OrgScan
One of the most dangerous levels of access you can give a user.
What is Modify & Delete All Data?
A server hosting more than one customer.
What is a Multi-Tenant Cloud?
You can set up ________ in CodeScan, where if code does not meet your set requirements, it will not get promoted.
What are Quality Gates?
Represents the type of data being stored inside of Salesforce. “Phone Number” is an example.
What is a Field?
Commonly used to distribute and sell applications to customers.
What are managed packages?
These allow you to visualize the security of your instance in OrgScan.
What are Dashboards?
Salesforce only allows this many records to be restored at a given time.
What is 10,000?
CodeScan offers an integration with your IDE so that you can check the code as it's being written. The initiative of moving your security process as early in your SDLC as possible is called _________.
What is Shifting Left?
Salesforce is built using a ____________ security model, which means that profiles, permission sets, & roles provide increasing levels of access to users.
What is Layered?
An isolated environment that executes a CI job.
What is a CI Runner?
The new OrgScan module adds customizable ________ rules specifically for scanning your user’s profiles and permission sets.
What is 200?
A customer asks AutoRABIT to provision a shared instance for Vault. This provider is the default.
What is AWS?
Bad or unnecessary code living in a company’s Salesforce instance that requires removal or rework.
What is Technical Debt?
An Admin should use OrgScan ____________ to ensure that their Salesforce instance is abiding by their InfoSec team’s compliance requirements.
What are Policies?
What APEX stands for.
What is Advanced Programming Experience?
What SAST stands for.
What is Static Application Security Testing?
Certain ____________ are unable to be backed up from Salesforce, a limitation that all tools on the market face.
What are Metadata Types?
This type of scan is run if you are just looking to scan your brand-new code, and not any existing code that had been previously scanned.
What are Delta Scans?
Occasionally referred to as “properties” in Salesforce.
What is a Field?
These webpages are created using a unique tag-based Mark-up language and provided custom UI’s for Salesforce Classic.
What are Visualforce Pages?
This method of security testing is the opposite of a SAST tool and tests an application from the outside in and can discover run-time and environment-related issues.
What is Dynamic Application Security Testing (DAST)?
The only Safeguard feature not applicable to Vault.
What is VPN Service?
CodeScan customers can utilize all security features of the Safeguard module, except SIEM audit logging and _________.
What is Key Management?
If I wanted to assign a user both “Manager” and “Developer” access capabilities (pre-defined in the system), what would I use to grant these?
What are Permission Sets?
This API allows you to create, manipulate, and search data in Salesforce by sending HTTP requests to endpoints in Salesforce.
What is REST API?