OrgScan
Out of the Vault
The Gates of Code Smell
The Admin Diaries
Mix It Up
100

One of the most dangerous levels of access you can give a user.

What is Modify & Delete All Data?

100

A server hosting more than one customer.

What is a Multi-Tenant Cloud?

100

You can set up ________ in CodeScan, where if code does not meet your set requirements, it will not get promoted.

What are Quality Gates?

100

Represents the type of data being stored inside of Salesforce. “Phone Number” is an example.

What is a Field?

100

Commonly used to distribute and sell applications to customers.

What are managed packages?

200

These allow you to visualize the security of your instance in OrgScan.

What are Dashboards?

200

Salesforce only allows this many records to be restored at a given time.

What is 10,000?

200

CodeScan offers an integration with your IDE so that you can check the code as it's being written. The initiative of moving your security process as early in your SDLC as possible is called _________.

What is Shifting Left?

200

Salesforce is built using a ____________ security model, which means that profiles, permission sets, & roles provide increasing levels of access to users.

What is Layered?

200

An isolated environment that executes a CI job.  

What is a CI Runner?

300

The new OrgScan module adds customizable ________ rules specifically for scanning your user’s profiles and permission sets.

What is 200?

300

A customer asks AutoRABIT to provision a shared instance for Vault. This provider is the default.

What is AWS?

300

Bad or unnecessary code living in a company’s Salesforce instance that requires removal or rework.

What is Technical Debt?

300

An Admin should use OrgScan ____________ to ensure that their Salesforce instance is abiding by their InfoSec team’s compliance requirements.

What are Policies?

300

What APEX stands for.

What is Advanced Programming Experience?

400

What SAST stands for.

What is Static Application Security Testing?

400

Certain ____________ are unable to be backed up from Salesforce, a limitation that all tools on the market face.

What are Metadata Types?

400

This type of scan is run if you are just looking to scan your brand-new code, and not any existing code that had been previously scanned.

What are Delta Scans?

400

Occasionally referred to as “properties” in Salesforce.

What is a Field?

400

These webpages are created using a unique tag-based Mark-up language and provided custom UI’s for Salesforce Classic.

What are Visualforce Pages?

500

This method of security testing is the opposite of a SAST tool and tests an application from the outside in and can discover run-time and environment-related issues.

What is Dynamic Application Security Testing (DAST)?

500

The only Safeguard feature not applicable to Vault.

What is VPN Service?

500

CodeScan customers can utilize all security features of the Safeguard module, except SIEM audit logging and _________.

What is Key Management?

500

If I wanted to assign a user both “Manager” and “Developer” access capabilities (pre-defined in the system), what would I use to grant these?

What are Permission Sets?

500

This API allows you to create, manipulate, and search data in Salesforce by sending HTTP requests to endpoints in Salesforce.

What is REST API?