Security And Access

Question 1

What does Manager Group Sharing allow?

Answer 1

It allows records to be shared up and down the management chain using the Manager field on the user record.

Question 2

How is field access controlled?

Answer 2

Field-level security is set at the profile or permission set level and can set fields to be read-only or not visible.

Question 3

How is record access controlled?

Answer 3

By using Object Permissions, Role Hierarchy, Manager Group Sharing, Sharing Settings (OWD), and Sharing Rules

Question 4

What does manual sharing allow?

Answer 4

It allows records to be manually shared with other users, roles, territories, and public groups. The access level can be set to read/write or read only.

Question 5

What are the high level steps to use Enterprise Territory Management?

Answer 5

Build a Territory, Assign Users to Territories, Create Territory Account Assignment Rules, Preview the Model, Activate the Model

Question 6

What does Enterprise Territory Management do?

Answer 6

It allows accounts to be assigned to territories automatically using territory assignment rules, and users to be assigned to territories.

Question 7

Why are custom profiles created?

Answer 7

If the permissions defined in a standard profile do not meet requirements. There are restrictions on what can be changed in a standard profile. A custom profile is fully customizable.

Question 8

What can a Delegated Administrator do?

Answer 8

Certain Admin functions, including unlocking users, resetting passwords, creating users, assigning profiles and public groups and managing custom objects

Question 9

What is a permission set?

Answer 9

A set of permissions that can be assigned to one or more users that gives additional permissions to what is defined in their profile. It can include almost all permissions in a profile, including object, field and system.

Question 10

Which territory access levels are available when organization-wide default sharing settings for Contacts is set to ‘Private’?

Answer 10

‘No Access’, ‘View’, and ‘View and Edit’

Question 11

What is used as an identifier for a particular kind of territory in a territory hierarchy?

Answer 11

Territory Type

Question 12

What represents a complete territory management system that includes a
territory hierarchy, assignment rules and assigned users?

Answer 12

Territory Model

Question 13

What is a graphical representation of the entire territory structure in a territory model?

Answer 13

Territory Hierarchy

Question 14

Which organization-wide default sharing setting can be used for the Campaign Member object to allow all users to see only the campaign members associated with the campaigns they have access to?

Answer 14

Controlled by Campaign

Question 15

Which sharing setting allow a user to manual share their own user record with other users of an organization?

Answer 15

‘Manual User Record Sharing’ checkbox on the ‘Sharing Settings’ page in Set up

Question 16

Which organization-wide default sharing setting can be used for the Campaign Member object to allow all users to see only the campaign members associated with the campaigns they have access to?

Answer 16

Controlled by Parent

Question 17

With regard to record access, with capability is available when using the original territory management functionality?

Answer 17

Access can be granted to accounts and related opportunities and cases based on custom criteria, regardless of who owns the records.

Question 18

What are some of the customizations that are possible when managing a custom object as a delegated administrator?

Answer 18

Adding a picklist value to a field, creating a custom tab, modifying the page layout, etc.

Question 19

Which term is used in salesforce for a contact that does not have an associated account record?

Answer 19

Private Contact

Question 20

What can be done to allow a user to view all data in an organization?

Answer 20

Create and assign a permission set with ‘View All Data’ permission.

Question 21

When are sharing rules re-evaluated automatically?

Answer 21

When changes are made to groups, roles, and territories, sharing rules are re-evaluated to add or remove access as necessary.

Question 22

Which least-privilege profile allows users to access activities and Chatter features?

Answer 22

‘Minimum Access - Salesforce’ profile

Question 23

When managing a custom object, what cannot be modified by a delegated administrator?

Answer 23

Relationships on the object and organization-wide default sharing setting

Question 24

What protocol does social sign-on use?

Answer 24

OpenID Connect

Question 25

When Enterprise Territory Management is enabled, how can records by users in a territory be shared with users in another territory?

Answer 25

By setting up a sharing rule based on users assigned to a territory

Question 26

What password requirements can an administrator set?

Answer 26

Minimum password length, complexity, password history enforcement, expiration period, minimum password lifetime

Question 27

In Salesforce Classic, how can a user manually share a record with members of a territory?

Answer 27

By using the ‘Sharing’ button on the record and searching for & adding the territory in the ‘Share With’ column

Question 28

What does social sign-on enable?

Answer 28

Lets users login using credentials from a social network such as LinkedIn.

Question 29

When is identity verification invoked?

Answer 29

When a user logs in from an unrecognized (based on cookies) browser or device, and outside the trusted IP range.

Question 30

Which form of social sign on is enabled by default for all users?

Answer 30

Federated authentication

Question 31

Which authentication method lets users login with typing a password?

Answer 31

Lightning Login

Question 32

When configuring Login Discovery for My Domain, which interface should a Login Discovery Handler class implement?

Answer 32

MyDomainLoginDiscoveryHandler

Question 33

How can a 2-factor authentication code be provided?

Answer 33

Text message, email or an authenticator app

Question 34

What should be deployed to enable certificate-based authentication in an org?

Answer 34

My Domain