Security

Question 1

A privilege is…

Answer 1

a low-level permission to do or see something. The lowest level of the security hierarchy.

Question 2

A security policy is…

Answer 2

a group of privileges. There are two types.

Question 3

What are the two types of security policy?

Answer 3

1. DSP or Data Security Policy
2. FSP or Functional Security Policy

Question 4

What is a DSP?

Answer 4

A DSP or Data Security Policy allows users to make changes to data.
Ex: read, update, delete

Question 5

What is an FSP?

Answer 5

An FSP or Function Security Policy allow users to perform specific actions in the system.
Ex: approve a service request

Question 6

A duty role is…

Answer 6

a group of security policies that defines access to an object.

Question 7

A job role is…

Answer 7

A group of duty roles that describe a user’s job. Most users only have 1.

Question 8

An abstract role is…

Answer 8

A job role for “not a real job” jobs. Users typically get one or more of these.

Question 9

What do access groups do?

Answer 9

They grant groups of users access to records that match rules.

Question 10

What do territories do?

Answer 10

Grant territory members access to records that have the territory assigned to them.

Question 11

Authentication

Answer 11

A user becomes authenticated by providing a correct username/ password combination

Question 12

Authorization

Answer 12

The system uses RBAC (Role based access control) to determine which pages a user can access, actions they can perform, and which CRUD (create, read, update, delete) operations they can use.

Question 13

Visibility

Answer 13

Determines which records the user sees and the user’s level of access to those records

Question 14

CRUD

Answer 14

Create, Read, Update, Delete

Question 15

RBAC

Answer 15

Role Based Access Control

Question 16

Two ways Sales manages visibility

Answer 16

1. Territories
2. Access Groups

Question 17

Describe the click path for transferring ownership of records.

Answer 17

Tools >Mass Transfer

Question 18

Resource Role

Answer 18

A user’s job title. It is not not the same a job role.

Question 19

Shallow Copy

Answer 19

Copies only the selected role and associates existing inherited roles with it.

Question 20

Deep Copy

Answer 20

Copies the selected role and all inherited roles to create a new section of the hierarchy

Question 21

Reference Models are….

Answer 21

The set of seeded security roles, privileges and policies already provided in your pod.

Question 22

Why do roles that are a part of the reference model need to be copied?

Answer 22

Most roles are read only and only copies can be edited to fit the new business need.

Question 23

Are custom security roles subject to changes in updates?

Answer 23

Yes. So the out of the box roles are preferable. If a custom role must be created, try a shallow copy vs a deep copy where possible.

Question 24

What should you use the Sales and Service Access Management tool for?

Answer 24

It is the recommended tool for modifying data security policies.

Question 25

Which two roles have access to the Sales and Service Access Management tool?

Answer 25

IT security manager & customer relationship management application administrator

Question 26

What is the Access Explorer?

Answer 26

The access Explorer allows you to select a user and expand access to an object or record.

Question 27

What are attributes of Access Groups and when should I use them?

Answer 27

They grant create, read and update access to an object and its related objects.

Easy to set up & good performance

Use when ever you can, except when a prebuilt mechanism satisfies the business requirement.

Question 28

Name two examples of prebuilt mechanisms

Answer 28

Objects that support territory access.

Service requests support queue access