Interview questions: Data Security Flashcards
- What is the profile?
A profile in Salesforce is a group/collection of settings and permissions that define what
a user can do in Salesforce. Profile is the most restricted privilege granted to a user.
- How many profiles can be assigned to one user?
A profile can be assigned to one user.
- What is permission set?
Permission sets in salesforce.com are the combination of different settings and
permission sets given to user to access records and files. Permission sets extend user
privileges by granting additional permissions to the user
- Difference between profiles and permission sets?
Profiles : In Object level Security, Profiles are assigned to the user by system
administrator. A profile can be assigned to many users where as a user can have only
one Profile.
Permission Sets : In this Permission sets we define the access level of the user.
Generally we determine what a user can do in the applications. These are used to grant
additional permission to a user.
- Tell me about Field-Level Security?
In field level security, we control the user what to see, edit, delete of a particular field in
the object.
Field Level Security can be controlled by Profiles and Permission sets.
- What are Login Hours and Login IP Ranges?
Login hours are set in an organization to restrict the user‘s who tries to login before or
after login hours.
IP ranges are used to restrict any login attempt is done from unknown IP addresses.
Usually organizations maintain login IP ranges.
- What is a User Record?
User records consist key information about the user.
- What is a Record Owner?
The User or Queue who controls and have the right to access a record.
- What are Organization Wide Defaults?
Organization wide Defaults define the baseline level of access to data records for all
users in an Organization. Organization wide Defaults(OWD) can be defined for
Standard Objects and Custom Objects.
- How many ways can we share a record?
Records can be shared in 5 types they are
* Role Hierarchy.
* Organization Wide Defaults.
* Manual Sharing.
* Criteria Based Sharing Rules.
* Apex Sharing.
- Can we use sharing rules to restrict data access?
No, sharing rules cannot restrict data access.
- Can you describe the differences between a Role and a Profile?
Roles & Profiles are two fundamental concepts of the Salesforce platform. They control
what users can see and do on the platform.
Profiles control what a user can do on the platform, for example, they control what kind
of access rights a user has to a certain object, such as create, read, edit, or delete.
They also control individual permissions such as ―Export Reportsǁ, ―Create
Dashboard Foldersǁ, or ―Modify All Dataǁ.
Roles, on the other hand, are used to control what users can see. They are designed to
open up access through a hierarchy so that more senior members of the organisation
can see more records. For example, someone at the bottom of the hierarchy, like an
Account Executive, might be only able to see their own accounts. But the VP Sales US,
would be able to see all accounts owned by individuals below them.
13- What is an Audit trail?
If an organization has various Salesforce Administrators, the Audit trail lets you track all
the recent changes made by other admins. It can store up to 6 months of data.
- Is it possible to create sharing rules for detail object?
No, we can‘t create sharing rules for details objects because they don‘t have owner field
- What is “View all” and “Modify all” permission?
View all and Modify all permissions are usually given to system administrator. When you
grant ―View Allǁ or ―Modify Allǁ for an object on a profile or permission set, you grant
any associated users access to all records of that object regardless of the sharing and
security settings.
