A company has four territory managers. Ten salespeople report to each manager.
Territory managers need to be able to see records related to each salesperson that they manage. Salespeople must be able to see only their own records.
What should you implement?
Role-based security ensures that individuals have access to only the records they are permitted to see based on their role within the organization. Territory managers can be assigned a role that allows them to view the records of all salespeople they manage, while salespeople can be assigned a role that restricts them to viewing only their own records. This aligns perfectly with the requirement that managers have broader access while salespeople have restricted access.
B. Role-based security is correct, there is no App-based security, check the article in the reference, it explains how role-based security model works
yes Radoslavov I agree with you
I agree.
Role based
This is correct. For the requirement specified, the team managers would be assigned 'Local' access (access records in users' BU only) whereas team members would be assigned 'Basic' access (access to records the user owns). This is all mentioned under the section Role-based Security at https://docs.microsoft.com/en-us/learn/modules/recognize-dynamics-365-security/6-security-model-driven-apps
Role based security is correct. There's nothing like app based security
role based
role based
Role based
role-based security is the absolute answer. period!!!
The correct answer should be D. What was described is exactly security based at the field level, and not role level. You can have two people have the same role, but when they have different field-level security, what they both see will be different, even if they are on the page
Having reviewed the question again, I am changing my answer to B (Role based security). The salesperson will have basic access level while the manager will local (deep or global if the managers have managers) access level
You are correct! This is how I understand it as well.... A Sales person is first given the Sales person PRIVILEGE. Then define the ACCESS LEVEL for that privilege for EACH sales person. Either Global, Deep, Local, Basic or None. A Territory manager would get an access level of LOCAL to see ALL records. A Sales person would get an access level of BASIC to see their own records only. BASIC = This access level gives a user access to records that the user owns, objects shared with the user, and objects shared with a team that the user is a member of. This level is the typical level of access for sales and service representatives. The application refers to this access level as user. LOCAL = This access level gives a user access to records in the user's business unit. Users who have local access have basic access automatically. Because this access level gives access to information throughout the business unit, restrict it to match the organization's data security plan. This level of access is for MANAGERS with authority over the business unit. The application refers to this access level as business unit.
You are correct! This is how I understand it as well.... A Sales person is first given the Sales person PRIVILEGE. Then define the ACCESS LEVEL for that privilege for EACH sales person. Either Global, Deep, Local, Basic or None. A Territory manager would get an access level of LOCAL to see ALL records. A Sales person would get an access level of BASIC to see their own records only. BASIC = This access level gives a user access to records that the user owns, objects shared with the user, and objects shared with a team that the user is a member of. This level is the typical level of access for sales and service representatives. The application refers to this access level as user. LOCAL = This access level gives a user access to records in the user's business unit. Users who have local access have basic access automatically. Because this access level gives access to information throughout the business unit, restrict it to match the organization's data security plan. This level of access is for MANAGERS with authority over the business unit. The application refers to this access level as business unit.
"Role-based security" is the correct answer.
I agree there is nothing like app based security.
I think they gave wrong typing on the answer. In this case it needs to be Record-based security You can use record-based security to control user and team rights to do actions on individual records. This security applies to instances of entities (records) and is provided by access rights. The owner of a record can either share or grant access to a record to another user or team. Once they share or grant access, users must choose which rights they're granting. For example, the owner of an account record can grant read access to that account information, but not grant write access. Access rights apply after user privileges. For example, if a user doesn't have the privileges to read account records, they'll be unable to view any account, whatever of the access rights another user might grant them through sharing.