Section 10 Admin Deck Flashcards
PW restriction settings
pw question requirement can be set to none or cannot contain a pw obscure secret answer can be set for pw resets pw complexity requirement - allows enforcing a certain combination of characters required for pw
users of an org can only see campaign mbrs whose lead or contact records they have access to in SF mrking director would like them to access campaign records only if they have access to the related campaign also users belong to certain pub groups require access to all campaign members regardless of the default access
- set owd sharing setting for campaign member object to controlled by campaigns (it will be used to allow users to only be able to see campaign members if they have access to the campaign associated with them) 2. since the campaign member object would inherit the sharing rules form the campaign object, a campaign sharing rule can be created to give the public group access to all the campaigns (which would automatically give access to the related campaign member records )
everyone should be able to see
ALL opportunities
but only managers
should be able to see the opp value
- set OWD for opps to public read
- set field level security for opp value to visible for users w/ manager profile
MFA - multi factor authentication
increases an orgs security by requiring a 2nd level of auth for every user login it can be service or policy based users provide the 2nd factor by installing a mobile auth app such as the salesforce authenticator app they can also use a U2F security key
PW restrict settings
Min length - 5 to 50 characters Requires a minimum 1 day pw lifetime Enforce pw history - limits the number of previous PW that can be reused
what is sf login forensics
allows SF admin to monitor login behavior & keep a SF org secure; login forensics provides critical login information
When is identity confirmation triggered
it is invoked when user logs in from unrecognized browser or device and is logging in from outside a trusted IP range
everyone should see all opps BUT only managers should be able to see the OPP value
- Set OWD for opps to public read 2. Set the field level security for Opp value to visible only for users with with the manager profile
folders control access to
reports dashboards documents email templates OWD do not apply to folders instead they have their own security and access control folders access can range from private to OWD
Name 4 summary report features
- data in a sum report contains group records and subtotals
- up to 3 levels of grouping can be defined in a sum report
- charts can be created in summary reports
- summary reports can be used as the source for dashboard components
users are assigned to a profile which outlines
which objects they can access and ACTIONs that can be preformed on the objects obj permissions can be set at the profile level and include NO ACCESS READ CREATE EDIT DELETE and VIEW ALL/ MODIFY ALL
identity confirmation highest priority verification order
- SF authenticator mobile app 2. UF security key 3. One time pw generator 4. SMS text message 5. email
users should have the ability to import leads; they have diff profiles depending on the dept they are in
due to having diff profiles; admin should create a perm set with the perm “import leads” and assign to appropriate users
is stacked summaries option available in matrix reports
yes it is available and enabled by default
admin is testing a new app select users are helping test the app
during the testing use a perm set to add access to the app
Profiles also determine
app and tabs access IP restrictions various permissions page layouts
stored browser cookies
must be clear cookies
Org would like marketing dept to see only the details of campaign mbrs whose contract or lead records they have access to
Set the OWD for campaign member object to controlled by lead or contract it would allow all users to see only the campaign member whose contract or lead records they have access to in SF
how can folder access be controlled
folders can be private or shared
describe joined report features
joined reports are used for analyzing SF data across multiple report types or getting multiple simultaneous views of an object joined report run page can be used to add a chart edit filters add the report to a dashboard and sort columns and groups joined report can consist of up to 5 blocks each block of data returns 2,000 records joined report can return up to 10,000 records filter panel displays filters by block
bucket fields in reports features
ranges # % $ picklists and text bucket fields are used for grouping and filtering and categorizing report values based on defined criteria there can be up to 5 bucket fields and 20 buckets for each field in a report buckets can be created in JOINED reports
when to use a joined report
sales rep pref scorecards support cases by status with diff columns for new and closed cases opp pipeline report with columns for diff opp statuses
IP restrictions can be set at
profile and org level
Org level trusted ip ranges
users ip address if outside of the trusted ip range then the verification/login challenge is sent if inside the trusted ip range then the user is allowed to login in without verifying the identity
sales team teams should not see others opps managers need to see everyone on team finance and comp president should have access to all opps
set OWD for opps to PRIVATE establish a role heirarchy have sales at the bottom with managers in a role above them put finance above managers president above all roles
enable login forensics
set up> event manager > login event > enable streaming
Profile types
Standard > app settings + system settings (data visibility) Types include: Standard, Read Only, Minimum Access/Read Only, Marketing User, Solution Mgr, Contract Mgr, System Admin Custom > not available in Contract Manager and Group Editions *create this custom by CLONING a standard profile
highlighted features of joined reports
create a cross block formula sort block order (filter order)
users share record by record when needed help with contract renegotiations
set OWD to private for contracts put a share button on the contract page layout and show users how to manually share records
finance manager needs access to all opps; opps are NOT included in the finance profile ….
grant access to opps through a permission set it doesn’t make sense to create a profile for one user perm sets can be used to grant access to objects and fields
CTO would like to restrict the ability to create and customize reports to a group of users
create a custom profile clone existing standard profile where the reports permissions should be removed in addition a permission set must be created to extend the create and customize reports for the selected group
security health check
a summary score is calculated by using a formula and shows how an org measures up against a sec BL such as the SF baseline standard; up to 5 custom BL can be uploaded and used instead
group of sales users require access to SF + activities + all of chatter and a few of these users should be able to view records of a custom object BUT not able to access the records or any other object
sales users - assign to min access SF which is the leas privildege profile a perm set can be assigned to the users who just need to view the records of the custom object
subfolders have how many hierarchy
3 level in a subfolder user folder level 1 - subfolder level 2 - subfolder level 3 - subfolder
report builder tools included in SF
bucket fields summary fields row level formulas summary formulas count unique report filters conditional highlighting report charts
users work comped and do not want to let outer users see the info of the contact
set OWD for contacts to private
Admin can change the PW of specific users by clicking on the reset pw button on the users page in set up
TRUE when it is reset the user receives an email that contains a link and instructions also resetting a locked out pw automatically unlocks the users acct
SF org access checks include
Login creds entered > is login time outside of hours for login on profile? is users IP range defined for profile? is users IP outside of trusted range for defined org?
Delegated authentication
allows the usage of a preferred auth provider uses a stronger form of user auth; makes login page private and accessible only behind a corp firewall
Record access concept in SF
Object > most restrictive OWS > Sharing Rules > Manual sharing > least restrictive
user perm needed to manage folders in SF
different perm needed to manage folders manage public docs manage public templates manage public reports manage dashboards and view all data
sharing options include
list views or queues list views can be shared with: all users, roles, public groups, roles &subordinates, territories, territories + subordinates queues can be shared with same as above w/ exception that all users is just users (meaning specific users)
matrix report features include….
1 - data is summarized or grouped by rows & columns 2 - 2 levels of summarization are available 3 - matrix reports are useful for comparing related totals and analyzing large amts of data 4 - matrix reports can be used as the source for a dashboard component 5 - charts can be created w/ matrix reports
Bucket examples
Revenue ranges = low revenue, medium revenue, high revenue
joined report does not support
bucket fields cross filters rows to display filters conditional highlighting reporting snapshots reporting subscriptions
Federated authentication
allows unrelated web services to share authentication data it is auto enabled for an org
lockout attempts & lockout periods
of invalid login attempts can be specified to no limit, 3 5 or 10 it is possible to specify how long a user is locked out; it can be set to 15, 30, 60 min or forever (reset by an admin)
what is security health check
session settings pw policies certificate & key mgmt file upload & download sec settings
what file types can be previewed in salesforce crm content
PPT
Word
XLS
*NO TIFF or ZIP files
3 features of case management are
email to case
web to case
case teams
*MACROS - are part of the service console features
**Phone to case is NOT supported
worklow is being used to automate ordering what are the types of actions an admin can use with workflow
field update
task creation
email alert
outbound message
what are search layouts used for
to control the fields displayed
- in search results
- in the recently viewed accounts list
- fields displayed in lookup dialog
*Search layout can not be used to control the fields that are searched for keyword matches
**only which fields are displayed
an org has muti currenancy enabled
what can cause a record in an import file to fail
- a required field is missing
- record fails system validation rules
- record fails custom validation rules
private sharing model
how can users at the same level of the role hierarchy have accss to each others data
sharing rules can be added to grant access
using the SF app
how can a SF admin manage users
- deactivate users
- reset passworrds
- unlock users
- freeze users
- edit user details
- reset user permissions
in a private sharing model
will a manager be able to edit account records owned by a user below them in the role heirachy
yes if access is granted by default to users in a higher role for standard objects
remember - grant access using hierachies is always checked for standarrd objects such as account and can not be changed
what do data categories do
allows knowledge searches
can be used to organize search filter and control access to knowledge articles
if the user name was entered incorrectly on mydomain …..
it would not be listed in the login history since SF would not be able to find the incorrect username in the org
where can tasks be created in lightning experience
- tasks tab
- record pages
- global actions menu
cosmic innovation migrated to lightening
and the sf admin enabled einstein activity capture
sales user has created a task related to a contact record
where can this task be viewed
- in activity timeline of the acct record related to the contact
- in the activity timeline of the contact record
- in my tasks list of the user assigned to the task
*Note if Einstein is enabled the activity timeline is required
**if the task is created on the contact record then the above is true (top 3 bullets)
when do you use an escalation rule
to automatically esclate a case when it meets criteria
rule entries can include actions and can send email notification to case owner + recipients
list the basic steps when setting up new cusom fields
- select field type
- enter the field details such as label, length, help txt
- select field level security for each profile
- select which page layouts to add the field to
what report format can not be used
when creating reports with field groupings
Tabular
can not be used to set up groups of data
*summary report groups data by rows
*matrix groups data by rows and columns
*joined report blocks are formatted as summary reports
can standard profiles be modified
NOPE
permission sets can be used to provide additional perm to users
how can users be given
the ability to make case feed
items visible to external usaers
admin must enable
- edit posts on records/own
- edit my own posts
where can SF admin find
info on a users login attempt
- login hist page
- user detail section on a user record
- login history related list on a user record
what is true about deleting fields
- hard deletion of deleted custom fields can be accelerated to free up custom field allocation
- after a field is deleted it can be undeleted within 15 days before it is deleted perm
you want to archieve old inactive contact records
how do you do this efficiently
use data loader
or
create a report to export the data
then use data loader to delete the data
what does email to salesforce do
feature auto associates emails to SF records
like contacts leads and opportunities
what does enhanced email do?
- allows reps to associate emails to relevant SF records while composing them
- emails are associated as TASKS if this is not enabled
does salesforce have an
advanced outlook sync feature
NO
it does not
email app panes are used to….
define the layout of define
the layout of components in the integration
side panel
when would you use a summary report
grouping opportunties by
sales stage
how do you change the language
that the user interface is displayed in
- change the language setting for the user
- advise the user to change the language setting in the users personal information
