function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Mike McNeeley 8Mike McNeeley 8 

Superfluous and misleading requirements in Trailhead Security Superbadge

Hey everyone,

I just completed the Security Superbadge and I found it rather confusing...not because it's particularly difficult to pass the individual steps/challenges, but because there are several red herrings that led me to believe I had to implement things that weren't actually tested. Examples:
  1. Remote workers must use VPN to access Salesforce.
  2. All mobile users must use two-factor authentication (2FA).
  3. All mobile users must be individually approved by the admin.
  4. Customer SSN and Bank Account fields on contact records must be encrypted.
None of these are checked in their entirety. Numbers 1, 3 and 4 are not ever checked in any way. I might just lack the knowledge here, but are numbers 2 & 3 even possible? That is, can you make 2FA only required on mobile? I don't even know what "individually approved by the admin" means in relation to mobile access. To that end, does it mean Salesforce1 or does it mean mobile browser loading Classic? In either case - is it even possible to prevent access to both from a profile-level perspective?

This challenge took me a while because of these red herrings. When I finally realized they're just superfluous I was able to easily breeze through the challenges. (Pretty frustrating experience...)
SandhyaSandhya (Salesforce Developers) 
Hi,

If you felt there is something to be fixed in this challenge content you can always provide feedback by clicking Feedback link on the same page.Moreover, the team can look into this.

Thanks and Regards
Sandhya

 
Mike McNeeley 8Mike McNeeley 8
Will do, thanks :)
weno bakweno bak
Greetings, I must say it was a very exceptional adventure for me personally when I called in at your website. I hope you don't mind if I congratulate you on the excellent quality of the work and also to send your team bon chance as you move on in the future. It was definitely a pleasure to look at your website and I'll most certainly be calling back again before long to discover just how you are getting on. Cheers and with a bit of luck I'll see you here once again before the year is out - Logan Conversions. If you are interesting in gaming stuff then please visit my website gtacheatcode.com or you also click here for GTA 5 money cheats code.