Security and Access Flashcards
• Explain the various organization security controls (e.g., passwords, IP restrictions, identity confirmation, network settings). • Given a user request scenario, apply the appropriate security controls based on the features and capabilities of the Salesforce sharing model (e.g., organization-wide defaults, roles and the role hierarchy, manual sharing, sharing rules and public groups). • Given a scenario, determine the appropriate use of a custom profile or permission set using the various pro
What checks are done when users try to access a Salesforce Organization?
Profile Level Login Hours, Profile Level IP Ranges, Company Level Trusted IP Ranges, Activation Code Validation
What are the Standard Profiles?
Standard User, Solution Manager, Marketing User, Contract Manager, Read Only, System Administrator
How and why are Custom Profiles created?
There are restrictions on what can be changed on a standard profile. Custom profiles are created by cloning a standard profile.
How is Object Access controlled?
Object access is controlled at the profile level including permissions and visibility to the tab.
What are Permission Sets?
A group of permissions and settings that can be assigned to one or more users.
What do Organization Wide Default Settings do?
Determine access to records the user does not own.
How is the Role Hierarchy related to record access?
Users will have access to other users records if they have a role above the record owner in the role hierarchy.
What does Field Level Security control?
Controls if a field is visible or read only at the profile level.
How do Sharing Rules work?
Rules can be created to grant access to groups of users for certain records based on record owner or criteria.
What is Manual Sharing?
Manual Sharing allows a user to use the ‘Sharing’ button to grant access to a specific record to other users, roles or public groups.
What should be considered when changing OWD settings?
If increasing default access, changes will take effect immediately. If decreasing, changes may take significant time depending on data volumes.
How does the Security Health Check work?
Security Health Check measures setting values in Password Policies, Network Access Config and Session Settings against baseline values and calculates a percentage score to indicate risk. 100% means all settings meet or exceed the standard.
What are some considerations regarding Platform Encryption?
Only works on certain standard objects. Some apps and functionality will not work with encrypted fields. Extra cost as it is an add on subscription.
When is identity verification invoked?
When a user logs in from an unrecognized (based on cookies) browser or device and outside the trusted IP range.
What are Folders used for?
To store and organize reports, documents, dashboards and email templates.
