Advanced-Administrator Exam Results

The Setup Audit Trail is a tool that allows you to view and download a log of changes made in your org’s Setup area. The log shows up to 20 fields of information for each change, such as who made it, when it was made, what type of change it was, and what values were changed. You can use the Setup Audit Trail to track configuration changes directly in production and identify any unauthorized or problematic changes. One of the changes that the Setup Audit Trail tracks is when a user’s profile is changed and who changed it. This means that you can use the Setup Audit Trail to see when a user’s profile has been changed and who changed the data. References: https://help.salesforce.com/s/articleView?id=sf.monitorsetup.htm &type=5

Force logout on session timeout is the recommended security setting to configure because it prevents users from resuming their sessions after they time out due to inactivity, which reduces the risk of unauthorized access to Salesforce data from unattended devices. References: https://help.salesforce.com/s/articleView?id=sf.security_sessions_logout.htm &type=5

Permission sets are collections of settings and permissions that give users access to various tools and functions without changing their profile or requiring multiple profiles for users who perform different tasks across apps in your org. By assigning a permission set that has View All on Leads to the contractor, Cloud Kicks can grant them view access to all lead records without modifying their profile or creating a new one. References: https://help.salesforce.com/s/articleView?id=sf.perm_sets_overview.htm&type=5

A high assurance session is a type of session security level that requires users to verify their identity using a second factor of authentication, such as Salesforce Authenticator, a verification code, or a security key. Administrators can configure certain actions or permissions to require a high assurance session, such as exporting reports, viewing encrypted data, or accessing connected apps.

If users are able to run reports but are taken to a login screen and prompted for additional verification when they try to export a report, it could be because exporting is configured to require a high assurance session. This means that users need to use a second factor of authentication to export reports, even if they have already logged in with their username and password. References: https://help.salesforce.com/s/articleView?id=sf.identity_verification.htm &type=5 https://help.salesforce.com/s/articleView?id=sf.security_sessions.htm &type=5