Security Flashcards

To review set up of user & system security

1
Q

A privilege is…

A

a low-level permission to do or see something. The lowest level of the security hierarchy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A security policy is…

A

a group of privileges. There are two types.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the two types of security policy?

A
  1. DSP or Data Security Policy
  2. FSP or Functional Security Policy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a DSP?

A

A DSP or Data Security Policy allows users to make changes to data.
Ex: read, update, delete

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is an FSP?

A

An FSP or Function Security Policy allow users to perform specific actions in the system.
Ex: approve a service request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A duty role is…

A

a group of security policies that defines access to an object.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A job role is…

A

A group of duty roles that describe a user’s job. Most users only have 1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An abstract role is…

A

A job role for “not a real job” jobs. Users typically get one or more of these.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What do access groups do?

A

They grant groups of users access to records that match rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What do territories do?

A

Grant territory members access to records that have the territory assigned to them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Authentication

A

A user becomes authenticated by providing a correct username/ password combination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Authorization

A

The system uses RBAC (Role based access control) to determine which pages a user can access, actions they can perform, and which CRUD (create, read, update, delete) operations they can use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Visibility

A

Determines which records the user sees and the user’s level of access to those records

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

CRUD

A

Create, Read, Update, Delete

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

RBAC

A

Role Based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Two ways Sales manages visibility

A
  1. Territories
  2. Access Groups
17
Q

Describe the click path for transferring ownership of records.

A

Tools >Mass Transfer

18
Q

Resource Role

A

A user’s job title. It is not not the same a job role.

19
Q

Shallow Copy

A

Copies only the selected role and associates existing inherited roles with it.

20
Q

Deep Copy

A

Copies the selected role and all inherited roles to create a new section of the hierarchy

21
Q

Reference Models are….

A

The set of seeded security roles, privileges and policies already provided in your pod.

22
Q

Why do roles that are a part of the reference model need to be copied?

A

Most roles are read only and only copies can be edited to fit the new business need.

23
Q

Are custom security roles subject to changes in updates?

A

Yes. So the out of the box roles are preferable. If a custom role must be created, try a shallow copy vs a deep copy where possible.

24
Q

What should you use the Sales and Service Access Management tool for?

A

It is the recommended tool for modifying data security policies.

25
Q

Which two roles have access to the Sales and Service Access Management tool?

A

IT security manager & customer relationship management application administrator

26
Q

What is the Access Explorer?

A

The access Explorer allows you to select a user and expand access to an object or record.

27
Q

What are attributes of Access Groups and when should I use them?

A

They grant create, read and update access to an object and its related objects.

Easy to set up & good performance

Use when ever you can, except when a prebuilt mechanism satisfies the business requirement.

28
Q

Name two examples of prebuilt mechanisms

A

Objects that support territory access.

Service requests support queue access