Describe the Identity Confirmation Feature
The identity confirmation feature is what requires you to activate your computer to log in.
From Salesforce solution "What is the Identity Confirmation feature and how does it work?"
Criteria for Activation Process:
- Is the org using IP Login Restrictions on Profiles?
- Is the User logging in from an IP on the Trusted Network list?
- Have we seen this Activated User from this IP address before?
- If Activated once before, we add the IP to their personal list and never challenge them from that IP again.
- Each user has a list of IPs from which they’ve activated. (This list is not currently visible in the applciation.)
- Does the User have a cookie placed from Salesforce in this browser?
- We set a cookie on any browser that doesn’t have a cookie once a User has logged in.
- If they log in from a Trusted Network IP a cookie will be set in the browser.
Yes on any one of these = Pass on activation process
No on all of these = Initiate activation process
The activation process requires you to click "Send activation link" when you attempt to log in. Salesforce will then send you an email with a link that you must click to complete the activation process. You must click this link on the same computer that you intend to log in on- a blackberry or remote computer will not work.
Describe the differences between logging in through the API versus the UI
The user interface (UI) is logging into Salesforce using a web browser. If you are not a)connecting through a web browser and b)connected to https://xxx.salesforce.com then you are almost undoubtedly connecting through the API.
API access comes in many forms: Connect for Outlook, Salesforce Offline- basically any external application/website that references data in Salesforce uses API calls.
Explain the concept of Login Hours and Login IP ranges
Login hours are configured on a per-profile basis, Enterprise and up only.
Setup –> Manage Users –> Profiles
Login IP Ranges
By default, any user can connect from any IP address. When you add an IP range, then users can only connect from allowed networks. Login IP Ranges are configured depending on version:
Enterprise and up: Profile-based
Setup –> Manager Users –> Profiles
Professional and lower: Company-wide
Setup –> Security Controls –> Session Settings
Trusted Networks
If you are connecting from a trusted network, then you will not have to activate your computer or use a security token for API calls (a password alone will suffice). Add networks to the trusted list:
Setup –> Security Controls –> Network Access
From Salesforce solution "What is a Security Token and how does it work?"
Criteria for Security Token:
- Is this User / API call / client app logging in from an IP on the Trusted IP Range list?
- Does this User have IP Login Restrictions on their profile?
Yes on either of these will mean a pass on Security Token requirement
Add and delete an IP range
IP ranges are used for Login IP Ranges and Trusted Networks. Use a start IP and an end IP, and it will register all IP addresses between.
Describe the different methods to allow access to the application
There are several methods to access the program:
Web browers (UI)
API access (3rd party programs, websites, etc.). The API is only available to Enterprise Edition and up.
Mobile application (Blackberry)
Access is granted by creating a user with a set profile. This profile restricts access hours and API access. Mobile access is licensed per user and assigned as such.
On the practice test, I had this question, it doesn’t make sense to me. Am I missing something or is this question wrong? If you select the bypass feature, why would it not do it?
Thanks as I am confused about this one.
Q.4) Which of the following will not bypass Identity Confirmation? (select one)
A. The user’s profile has IP login restrictions enabled. (your answer)
B. The user has logged into Salesforce previously from their current IP address.
C. The user has activated this computer before and has a stored activation cookie.
D. The user’s record has the “Bypass User Identity Confirmation” checkbox enabled. (correct answer)
E. The user is logging in from an IP address within the list of trusted networks.
Its a trick question- there is no “Bypass User Identity Confirmation” checkbox.
And this is why I hate this test and these types of tests.
Trick questions are stupid.
Hi John,
Can you please explain me in detail why is the answer D correct in the above question ? I am confused. I would really appreciate your help
thanks
You cannot bypass the identity confirmation feature. No checkbox exists to check, therefore is not the correct answer.
I still think that A is also a correct answer. If the login restriction is enabled, then you could NOT bypass, correct?
No such option exists, therefore not a valid answer
So, from this post string, I am getting that there is no correct answer for this question because there is no such thing as a “Bypass User Identity Confirmation”, nor is there an option in the profiles setup to enable login restrictions.
I have found quite a few errors in the proprof.com practice exam, making studying for the exam frustrating.
I would like to reason out each option here:
a)if ip login restrictions are enabled,then wen yu login from the activated ip address, YOU CAN BY-PASS.
b)if logged in previously with current ip address, then also no activation required, YOU CAN BY-PASS.
c)”by pass user confirmation” checkbox doesnt exist.
d)ip address belongs to trusted networks range,so no activation required, YOU CAN BY-PASS.
So, the option has to be C….:)
Please reply if am wrong….its a valid question