Security & Access Control

Question 1

Q. What are the key layers of security in Salesforce?

Answer 1

A. Organization-Level Security, Object-Level Security, Field-Level Security, and Record-Level Security.

Question 2

Q. What is Salesforce’s security model designed for?

Answer 2

A. To provide data protection while allowing flexible access control for different users.

Question 3

Q. What is organization-wide security in Salesforce?

Answer 3

A. Security settings that control access at the organization level, including IP restrictions, login hours, and multi-factor authentication.

Question 4

Q. What are Trusted IP Ranges?

Answer 4

A. A list of allowed IP addresses that can access Salesforce without requiring identity verification.

Question 5

Q. What are Login Hours?

Answer 5

A. Time restrictions applied to user profiles to control when they can log in.

Question 6

Q. What is Single Sign-On (SSO) in Salesforce?

Answer 6

A. A method that allows users to log in once and access multiple systems without needing separate credentials.

Question 7

Q. What authentication methods does Salesforce support?

Answer 7

A. Username-password, SAML-based SSO, OAuth, OpenID Connect, and Multi-Factor Authentication (MFA).

Question 8

Q. What are profiles in Salesforce?

Answer 8

A. Profiles define user permissions, object access, field-level security, and page layouts.

Question 9

Q. What is the difference between profiles and permission sets?

Answer 9

A. Profiles define base permissions for users, while permission sets grant additional permissions without modifying the profile.

Question 10

Q. What are standard and custom profiles?

Answer 10

A. Standard profiles come prebuilt in Salesforce, while custom profiles are created by administrators for specific needs.

Question 11

Q. How does object-level security work?

Answer 11

A. It is controlled via profiles and permission sets, determining whether a user can Create, Read, Edit, or Delete (CRUD) records of an object.

Question 12

Q. What is field-level security?

Answer 12

A. A setting that controls user access to specific fields within an object.

Question 13

Q. How can field-level security be controlled?

Answer 13

A. Via profiles and permission sets.

Question 14

Q. Can field-level security override object permissions?

Answer 14

A. Yes, even if a user has access to an object, they may be restricted from viewing or editing specific fields.

Question 15

Q. What is record-level security in Salesforce?

Answer 15

A. A mechanism that controls access to individual records based on ownership and sharing rules.

Question 16

Q. What are Organization-Wide Defaults (OWD)?

Answer 16

A. The baseline security settings that define the default access level for records in an object.

Question 17

Q. What are the different OWD settings?

Answer 17

A. Private, Public Read-Only, Public Read/Write, Public Read/Write/Transfer, and Controlled by Parent.

Question 18

Q. How do role hierarchies impact record access?

Answer 18

A. Users higher in the hierarchy automatically inherit access to records owned by users below them.

Question 19

Q. What are sharing rules in Salesforce?

Answer 19

A. Rules that grant additional record access to users based on record criteria.

Question 20

Q. What is manual sharing?

Answer 20

A. A feature that allows users to share individual records with specific users or groups.

Question 21

Q. What is the difference between manual sharing and sharing rules?

Answer 21

A. Manual sharing is done per record, while sharing rules are applied automatically to multiple records.

Question 22

Q. What is a permission set in Salesforce?

Answer 22

A. A collection of permissions that grant additional access to users without changing their profile.

Question 23

Q. What is a permission set group?

Answer 23

A. A collection of multiple permission sets that can be assigned to users for better access control.

Question 24

Q. When should you use permission sets instead of profiles?

Answer 24

A. When granting additional permissions to specific users without modifying their profile.

Question 25

Q. What are user roles in Salesforce?

Answer 25

A. Roles define a user’s position in the organization hierarchy and determine record visibility.

Question 26

Q. How do roles differ from profiles?

Answer 26

A. Profiles control object and field access, while roles control record visibility through sharing rules.

Question 27

Q. What is the difference between roles and public groups?

Answer 27

A. Roles are hierarchical, while public groups are collections of users for sharing purposes.

Question 28

Q. What is a delegated administrator?

Answer 28

A. A user assigned limited admin privileges to manage other users without full system access.

Question 29

Q. What is the purpose of the Sharing and Visibility Architecture?

Answer 29

A. To ensure the right users have the right level of access to data in Salesforce.

Question 30

Q. What are the key components of record sharing?

Answer 30

A. OWD, Role Hierarchy, Sharing Rules, Manual Sharing, and Teams.

Question 31

Q. What is the Apex Sharing Reason?

Answer 31

A. A feature that allows developers to create programmatic sharing rules for custom objects.

Question 32

Q. What is Salesforce Shield?

Answer 32

A. A security suite that includes encryption, event monitoring, and field audit tracking.

Question 33

Q. What is field audit tracking?

Answer 33

A. A feature that logs changes to specific fields for compliance and auditing.

Question 34

Q. How does Salesforce handle GDPR compliance?

Answer 34

A. By providing data privacy tools like Data Masking, Consent Management, and Data Export.

Question 35

Q. What are some best practices for Salesforce security?

Answer 35

• Use MFA for all users
• Follow the principle of least privilege
• Regularly audit user permissions
• Enable field-level encryption for sensitive data
• Use IP whitelisting and trusted networks

Question 36

Q. What is the Security Health Check in Salesforce?

Answer 36

A. A tool that assesses an org’s security settings and provides recommendations to improve security posture.