ADM-201 Question #57: Real Exam Question with Answer & Explanation

Question

What will happen when a user attempts to log In to Salesforce from an IP address that is outside the login IP range on the user's profile but within the organization-wide trusted IP range?

Options

• AThe user will be able to log in without activating the computer.
• BThe user will be able to log in after answering a security question.
• CThe user will not be able to log In at all.
• DThe user will be able to log in after the computer is activated.

Explanation

Salesforce enforces login IP restrictions at the profile level, which take precedence over organization-wide trusted IP ranges for allowing initial login access.

Common mistakes.

• A. Since the profile-level IP restriction prevents login, the user will not be able to access Salesforce, making any activation processes irrelevant.
• B. Answering a security question is a part of identity verification for untrusted IPs, but if login is blocked by profile IP restrictions, the user cannot even reach the identity verification step.
• D. The user will be denied login access due to profile IP restrictions, so the system activation process, which is typically bypassed by trusted IP ranges anyway, will not occur.

Concept tested. Salesforce login IP restrictions hierarchy

Reference. https://help.salesforce.com/s/articleView?id=sf.security_networkaccess.htm&type=5

No community discussion yet for this question.