renegotiations
set OWD to private for contracts put a share button on the contract page layout and show users how to manually share records
finance manager needs access to all opps; opps are NOT included in the finance profile ….
grant access to opps through a permission set it doesn’t make sense to create a profile for one user perm sets can be used to grant access to objects and fields