ExamGecko
Login
Ask Question

Salesforce Certified Identity and Access Management Architect Practice Test - Questions Answers, Page 19

List of questions

Question 181

Report
Export
Collapse

Uwversal Containers (UC) is building a custom employee hut) application on Amazon Web Services

(AWS) and would like to store their users' credentials there. Users will also need access to Salesforce for internal operations. UC has tasked an identity architect with evaluating Afferent solutions for authentication and authorization between AWS and Salesforce.

How should an identity architect configure AWS to authenticate and authorize Salesforce users?

Configure the custom employee app as a connected app.
Configure the custom employee app as a connected app.
Configure AWS as an OpenID Connect Provider.
Configure AWS as an OpenID Connect Provider.
Create a custom external authentication provider.
Create a custom external authentication provider.
Develop a custom Auth server in AWS.
Develop a custom Auth server in AWS.
Suggested answer: B
asked 23/09/2024
Michael Bays
33 questions

Question 182

Report
Export
Collapse

Universal Containers is implementing Salesforce Identity to broker authentication from its enterprise single sign-on (SSO) solution through Salesforce to third party applications using SAML.

What rote does Salesforce Identity play in its relationship with the enterprise SSO system?

Identity Provider (IdP)
Identity Provider (IdP)
Resource Server
Resource Server
Service Provider (SP)
Service Provider (SP)
Client Application
Client Application
Suggested answer: C
asked 23/09/2024
samresh mahata
36 questions

Question 183

Report
Export
Collapse

Refer to the exhibit.

Salesforce Certified Identity and Access Management Architect image Question 183 63283 09232024002508000000

A multinational company is looking to rollout Salesforce globally. The company has a Microsoft Active Directory Federation Services (ADFS) implementation for the Americas, Europe and APAC. The company plans to have a single org and they would like to have all of its users access Salesforce using the ADFS . The company would like to limit its investments and prefer not to procure additional applications to satisfy the requirements.

What is recommended to ensure these requirements are met ?

Use connected apps for each ADFS implementation and implement Salesforce site to authenticate users across the ADFS system applicable to their geo.
Use connected apps for each ADFS implementation and implement Salesforce site to authenticate users across the ADFS system applicable to their geo.
Implement Identity Connect to provide single sign-on to Salesforce and federated across multiple ADFS systems.
Implement Identity Connect to provide single sign-on to Salesforce and federated across multiple ADFS systems.
Add a central identity system that federates between the ADFS systems and integrate with Salesforce for single sign-on.
Add a central identity system that federates between the ADFS systems and integrate with Salesforce for single sign-on.
Configure Each ADFS system under single sign-on settings and allow users to choose the system to authenticate during sign on to Salesforce-
Configure Each ADFS system under single sign-on settings and allow users to choose the system to authenticate during sign on to Salesforce-
Suggested answer: B
asked 23/09/2024
soliman sallam
40 questions

Question 184

Report
Export
Collapse

Northern Trail Outfitters (NTO) wants its customers to use phone numbers to log in to their new digital portal, which was designed and built using Salesforce Experience Cloud. In order to access the portal, the user will need to do the following:

Enter a phone number and/or email address
Enter a phone number and/or email address
Enter a verification code that is to be sent via email or text.What is the recommended approach to fulfill this requirement?
Enter a verification code that is to be sent via email or text.What is the recommended approach to fulfill this requirement?
Create a Login Discovery page and provide a Login Discovery Handler Apex class.
Create a Login Discovery page and provide a Login Discovery Handler Apex class.
Create a custom login page with an Apex controller. The controller has logic to send and verify the identity.
Create a custom login page with an Apex controller. The controller has logic to send and verify the identity.
Create an Authentication provider and implement a self-registration handler class.
Create an Authentication provider and implement a self-registration handler class.
Create a custom login flow that uses an Apex controller to verify the phone numbers with the company's verification service.
Create a custom login flow that uses an Apex controller to verify the phone numbers with the company's verification service.
Suggested answer: A
asked 23/09/2024
Amirouche Rahani
48 questions

Question 185

Report
Export
Collapse

A financial services company uses Salesforce and has a compliance requirement to track information about devices from which users log in. Also, a Salesforce Security Administrator needs to have the ability to revoke the device from which users log in.

What should be used to fulfill this requirement?

Use multi-factor authentication (MFA) to meet the compliance requirement to track device information.
Use multi-factor authentication (MFA) to meet the compliance requirement to track device information.
Use the Activations feature to meet the compliance requirement to track device information.
Use the Activations feature to meet the compliance requirement to track device information.
Use the Login History object to track information about devices from which users log in.
Use the Login History object to track information about devices from which users log in.
Use Login Flows to capture device from which users log in and store device and user information in a custom object.
Use Login Flows to capture device from which users log in and store device and user information in a custom object.
Suggested answer: B
asked 23/09/2024
CRISTIAN FONSECA
38 questions

Question 186

Report
Export
Collapse

Users logging into Salesforce are frequently prompted to verify their identity.

The identity architect is required to provide recommendations so that frequency of prompt verification can be reduced.

What should the identity architect recommend to meet the requirement?

Become a Premium Member for full access
  Unlock Premium Member

Question 187

Report
Export
Collapse

An Identity and Access Management (IAM) Architect is recommending Identity Connect to integrate Microsoft Active Directory (AD) with Salesforce for user provisioning, deprovisioning and single signon (SSO).

Which feature of Identity Connect is applicable for this scenano?

Become a Premium Member for full access
  Unlock Premium Member

Question 188

Report
Export
Collapse

Northern Trail Outfitters (NTO) is planning to roll out a partner portal for its distributors using Experience Cloud. NTO would like to use an external identity provider (idP) and for partners to register for access to the portal. Each partner should be allowed to register only once to avoid duplicate accounts with Salesforce.

What should a identity architect recommend to create partners?

Become a Premium Member for full access
  Unlock Premium Member

Question 189

Report
Export
Collapse

A third-party app provider would like to have users provisioned via a service endpoint before users access their app from Salesforce.

What should an identity architect recommend to configure the requirement with limited changes to the third-party app?

Become a Premium Member for full access
  Unlock Premium Member

Question 190

Report
Export
Collapse

Northern Trail Outfitters (NTO) wants to give customers the ability to submit and manage issues with their purchases. It is important for to give its customers the ability to login with their Facebook and Twitter credentials.

Which two actions should an identity architect recommend to meet these requirements?

Choose 2 answers

Become a Premium Member for full access
  Unlock Premium Member
Total 248 questions
Go to page: of 25
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three different attributes can be used to identify the user in a SAML 65> assertion when Salesforce is acting as a Service Provider? Choose 3 answers
Universal containers (UC) would like to enable SSO between their existing Active Directory infrastructure and salesforce. The it team prefers to manage all users in Active Directory and would like to avoid doing any initial setup of users in salesforce directly, including the correct assignment of profiles, roles and groups. Which two optimal solutions should UC use to provision users in salesforce? Choose 2 answers
Universal containers (UC) would like to enable SAML-BASED SSO for a salesforce partner community. UC has an existing ldap identity store and a third-party portal. They would like to use the existing portal as the primary site these users access, but also want to allow seamless access to the partner community. What SSO flow should an architect recommend?
Universal Containers (UC) wants to build a few applications that leverage the Salesforce REST API. UC has asked its Architect to describe how the API calls will be authenticated to a specific user. Which two mechanisms can the Architect provide? Choose 2 Answers
Universal Containers (UC) has five Salesforce orgs (UC1, UC2, UC3, UC4, UC5). of Every user that is in UC2, UC3, UC4, and UC5 is also in UC1, however not all users 65* have access to every org. Universal Containers would like to simplify the authentication process such that all Salesforce users need to remember one set of credentials. UC would like to achieve this with the least impact to cost and maintenance. What approach should an Architect recommend to UC?
Northern Trail Outfitters mar ages functional group permissions in a custom security application supported by a relational database and a REST service layer. Group permissions are mapped as permission sets in Salesforce. Which action should an identity architect use to ensure functional group permissions are reflected as permission set assignments?
Universal Containers (UC) is implementing Salesforce and would like to establish SAML SSO for its users to log in. UC stores its corporate user identities in a Custom Database. The UC IT Manager has heard good things about Salesforce Identity Connect as an Idp, and would like to understand what limitations they may face if they decided to use Identity Connect in their current environment. What limitation Should an Architect inform the IT Manager about?
The security team at Universal containers(UC) has identified exporting reports as a high-risk action and would like to require users to be logged into salesforce with their active directory (AD) credentials when doing so. For all other uses of Salesforce, Users should be allowed to use AD credentials or salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with salesforce credentials?
Universal Containers wants to secure its Salesforce APIs by using an existing Security Assertion Markup Language (SAML) configuration supports the company's single sign-on process to Salesforce, Which Salesforce OAuth authorization flow should be used?
An insurance company has a connected app in its Salesforce environment that is used to integrate with a Google Workspace (formerly knot as G Suite). An identity and access management (IAM) architect has been asked to implement automation to enable users, freeze/suspend users, disable users, and reactivate existing users in Google Workspace upon similar actions in Salesforce. Which solution is recommended to meet this requirement?