Security & Access Flashcards
Navigation to session security
Setup > Session security
Setup > Identity > Identity verification > session security level policies > session security
Enable enhanced profile user interface
setup > user management settings > activate “enhanced user profile interface”
How to set organization level Trusted IP Address
Setup > security > network access > new
How to set profile level login IP address
Setup > profiles > select respective profile > login IP ranges (under system)
Setup Audit Trail Navigation
Setup > Security > View Setup Audit Trail
Where is Tab settings available ?
Profiles and permission sets
Which app or system settings in profiles overwrites the role/hierarchy or permission rules ?
Selected profile > system permissions > modify all data
Selected profile > object settings > selected object > modify all/delete
How to add or view a user to the permission set ?
setup > permission set > select particular permission set > manage assignments > add assignments or view
Or
select a user > click on “permission set assignments”
Navigation for org wide defaults
Setup > Sharing settings > Org-wide defaults
Can Sharing rules restrict access ?
No.
For example: an object with private/public read only can be granted additional access but sharing rules cannot restrict access to records beyond what was originally specified with org-wide defaults
How to share manually from a record ?
select record > down arrow of right corner next to > sharing
For which team the pre-defined team role is not listed and need to added before assigning users to the teams
1) Account Team
2) Opportunity Team
3) Case Team
Case Team
Navigation for Case layout
Case > select a case > settings gear icon > edit page > click details section > case page layout
or
Object manager > case > case page layout
Navigation for edit Field level security and view field accessibility
Object manager > select object > fields & relationships > select field > set field level security / view Field accessibility
Navigation for public groups
setup > public groups > create new or edit existing
What does the following control ?
1) Permission set and User profiles &
2) Roles
1) Object and Field level access
2) Record level access
Which settings can modify the permissions for records a user doesn’t own ?
Org-wide defaults can be set separately for each object
Enable self deactivation by users
Setup > Users management settings > user self deactivation
Activate Multi-factor authentication
Session settings > Multi-factor authentication (moved to “high assurance” section)
Profile > select the profile > session settings > edit > session security level required at login set to “high assurance”
How to set session time out ?
SetUp > Session settings > Force logout on session timeout
Also Disable session timeout warning popup can be set
Can login hours control set up at org level ?
No, Login hours can be controlled at the profile level
How to enable login forensics ?
setup > event manager > login event > enable storage
How to ensure only the permissions accessible to the org is enabled while cloning a profile ?
Setup > User management > enable “restricted profile cloning”