Saturday, 11 August 2018

Salesforce Data Security & Sharing Real Time Scenario's


1. What are the different way's to provide security in Salesforce?

1. Organization Level Security:

    • Network Access
    • Login IP Ranges
    • Login Hours

2. Object Level Security :

    • Objects
    • Permission Sets

3. Record Level Security :

    • Organization Wide Defaults [Private /Public Read Only]

4. Field Level Security :

2. What are the different ways of sharing a record?

  • Manual Sharing
  • Criteria Based Sharing
  • Apex Managed Sharing
  • Role Hierarchy Based Sharing
  • OWD Public Read /Write

3. When you see the Sharing Button  on a record?

If organization wide defaults of the object are Private /Public Read Only 

4. Can we use Permission Set for restricting the access?
No, Permission Sets are used to grant access.
Ex: Profile has permission on Lead & Account ,Only specific user of that profile need permission on Campaign object then permission set is created and assigned that to the user

5. If 2 profile users have same role will be able to see each other's record?
If Organization Wide Defaults on those objects are Private then not possible to see.

6. With whom can share record ?


7. Is it possible to rename tab and object name based on Profile / App?

 No,It's not possible,But an idea is posted for the same.Refer

8. Is it possible to restrict the visibility of list views by profile ?

It's not possible to restrict access with profiles.You can do using Roles & Public Groups. Refer.



9. How is record type access specified ?


By Profiles / Permission Sets or Combination of both





10.Explain scenario for Apex Managed Sharing?

Apex managed sharing used to share the records pragmatically,

StanrdObjectShare
MyCustomObject__Share

Ex: 
When lead converts to opportunity ,The owner of lead will not be able to view the opportunity So based on business requirement to provide the view then can be achieved using "Apex Managed Sharing" 

11.The "With Sharing" keyword enforces the user's permission, FLS, and sharing rules?

No,it only enforces sharing rules

12.A class declared as "with sharing" can call code that operates as "without sharing" ?
Yes,If an inner class is declared as “Without Sharing”,It will execute without enforcing the
sharing rules that apply to the context user.

13.What is Sharing Reason ?
Create Apex sharing reasons for individual custom objects to indicate why sharing was
implemented,
This allows users and administrators to understand the purpose of the sharing.

  • Only users with the “Modify All Data” permission can add, edit, or delete sharing that
  • uses an Apex sharing reason.
  • Deleting an Apex sharing reason will delete all sharing on the object that uses the reason.
  • You can create up to 10 Apex sharing reasons per custom object.
  • You can create Apex sharing reasons using the Metadata API


14.Configure child objects to be Controlled by Parent whenever possible can you avoid creating implicit shares?
True


15.What is the deferred Sharing ?
16.What is granular locking ?
17.Encrypted fields can be converted into another data type ?
The option to change the data type of a custom field is not available for all data types.
For example, existing custom fields cannot be converted into encrypted fields nor can
encrypted fields be converted into another data type.

1 comment: