Trailhead Week 2 - Tuesday

Question 1

By combining ________ ________ at different levels, you can provide just the right level of data access to thousands of users

Answer 1

security controls

Question 2

Access to _________ ________ is the simplest thing to control

Answer 2

object-level data

Question 3

You can restrict access to certain________, even if a user has access to the object. For example, you can make the salary field in a position object invisible to interviewers but visible to hiring managers and recruiters.

Answer 3

fields

Question 4

You can allow particular users to view an object, but then restrict the individual ______ _______ they’re allowed to see.

Answer 4

object records

Question 5

You can restrict access to certain ______, even if a user has access to the object

Answer 5

fields

Question 6

You can allow particular users to view an ______, but then restrict the individual object records they’re allowed to see.
(ex) an interviewer can see and edit her own reviews, but not the reviews of other interviewers.

Answer 6

object

Question 7

You use _________ ________ ________ to lock down your data to the most restrictive level, and then use the other record-level security and sharing tools to selectively give access to other users.

Answer 7

org-wide sharing settings

Question 8

______ ________ give access for users higher in the hierarchy to all records owned by users below them in the hierarchy

Answer 8

Role hierarchies

Question 9

________ ________ are automatic exceptions to organization-wide defaults for particular groups of users, so they can get to records they don’t own or can’t normally see.

Answer 9

Sharing rules

Question 10

________ _______ allows owners of particular records to share them with other users.
(ex) when a recruiter going on vacation needs to temporarily assign ownership of a job application to someone else

Answer 10

Manual sharing

Question 11

________ your system provides important information for diagnosing potential security issues or dealing with real ones.

Answer 11

Auditing

Question 12

You can configure access to data at all of the following levels, except:

Answer 12

page layouts

Question 13

Which of these is not a method for controlling record-level access?

Answer 13

profiles

Question 14

A profile is a collection of __________ and ___________.

Answer 14

settings & permissions

Question 15

The profiles functionality in an org depends on the user __________ type.

Answer 15

license

Question 16

Users can have only one profile, but they can have multiple ________ ________.

Answer 16

Permission sets

Question 17

You’ll be using permission sets for two general purposes:

Answer 17

1. to grant access to objects or apps
2. to grant permissions—temporarily or long term—to specific fields.

Question 18

When object-level permissions conflict with record-level permissions, the most _________ settings win.

Answer 18

restrictive

Question 19

Org-wide defaults specify the _______ level of access users have to each other’s records.

Answer 19

default

Question 20

Role hierarchies ensure managers have access to the _____ records as their subordinates.
- Each role in the hierarchy represents a level of data access that a user or group of users needs.

Answer 20

same

Question 21

Sharing rules are automatic exceptions to org-wide defaults for particular groups of users, to give them access to records they don’t own or can’t normally see.

Question 22

Profile controls what?

Answer 22

Controls what users can see & what they can do.

Question 23

Permission sets are

Answer 23

An extra level of access to settings for a user

Question 24

Permission sets

Answer 24

Combine multiple permission sets into a single group

Question 25

Permission sets group example

Answer 25

Multiple VPs… who do the same job throughout the world. Ex - Able to create a survey but unable to delete.

Question 26

Permission sets groups only ___ access

Answer 26

Grant. - they don’t take away excess.

Question 27

In any scenerio, __________ permissions will always win.

Answer 27

Profile. ex) even if the user owns the contact record, if their profile permissions don’t allow… profile trumps.

Question 28

When you’re the owner for a record or child record… you can

Answer 28

Edit Share Delete * as long as profile permissions allow

Question 29

For the records I don’t own… the _____________

Answer 29

Org wide setting control Ex) public, private, and hybrid. Ex) public read only

Question 30

The permissions on a record are always evaluated according to a combination of object-level, field-level, and __________ permissions.

Answer 30

Record-level permissions

Question 31

Record-level permissions offer layers of increasing access, so it's important to know which ___________________ are observed to understand the level of access a user has.

Answer 31

record-level permissions

Question 32

Org-wide defaults

Answer 32

specify the default level of access users have to each other’s records.

Question 33

Role hierarchies ensure managers have access to the

Answer 33

same records as their subordinates. - Each role in the hierarchy represents a level of data access that a user or group of users needs.

Question 34

Sharing rules are automatic exceptions to _______________ for particular groups of users, to give them access to records they don’t own or can’t normally see.

Answer 34

org-wide defaults

Question 35

Manual sharing lets record owners give ____________ permissions to users who might not have access to the record any other way.

Answer 35

read and edit

Question 36

A user’s baseline permissions on any object are determined by their _________.

Answer 36

profile

Question 37

If the user has any permission sets assigned, these also set the ___________ ____________ in conjunction with the profile.

Answer 37

baseline permissions

Question 38

Access to records a user does not own are set first by the ______________.

Answer 38

org-wide defaults

Question 39

If the org-wide defaults are anything less than ______________, you can open access back up for certain roles using the role hierarchy.

Answer 39

Public Read/Write

Question 40

You can use sharing rules to _______ _______to additional groups of users.

Answer 40

expand access

Question 41

Each record owner can manually share individual records with other users by using the _______ _________ on the record.

Answer 41

share button

Question 42

Org-wide defaults specify the baseline level of access that the most _________ user should have.

Answer 42

restricted

Question 43

Use org-wide defaults to ____ ______ your data

Answer 43

lock down

Question 44

Use the other record-level security and sharing tools (role hierarchies, sharing rules, and manual sharing) to ____ _______ the data to users who need it.

Answer 44

open up

Question 45

Org-wide defaults modify those permissions for records a user ________ own

Answer 45

doesn't

Question 46

Sharing rules work best when they're defined for a particular group of users that you can _________ or ________ in advance, rather than a set of users that frequently changes

Answer 46

determine or predict