ExamGecko

Salesforce Certified Identity and Access Management Architect Practice Test - Questions Answers, Page 17

List of questions

Question 161

Report
Export
Collapse

Universal Containers is implementing a new Experience Cloud site and the identity architect wants to use dynamic branding features as of the login process.

Which two options should the identity architect recommend to support dynamic branding for the site?

Choose 2 answers

To use dynamic branding, the community must be built with the Visuaiforce + Salesforce Tabs template.
To use dynamic branding, the community must be built with the Visuaiforce + Salesforce Tabs template.
To use dynamic branding, the community must be built with the Customer Account Portal template.
To use dynamic branding, the community must be built with the Customer Account Portal template.
An experience ID (expid) or placeholder parameter must be used in the URL to represent the brand.
An experience ID (expid) or placeholder parameter must be used in the URL to represent the brand.
An external content management system (CMS) must be used for dynamic branding on Experience Cloud sites.
An external content management system (CMS) must be used for dynamic branding on Experience Cloud sites.
Suggested answer: B, C
asked 23/09/2024
Amidou Florian TOURE
33 questions

Question 162

Report
Export
Collapse

Universal Containers wants to allow its customers to log in to its Experience Cloud via a third party authentication provider that supports only the OAuth protocol.

What should an identity architect do to fulfill this requirement?

Contact Salesforce Support and enable delegate single sign-on.
Contact Salesforce Support and enable delegate single sign-on.
Create a custom external authentication provider.
Create a custom external authentication provider.
Use certificate-based authentication.
Use certificate-based authentication.
Configure OpenID Connect authentication provider.
Configure OpenID Connect authentication provider.
Suggested answer: B
asked 23/09/2024
Sarah Pachowsky
33 questions

Question 163

Report
Export
Collapse

A large consumer company is planning to create a community and will requ.re login through the customers social identity. The following requirements must be met:

The customer should be able to login with any of their social identities, however salesforce should only have one user per customer.
The customer should be able to login with any of their social identities, however salesforce should only have one user per customer.
Once the customer has been identified with a social identity, they should not be required to authonze Salesforce.
Once the customer has been identified with a social identity, they should not be required to authonze Salesforce.
The customers personal details from the social sign on need to be captured when the customer logs into Salesforce using their social Identity.
The customers personal details from the social sign on need to be captured when the customer logs into Salesforce using their social Identity.
If the customer modifies their personal details in the social site, the changes should be updated in Salesforce .Which two options allow the Identity Architect to fulfill the requirements?Choose 2 answers
If the customer modifies their personal details in the social site, the changes should be updated in Salesforce .Which two options allow the Identity Architect to fulfill the requirements?Choose 2 answers
Use Login Flows to call an authentication registration handler to provision the user before logging the user into the community.
Use Login Flows to call an authentication registration handler to provision the user before logging the user into the community.
Use authentication providers for social sign-on and use the custom registration handler to insert or update personal details.
Use authentication providers for social sign-on and use the custom registration handler to insert or update personal details.
Redirect the user to a custom page that allows the user to select an existing social identity for login.
Redirect the user to a custom page that allows the user to select an existing social identity for login.
Use the custom registration handler to link social identities to Salesforce identities.
Use the custom registration handler to link social identities to Salesforce identities.
Suggested answer: B, D
asked 23/09/2024
Mark Espena
25 questions

Question 164

Report
Export
Collapse

Universal Containers is budding a web application that will connect with the Salesforce API using JWT OAuth Flow.

Which two settings need to be configured in the connect app to support this requirement?

Choose 2 answers

The Use Digital Signature option in the connected app.
The Use Digital Signature option in the connected app.
The "web" OAuth scope in the connected app,
The "web" OAuth scope in the connected app,
The "api" OAuth scope in the connected app.
The "api" OAuth scope in the connected app.
The "edair_api" OAuth scope m the connected app.
The "edair_api" OAuth scope m the connected app.
Suggested answer: A, C
asked 23/09/2024
Ronald Zegwaard
30 questions

Question 165

Report
Export
Collapse

A company's external application is protected by Salesforce through OAuth. The identity architect for the project needs to limit the level of access to the data of the protected resource in a flexible way.

What should be done to improve security?

Select "Admin approved users are pre-authonzed" and assign specific profiles.
Select "Admin approved users are pre-authonzed" and assign specific profiles.
Create custom scopes and assign to the connected app.
Create custom scopes and assign to the connected app.
Define a permission set that grants access to the app and assign to authorized users.
Define a permission set that grants access to the app and assign to authorized users.
Leverage external objects and data classification policies.
Leverage external objects and data classification policies.
Suggested answer: B
asked 23/09/2024
Duane Joyce
33 questions

Question 166

Report
Export
Collapse

An identity architect wants to secure Salesforce APIs using Security Assertion Markup Language (SAML). For secunty purposes, administrators will need to authorize the applications that will be consuming the APIs.

Which Salesforce OAuth authorization flow should be used?

OAuth 2-0 SAML Bearer Assertion Flow
OAuth 2-0 SAML Bearer Assertion Flow
OAuth 2.0 JWT Bearer Flow
OAuth 2.0 JWT Bearer Flow
SAML Assertion Flow
SAML Assertion Flow
OAuth 2.0 User-Agent Flow
OAuth 2.0 User-Agent Flow
Suggested answer: C
asked 23/09/2024
xun wang
41 questions

Question 167

Report
Export
Collapse

Universal Containers (UC) rolling out a new Customer Identity and Access Management Solution will be built on top of their existing Salesforce instance.

Several service providers have been setup and integrated with Salesforce using OpenlD Connect to allow for a seamless single sign-on experience. UC has a requirement to limit user access to only a subset of service providers per customer type.

Which two steps should be done on the platform to satisfy the requirement?

Choose 2 answers

Manage which connected apps a user has access to by assigning authentication providers to the users profile.
Manage which connected apps a user has access to by assigning authentication providers to the users profile.
Assign the connected app to the customer community, and enable the users profile in the Community settings.
Assign the connected app to the customer community, and enable the users profile in the Community settings.
Use Profiles and Permission Sets to assign user access to Admin Pre-Approved Connected Apps.
Use Profiles and Permission Sets to assign user access to Admin Pre-Approved Connected Apps.
Set each of the Connected App access settings to Admin Pre-Approved.
Set each of the Connected App access settings to Admin Pre-Approved.
Suggested answer: C, D
asked 23/09/2024
Victor Cantu
36 questions

Question 168

Report
Export
Collapse

Northern Trail Outfitters (NTO) has an existing custom business-to-consumer (B2C) website that does NOT support single sign-on standards, such as Security Assertion Markup Language (SAMi) or OAuth.

NTO wants to use Salesforce Identity to register and authenticate new customers on the website.

Which two Salesforce features should an identity architect use in order to provide username/password authentication for the website?

Choose 2 answers

Identity Connect
Identity Connect
Delegated Authentication
Delegated Authentication
Connected Apps
Connected Apps
Embedded Login
Embedded Login
Suggested answer: B, D
asked 23/09/2024
Rickey Dickens
38 questions

Question 169

Report
Export
Collapse

Northern Trail Outfitters (NTO) uses a Security Assertion Markup Language (SAML)-based Identity Provider (idP) to authenticate employees to all systems. The IdP authenticates users against a Lightweight Directory Access Protocol (LDAP) directory and has access to user information. NTO wants to minimize Salesforce license usage since only a small percentage of users need Salesforce.

What is recommended to ensure new employees have immediate access to Salesforce using their current IdP?

Install Salesforce Identity Connect to automatically provision new users in Salesforce the first time they attempt to login.
Install Salesforce Identity Connect to automatically provision new users in Salesforce the first time they attempt to login.
Build an integration that queries LDAP periodically and creates new active users in Salesforce.
Build an integration that queries LDAP periodically and creates new active users in Salesforce.
Configure Just-in-Time provisioning using SAML attributes to create new Salesforce users as necessary when a new user attempts to login to Salesforce.
Configure Just-in-Time provisioning using SAML attributes to create new Salesforce users as necessary when a new user attempts to login to Salesforce.
Build an integration that queries LDAP and creates new inactive users in Salesforce and use a login flow to activate the user at first login.
Build an integration that queries LDAP and creates new inactive users in Salesforce and use a login flow to activate the user at first login.
Suggested answer: C
asked 23/09/2024
Lambert Shel Pablo
43 questions

Question 170

Report
Export
Collapse

An identity architect has been asked to recommend a solution that allows administrators to configure personalized alert messages to users before they land on the Experience Cloud site (formerly known as Community) homepage.

What is recommended to fulfill this requirement with the least amount of customization?

Customize the registration handler Apex class to create a routing logic navigating to different home pages based on the user profile.
Customize the registration handler Apex class to create a routing logic navigating to different home pages based on the user profile.
Use Login Flows to add a screen that shows personalized alerts.
Use Login Flows to add a screen that shows personalized alerts.
Build a Lightning web Component (LWC) for a homepage that shows custom alerts.
Build a Lightning web Component (LWC) for a homepage that shows custom alerts.
Create custom metadata that stores user alerts and use a LWC to display alerts.
Create custom metadata that stores user alerts and use a LWC to display alerts.
Suggested answer: B
asked 23/09/2024
Randy Kana
33 questions
Total 248 questions
Go to page: of 25
Search

Related questions