Exam PL-600 All QuestionsBrowse all questions from this exam
Go to Exam
Question 64

HOTSPOT -

You are designing a Microsoft Power Platform solution for a company.

You have the following requirements:

✑ Users in the human resources department must be able to create tasks.

✑ Users in the human resources department must be able to assign cases to other users.

You create a table for cases and tasks. You need to recommend security settings to the company.

What should you recommend? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Hot Area:

    Correct Answer:

    Box 1: Assign only Create rights to activities

    You require the same set of Dataverse privileges and access rights to work with custom activities as those required to work with custom entities.

    Task-based privileges, at the bottom of the form, give a user privileges to perform specific tasks, such as publish articles.

    Box 2: Assign User-level assign rights to human resources case table.

    Record-level privileges define which tasks a user with access to the record can do, such as Read, Create, Delete, Write, Assign, Share, Append, and Append To.

    For user and team owned records, the access level choices for most privileges are tiered Organization, Business Unit, Business Unit and Child Business Unit or only the user's own records. That means for read privilege on contact, I could set user owned, and the user would only see their own records.

    Incorrect Answers:

    For security purposes, records that are organization owned, the only access level choices is either the user can do the operation or can't.

    Reference:

    https://docs.microsoft.com/en-us/power-platform/admin/security-roles-privileges https://docs.microsoft.com/en-us/power-platform/admin/wp-security-cds

Discussion
VJ345

For Create task, User needs read permission also. Ans: 1 --> B, 2-->D

BrettusMaximus

First answer is A Is doesn't say they need to read. The create could take place in a flow.

dudenKo

you need the Read right to see the activities, so Read is the minimum right to the table to be able to Create a row

KarthikSiva3535

question does not mention the need to read the created task. Just create will do. 1-> A; 2->D

OldHand1

No, you only need the read access if you are going to create and OWN the record. You can create it and somebody else can own it.

OldHand1

link here: https://learn.microsoft.com/en-us/power-apps/developer/data-platform/security-access-rights

dylan99

A user should see "You do not have permission to access these records" by creating a record without having read permission, so I think it's technically possible. Anyway @OldHand1, it looks (even from your link) that assigning read permission is the normal case, in which if someone needs to create a record he should be even able to see it if not specified a "ONLY create permission"

dylan99

Errata corrige: The Create privilege controls whether you can create a record. If you have the Create privilege with Local, Deep, or Global access, you can create records for other users. If you have Create and Read privileges with Basic access, you can create records for yourself. https://learn.microsoft.com/en-us/dynamics365/customerengagement/on-premises/developer/security-dev/use-record-based-security-control-access-records?view=op-9-1

seeusoubesse

I tried to create a task without read permission and was not able to do it, because I could not event see the button to create an activity. So regarding 1 it should be answer 'B'.

Icky

I think #1 is - 2: Create and Read rights. You need to be able to see the record that you have created after 7. Read is also required. #2 - 4: Assign organization level assign rights. They need to be able to assign cases to other users. It could be a case that anyone owns.

Ravikiran206

1-> B, 2-> C User level assign rights are enough.

Icky

It doesn't say that they need to be able to assign records that they own, only that they need to assign cases to other users, so I think organization is correct.

[Removed]

in such case they will be able to assign ony to themselves, which does not make sense

ClairFraser

I am with you. No one said they need to be able to assign ALL cases in the systems.

MrEz

it said caseS so it is plural and it does not limit it to own cases. and: hr assings cases to users work on. so probably here they manage the staff, who has how much to do. does not necessarily mean they create these cases.

CRMBug

1. B - Need Create along with Read 2. D - Can assign any cases to any user

MrEz

"You create a table for cases and tasks. " --> what??! next to the OOTB you create custom table for cases and tasks??! seriously :-(.

SashM

I think both answer are C.

OldHand1

First one is Create Rights only. You only need create to create a record. You do NOT need read in order to create a record, you just can't create and OWN it. Says as much in document here: https://learn.microsoft.com/en-us/power-apps/developer/data-platform/security-access-rights

Brooklyn_Itself

Users need read and write for activity creation for #1. Only need assign for #2. With my heavy critique that the prompt indicates these tables were "created" and not indicating that "tasks" are an activity table (out of box tasks are). The question itself lacks appropriate context.

radityoardi

The question lacks specificity. If you add 1 fact there, it can lead to a different answer completely.

Schinna

BD are correct

ymiya

Ans: 1 --> A, 2 --> C

lianguyen49

I would say, 1. Assign only Create rights to activities. Since the question only mention 'Users in the human resources department must be able to create tasks.' It does not mention about read access permission. 2. Assign user-level assign rights to the human resources case table According to the requirement, they need assign cases to other users. So case table should set as User-Level assign instead.