Examice

Exam PEGAPCSSA87V1 All QuestionsBrowse all questions from this exam

Question 30

An application includes three case types. A business requirements states that members of the App:Users access role cannot run reports for one of the case types.

Which configuration can you apply to satisfy this requirement?

Use an Access When record to verify that the user role has access to the Run reports action.

Use an Access When record to verify that the case type has access to the Run reports action.

Use an automation to verify that the user does not have the App:Users access role.

Use an Access Deny record to set the Run reports action to No Access.

Correct Answer: D

To restrict members of the App:Users access role from running reports for one specific case type, an Access Deny record should be used. This configuration allows you to explicitly deny the Run reports action for the specified case type while allowing other actions or access in the system. Access Deny records specify actions, like running reports, that should not be allowed for certain user roles, making it the appropriate solution for this requirement.

Discussion

khushi1982Option: D

Answer is D. Access deny Access deny records deny actions on class instances, such as opening cases or running reports. You cannot use an Access deny record to deny access to tools or individual records explicitly. Access deny records are indicated on the Access Manager. For example, users are explicitly denied the ability to delete New vendor cases.

PalazzoOption: B

Answer should be B: In an Access Role, an Access When rule is configured on the class for which reports cannot runned. This Access Role is then added to the Access Group for users that are not allowed to run the reports. By the way, the line "...members of the App:Users access role..." is not correct. A user is not a member of an access role, a user has an access role via it's access group.

Pradeep5Option: D

Answer should be 'D'

kmrkOption: D

Its option D

Alex1999

I'm thinking this is A or D, does anyone have an explanation?

Nathalee

Based on the scenario that the members of App:Users cannot run reports for ONE of the case types (and not all three of them, just one), it is best to use an Access When record. For a better explanation, here are the links from Pega: https://academy.pega.com/topic/attribute-based-access-control-abac-security-model/v3#p-80d5c843-ef71-429f-be0b-33465bc3c2cf https://docs.pega.com/bundle/platform-88/page/platform/security/access-when-rules.html