Implementing Data Security Strategy for University Department | PL-600 Exam Question

Correct Answers: A, D and F

Dataverse provides column (field) security level on a column-by-column basis for all custom and most system columns.

Column-level security gives users more granularity.

It has a global scope.

You need to be cautious about using this feature.

You can enable record-level security on the table level.

If you enable the column-level of security, it will override the record or table levels for this column.

The field will be visible on the app's screen and marked as secured with the stars for the field value and a lock sign on the field's side.

The field would return the null value in your app.

For management simplification, Dataverse groups the secured column (field) permissions into a profile.

Only admin and members of a Field Security Profile can see the column value.

A system administrator can grant access to the profiles to specific users or teams.

Suppose you need to secure access to the column (GPA) for one group, e.g., department staff.

First, you need to enable column security for the GPA.

Then, you create a Field security profile for the department staff.

And, finally, add the GPA field permission for Allow Read with "Yes" to the security profile.

Option A is correct because you need to add the GPA column to the security profile Staff with “Yes” to Allow Read permission.

Option D is correct because you need to create a security profile Staff and add the department staff as the profile members.

Option F is correct because you need to enable column security for the GPA column.

All other options are incorrect because after column security for the GPA column is enabled, only the administrator can access this column.

Therefore, you do not need to create a security profile for the student workers because they are already locked out from column access.

For more information about Dataverse field-level (column-level) security, please visit the below URLs:

To implement the requirement of restricting access to the high school diploma score (GPA) for student workers and allowing access only to department staff, the following three steps can be taken:

1. Create a field security profile for Workers and add student workers as profile members: Creating a field security profile will allow for the customization of access levels for specific fields in the data model. In this case, a field security profile named "Workers" should be created to restrict access to the GPA column. Once created, student workers should be added as profile members. This will allow the necessary access to the system while also limiting their access to specific fields like GPA.

2. Add the GPA column to the security profile for Staff with "Yes" to Allow Read permission: The GPA column needs to be added to the security profile for Staff with "Yes" to Allow Read permission. This will give department staff the ability to read the GPA field. This permission is important because department staff needs access to the GPA data to effectively evaluate prospective students. By giving them read permission, they can access the data, but they cannot update it.

3. Add the GPA column to the security profile for Workers with "No" to Allow Read permission: The GPA column also needs to be added to the security profile for Workers with "No" to Allow Read permission. This will restrict student workers from reading the GPA data. Without read permission, student workers will not be able to access the GPA data, ensuring that the data is only accessible to department staff who need it.

Therefore, the three steps to implement the requirement are:

• Create a field security profile for Workers and add student workers as profile members
• Add the GPA column to the security profile for Staff with "Yes" to Allow Read permission
• Add the GPA column to the security profile for Workers with "No" to Allow Read permission.