"Salesforce Certified Administrator Exam: Universal Container Security Enhancement"
Question
Universal Container is a company that deals with Financial data.
The chief security officer has requested from the Salesforce Admin to make sure all the employees supply more than their username and password every time they try to access the company's Salesforce org.
What can the Salesforce Admin do to achieve this? Choose 3 answers.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: A, B, and C
Two-factor authentication is the most effective way to protect your org's user accounts.
As a Salesforce admin, amplify your org's security by requiring a second level of authentication for every user login.
You can also require two-factor authentication when a user meets certain criteria, such as attempting to view reports or access a connected app.
To make sure that the right security level is associated with the two-factor authentication login method.
It's important to do this step before you set up a 2FA requirement for any admin users.
Otherwise, you could prevent yourself or other admins from logging in.
From Setup, enter Session Settings in the Quick Find box, then select Session Settings.
Under Session Security Levels, make sure that two-factor authentication is in the High Assurance category.
Then a permission set is needed.
A permission set is a collection of settings and permissions that gives users access to various Salesforce features, including two-factor authentication.
Option D is incorrect because we don't have an option to enable security settings feature at user record.
To ensure more secure access to the Salesforce org for Universal Container, the Salesforce Admin can implement two-factor authentication, which requires users to provide an additional piece of information along with their username and password. This additional information can be something they know, something they have, or something they are.
To achieve this, the Salesforce Admin can take the following actions:
Set the session security level for two-factor authentication: By setting the session security level to require two-factor authentication, the Salesforce org will require users to provide additional information beyond their username and password to access the org. This can be done by navigating to Setup > Session Settings and setting the session security level to "High Assurance."
Create a permission set for two-factor authentication: The Salesforce Admin can create a permission set that requires two-factor authentication for users who need access to sensitive data or functions. This can be done by creating a new permission set, adding the "Two-Factor Authentication for User Interface Logins" permission, and assigning the permission set to the appropriate users.
Enable high security settings feature under the user record: The Salesforce Admin can also enable the "High Assurance Session Setting" feature under the user record for individual users. This will require these users to provide additional information beyond their username and password to access the org.
It's worth noting that the chief security officer may have specific requirements for the type of two-factor authentication that should be used, such as using a security token or a mobile app. Therefore, it's important for the Salesforce Admin to work closely with the chief security officer to implement the appropriate level of security for Universal Container's Salesforce org.
