ExamGecko

Salesforce Certified Identity and Access Management Architect Practice Test - Questions Answers, Page 16

List of questions

Question 151

Report
Export
Collapse

Northern Trail Outfitters (NTO) wants to give customers the ability to submit and manage issues with their purchases. It is important for NTO to give its customers the ability to login with their Amazon credentials.

What should an identity architect recommend to meet these requirements?

Configure a predefined authentication provider for Amazon.
Configure a predefined authentication provider for Amazon.
Create a custom external authentication provider for Amazon.
Create a custom external authentication provider for Amazon.
Configure an OpenID Connect Authentication Provider for Amazon.
Configure an OpenID Connect Authentication Provider for Amazon.
Configure Amazon as a connected app.
Configure Amazon as a connected app.
Suggested answer: C
asked 23/09/2024
Vaibhav Somani
34 questions

Question 152

Report
Export
Collapse

A global company's Salesforce Identity Architect is reviewing its Salesforce production org login history and is seeing some intermittent Security Assertion Markup Language (SAML SSO) 'Replay Detected and Assertion Invalid' login errors.

Which two issues would cause these errors?

Choose 2 answers

The subject element is missing from the assertion sent to salesforce.
The subject element is missing from the assertion sent to salesforce.
The certificate loaded into SSO configuration does not match the certificate used by the IdP.
The certificate loaded into SSO configuration does not match the certificate used by the IdP.
The current time setting of the company's identity provider (IdP) and Salesforce platform is out of sync by more than eight minutes.
The current time setting of the company's identity provider (IdP) and Salesforce platform is out of sync by more than eight minutes.
The assertion sent to 5alesforce contains an assertion ID previously used.
The assertion sent to 5alesforce contains an assertion ID previously used.
Suggested answer: A, D
asked 23/09/2024
MARCIA SHEILA PELAEZ GONZALEZ
38 questions

Question 153

Report
Export
Collapse

A global company has built an external application that uses data from its Salesforce org via an OAuth 2.0 authorization flow. Upon logout, the existing Salesforce OAuth token must be invalidated.

Which action will accomplish this?

Use a HTTP POST to request the refresh token for the current user.
Use a HTTP POST to request the refresh token for the current user.
Use a HTTP POST to the System for Cross-domain Identity Management (SCIM) endpoint, includingthe current OAuth token.
Use a HTTP POST to the System for Cross-domain Identity Management (SCIM) endpoint, includingthe current OAuth token.
Use a HTTP POST to make a call to the revoke token endpoint.
Use a HTTP POST to make a call to the revoke token endpoint.
Enable Single Logout with a secure logout URL.
Enable Single Logout with a secure logout URL.
Suggested answer: C
asked 23/09/2024
Sander Verheijen
36 questions

Question 154

Report
Export
Collapse

The executive sponsor for an organization has asked if Salesforce supports the ability to embed a login widget into its service providers in order to create a more seamless user experience.

What should be used and considered before recommending it as a solution on the Salesforce Platform?

OpenID Connect Web Server Flow. Determine if the service provider is secure enough to store the client secret on.
OpenID Connect Web Server Flow. Determine if the service provider is secure enough to store the client secret on.
Embedded Login. Identify what level of UI customization will be required to make it match the service providers look and feel.
Embedded Login. Identify what level of UI customization will be required to make it match the service providers look and feel.
Salesforce REST apis. Ensure that Secure Sockets Layer (SSL) connection for the integration is used.
Salesforce REST apis. Ensure that Secure Sockets Layer (SSL) connection for the integration is used.
Embedded Login. Consider whether or not it relies on third party cookies which can cause browser compatibility issues.
Embedded Login. Consider whether or not it relies on third party cookies which can cause browser compatibility issues.
Suggested answer: D
asked 23/09/2024
miquel martin leiva
42 questions

Question 155

Report
Export
Collapse

An identity architect is implementing a mobile-first Consumer Identity Access Management (CIAM) for external users. User authentication is the only requirement. The users email or mobile phone number should be supported as a username.

Which two licenses are needed to meet this requirement?

Choose 2 answers

External Identity Licenses
External Identity Licenses
Identity Connect Licenses
Identity Connect Licenses
Email Verification Credits
Email Verification Credits
SMS verification Credits
SMS verification Credits
Suggested answer: A, D
asked 23/09/2024
Arjen Vleugel
44 questions

Question 156

Report
Export
Collapse

Northern Trail Outfitters (NTO) leverages Microsoft Active Directory (AD) for management of employee usernames, passwords, permissions, and asset access. NTO also owns a third-party single sign-on (SSO) solution. The third-party party SSO solution is used for all corporate applications, including Salesforce.

NTO has asked an architect to explore Salesforce Identity Connect for automatic provisioning and deprovisiorung of users in Salesforce.

What role does identity Connect play in the outlined requirements?

Service Provider
Service Provider
Single Sign-On
Single Sign-On
Identity Provider
Identity Provider
User Management
User Management
Suggested answer: D
asked 23/09/2024
Mario Peralta
36 questions

Question 157

Report
Export
Collapse

Universal Container's (UC) is using Salesforce Experience Cloud site for its container wholesale business. The identity architect wants to an authentication provider for the new site.

Which two options should be utilized in creating an authentication provider?

Choose 2 answers

A custom registration handier can be set.
A custom registration handier can be set.
A custom error URL can be set.
A custom error URL can be set.
The default login user can be set.
The default login user can be set.
The default authentication provider certificate can be set.
The default authentication provider certificate can be set.
Suggested answer: A, B
asked 23/09/2024
Kshitij Vyas
39 questions

Question 158

Report
Export
Collapse

Universal Containers (UC) currently uses Salesforce Sales Cloud and an external billing application.

Both Salesforce and the billing application are accessed several times a day to manage customers. UC would like to configure single sign-on and leverage Salesforce as the identity provider. Additionally, UC would like the billing application to be accessible from Salesforce. A redirect is acceptable.

Which two Salesforce tools should an identity architect recommend to satisfy the requirements?

Choose 2 answers

salesforce Canvas
salesforce Canvas
Identity Connect
Identity Connect
Connected Apps
Connected Apps
App Launcher
App Launcher
Suggested answer: A, D
asked 23/09/2024
J.L.M. van Loo
48 questions

Question 159

Report
Export
Collapse

Northern Trail Outfitters (NTO) is setting up Salesforce to authenticate users with an external identity provider. The NTO Salesforce Administrator is having trouble getting things setup.

What should an identity architect use to show which part of the login assertion is fading?

SAML Metadata file importer
SAML Metadata file importer
Identity Provider Metadata download
Identity Provider Metadata download
Connected App Manager
Connected App Manager
Security Assertion Markup Language Validator
Security Assertion Markup Language Validator
Suggested answer: D
asked 23/09/2024
PANAGIOTIS SYKAS
39 questions

Question 160

Report
Export
Collapse

A leading fitness tracker company is getting ready to launch a customer community. The company wants its customers to login to the community and connect their fitness device to their profile.

Customers should be able to obtain exercise details and fitness recommendation in the community.

Which should be used to satisfy this requirement?

Named Credentials
Named Credentials
Login Flows
Login Flows
OAuth Device Flow
OAuth Device Flow
Single Sign-On Settings
Single Sign-On Settings
Suggested answer: C
asked 23/09/2024
YASSIR EL GHAZY
54 questions
Total 248 questions
Go to page: of 25
Search

Related questions