ExamGecko

Salesforce Certified Identity and Access Management Architect Practice Test - Questions Answers, Page 9

List of questions

Question 81

Report
Export
Collapse

Universal containers (UC) has implemented SAML SSO to enable seamless access across multiple applications. UC has regional salesforce orgs and wants it's users to be able to access them from their main Salesforce org seamless. Which action should an architect recommend?

Configure the main salesforce org as an Authentication provider.
Configure the main salesforce org as an Authentication provider.
Configure the main salesforce org as the Identity provider.
Configure the main salesforce org as the Identity provider.
Configure the regional salesforce orgs as Identity Providers.
Configure the regional salesforce orgs as Identity Providers.
Configure the main Salesforce org as a service provider.
Configure the main Salesforce org as a service provider.
Suggested answer: B
asked 23/09/2024
Louis Flink
43 questions

Question 82

Report
Export
Collapse

Universal Containers (UC) is both a Salesforce and Google Apps customer. The UC IT team would like to manage the users for both systems in a single place to reduce administrative burden. Which two optimal ways can the IT team provision users and allow Single Sign-on between Salesforce and Google Apps ? Choose 2 answers

Build a custom app running on Heroku as the Identity Provider that can sync user information between Salesforce and Google Apps.
Build a custom app running on Heroku as the Identity Provider that can sync user information between Salesforce and Google Apps.
Use a third-party product as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
Use a third-party product as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
Use Identity Connect as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
Use Identity Connect as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
Use Salesforce as the Identity Provider and Google Apps as a Service Provider and configure User Provisioning for Connected Apps.
Use Salesforce as the Identity Provider and Google Apps as a Service Provider and configure User Provisioning for Connected Apps.
Suggested answer: B, D
asked 23/09/2024
Musa Aldarawsheh
35 questions

Question 83

Report
Export
Collapse

Which three are capabilities of SAML-based Federated authentication? Choose 3 answers

Trust relationships between Identity Provider and Service Provider are required.
Trust relationships between Identity Provider and Service Provider are required.
SAML tokens can be in XML or JSON format and can be used interchangeably.
SAML tokens can be in XML or JSON format and can be used interchangeably.
Web applications with no passwords are more secure and stronger against attacks.
Web applications with no passwords are more secure and stronger against attacks.
Access tokens are used to access resources on the server once the user is authenticated.
Access tokens are used to access resources on the server once the user is authenticated.
Centralized federation provides single point of access, control and auditing.
Centralized federation provides single point of access, control and auditing.
Suggested answer: A, D, E
asked 23/09/2024
gregory koontz
42 questions

Question 84

Report
Export
Collapse

Universal Containers (UC) uses Salesforce to allow customers to keep track of the order status. The customers can log in to Salesforce using external authentication providers, such as Facebook and Google. UC is also leveraging the App Launcher to let customers access an of platform application for generating shipping labels. The label generator application uses OAuth to provide users access. What license type should an Architect recommend for the customers?

Customer Community license
Customer Community license
Identity license
Identity license
Customer Community Plus license
Customer Community Plus license
External Identity license
External Identity license
Suggested answer: B
asked 23/09/2024
Reginald Curtis Jr
35 questions

Question 85

Report
Export
Collapse

Containers (UC) uses a legacy Employee portal for their employees to collaborate. Employees access the portal from their company’s internal website via SSO. It is set up to work with SiteMinder and Active Directory. The Employee portal has features to support posing ideas. UC decides to use Salesforce Ideas for voting and better tracking purposes. To avoid provisioning users on Salesforce, UC decides to integrate Employee portal ideas with Salesforce idea through the API. What is the role of Salesforce in the context of SSO, based on this scenario?

Service Provider, because Salesforce is the application for managing ideas.
Service Provider, because Salesforce is the application for managing ideas.
Connected App, because Salesforce is connected with Employee portal via API.
Connected App, because Salesforce is connected with Employee portal via API.
Identity Provider, because the API calls are authenticated by Salesforce.
Identity Provider, because the API calls are authenticated by Salesforce.
An independent system, because Salesforce is not part of the SSO setup.
An independent system, because Salesforce is not part of the SSO setup.
Suggested answer: D
asked 23/09/2024
Yun-Ting Lo
38 questions

Question 86

Report
Export
Collapse

Universal Containers (UC) uses middleware to integrate multiple systems with Salesforce. UC has a strict, new requirement that usernames and passwords cannot be stored in any UC system. How can UC’s middleware authenticate to Salesforce while adhering to this requirement?

Create a Connected App that supports the JWT Bearer Token OAuth Flow.
Create a Connected App that supports the JWT Bearer Token OAuth Flow.
Create a Connected App that supports the Refresh Token OAuth Flow
Create a Connected App that supports the Refresh Token OAuth Flow
Create a Connected App that supports the Web Server OAuth Flow.
Create a Connected App that supports the Web Server OAuth Flow.
Create a Connected App that supports the User-Agent OAuth Flow.
Create a Connected App that supports the User-Agent OAuth Flow.
Suggested answer: A
asked 23/09/2024
David Hartnett
45 questions

Question 87

Report
Export
Collapse

In a typical SSL setup involving a trusted party and trusting party, what consideration should an Architect take into account when using digital certificates?

Use of self-signed certificate leads to lower maintenance for trusted party because multiple selfsigned certs need to be maintained.
Use of self-signed certificate leads to lower maintenance for trusted party because multiple selfsigned certs need to be maintained.
Use of self-signed certificate leads to higher maintenance for trusted party because they have to act as the trusted CA
Use of self-signed certificate leads to higher maintenance for trusted party because they have to act as the trusted CA
Use of self-signed certificate leads to lower maintenance for trusting party because there is no trusted CA cert to maintain.
Use of self-signed certificate leads to lower maintenance for trusting party because there is no trusted CA cert to maintain.
Use of self-signed certificate leads to higher maintenance for trusting party because the cert needs to be added to their truststore.
Use of self-signed certificate leads to higher maintenance for trusting party because the cert needs to be added to their truststore.
Suggested answer: C
asked 23/09/2024
Carlos Augusto Quintal
29 questions

Question 88

Report
Export
Collapse

After a recent audit, universal containers was advised to implement Two-factor Authentication for all of their critical systems, including salesforce. Which two actions should UC consider to meet this requirement? Choose 2 answers

Require users to provide their RSA token along with their credentials.
Require users to provide their RSA token along with their credentials.
Require users to supply their email and phone number, which gets validated.
Require users to supply their email and phone number, which gets validated.
Require users to enter a second password after the first Authentication
Require users to enter a second password after the first Authentication
Require users to use a biometric reader as well as their password
Require users to use a biometric reader as well as their password
Suggested answer: A, D
asked 23/09/2024
Malik Spamu
40 questions

Question 89

Report
Export
Collapse

Universal containers (UC) uses an internal company portal for their employees to collaborate. UC decides to use salesforce ideas and provide the ability for employees to post ideas from the company portal. They use SAML-BASED SSO to get into the company portal and would like to leverage it to access salesforce. Most of the users don't exist in salesforce and they would like the user records created in salesforce communities the first time they try to access salesforce. What recommendation should an architect make to meet this requirement?

Use on-the-fly provisioning
Use on-the-fly provisioning
Use just-in-time provisioning
Use just-in-time provisioning
Use salesforce APIs to create users on the fly
Use salesforce APIs to create users on the fly
Use Identity connect to sync users
Use Identity connect to sync users
Suggested answer: B
asked 23/09/2024
Lonely Sayi
30 questions

Question 90

Report
Export
Collapse

Universal containers (UC) has an e-commerce website while customers can buy products, make payments, and manage their accounts. UC decides to build a customer Community on Salesforce and wants to allow the customers to access the community for their accounts without logging in again.

UC decides to implement ansp-Initiated SSO using a SAML-BASED complaint IDP. In this scenario where salesforce is the service provider, which two activities must be performed in salesforce to make sp-Initiated SSO work? Choose 2 answers

Configure SAML SSO settings.
Configure SAML SSO settings.
Configure Delegated Authentication
Configure Delegated Authentication
Create a connected App
Create a connected App
Set up my domain
Set up my domain
Suggested answer: A, D
asked 23/09/2024
Oleksii Derevianchenko
33 questions
Total 248 questions
Go to page: of 25
Search

Related questions