ExamGecko
Search Search Login
Home Home / Salesforce / Certified Identity and Access Management Architect

Salesforce Certified Identity and Access Management Architect Practice Test - Questions Answers, Page 5

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Universal Containers (UC) has five Salesforce orgs (UC1, UC2, UC3, UC4, UC5). of Every user that is in UC2, UC3, UC4, and UC5 is also in UC1, however not all users 65* have access to every org. Universal Containers would like to simplify the authentication process such that all Salesforce users need to remember one set of credentials. UC would like to achieve this with the least impact to cost and maintenance. What approach should an Architect recommend to UC?
Universal containers (UC) uses a home-grown employee portal for their employees to collaborate. UC decides to use salesforce ideas to allow the employees to post ideas from the employee portal. When clicking some links in the employee portal, the users should be redirected to salesforce, authenticated, and presented with relevant pages. What scope should be requested when using the Oauth token to meet this requirement?
Universal Containers wants to secure its Salesforce APIs by using an existing Security Assertion Markup Language (SAML) configuration supports the company's single sign-on process to Salesforce, Which Salesforce OAuth authorization flow should be used?
An insurance company has a connected app in its Salesforce environment that is used to integrate with a Google Workspace (formerly knot as G Suite). An identity and access management (IAM) architect has been asked to implement automation to enable users, freeze/suspend users, disable users, and reactivate existing users in Google Workspace upon similar actions in Salesforce. Which solution is recommended to meet this requirement?
Which two security risks can be mitigated by enabling Two-Factor Authentication (2FA) in Salesforce? Choose 2 answers
Universal Containers (UC) wants its closed Won opportunities to be synced to a Data Warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is Secure. What Certificate is sent along with the Outbound Message?
A group of users try to access one of Universal Containers' Connected Apps and receive the following error message: " Failed: Not approved for access." What is the most likely cause of this issue?
Universal Containers (UC) wants to use Salesforce for sales orders and a legacy of system for order fulfillment. The legacy system must update the status of orders in 65* Salesforce in real time as they are fulfilled. UC decides to use OAuth for connecting the legacy system to Salesforce. What OAuth flow should be considered that doesn't require storing credentials, client secret or refresh tokens?
A global company has built an external application that uses data from its Salesforce org via an OAuth 2.0 authorization flow. Upon logout, the existing Salesforce OAuth token must be invalidated. Which action will accomplish this?
Universal containers (UC) has implemented a multi-org strategy and would like to centralize the management of their salesforce user profiles. What should the architect recommend to allow salesforce profiles to be managed from a central system of record?

Question 41

Report
Export
Collapse

An Architect needs to advise the team that manages the Identity Provider how to differentiate Salesforce from other Service Providers. What SAML SSO setting in Salesforce provides this capability?

A.
Identity Provider Login URL.
A.
Identity Provider Login URL.
Answers
B.
Issuer.
B.
Issuer.
Answers
C.
Entity Id
C.
Entity Id
Answers
D.
SAML Identity Location.
D.
SAML Identity Location.
Answers
Suggested answer: C

Question 42

Report
Export
Collapse

Universal Containers (UC) wants its closed Won opportunities to be synced to a Data Warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is Secure. What Certificate is sent along with the Outbound Message?

A.
The CA-Signed Certificate from the Certificate and Key Management menu.
A.
The CA-Signed Certificate from the Certificate and Key Management menu.
Answers
B.
The default Client Certificate from the Develop--> API Menu.
B.
The default Client Certificate from the Develop--> API Menu.
Answers
C.
The default Client Certificate or a Certificate from Certificate and Key Management menu.
C.
The default Client Certificate or a Certificate from Certificate and Key Management menu.
Answers
D.
The Self-Signed Certificates from the Certificate & Key Management menu.
D.
The Self-Signed Certificates from the Certificate & Key Management menu.
Answers
Suggested answer: B

Question 43

Report
Export
Collapse

Which three are features of federated Single sign-on solutions? Choose 3 Answers

A.
It establishes trust between Identity Store and Service Provider.
A.
It establishes trust between Identity Store and Service Provider.
Answers
B.
It federates credentials control to authorized applications.
B.
It federates credentials control to authorized applications.
Answers
C.
It solves all identity and access management problems.
C.
It solves all identity and access management problems.
Answers
D.
It improves affiliated applications adoption rates.
D.
It improves affiliated applications adoption rates.
Answers
E.
It enables quick and easy provisioning and deactivating of users.
E.
It enables quick and easy provisioning and deactivating of users.
Answers
Suggested answer: A, D, E

Question 44

Report
Export
Collapse

Universal Containers (UC) has an existing e-commerce platform and is implementing a new customer community. They do not want to force customers to register on both applications due to concern over the customers experience. It is expected that 25% of the e-commerce customers will utilize the customer community . The e-commerce platform is capable of generating SAML responses and has an existing REST-ful API capable of managing users. How should UC create the identities of its ecommerce users with the customer community?

A.
Use SAML JIT in the Customer Community to create users when a user tries to login to the community from the e-commerce site.
A.
Use SAML JIT in the Customer Community to create users when a user tries to login to the community from the e-commerce site.
Answers
B.
Use the e-commerce REST API to create users when a user self-register on the customer community and use SAML to allow SSO.
B.
Use the e-commerce REST API to create users when a user self-register on the customer community and use SAML to allow SSO.
Answers
C.
Use a nightly batch ETL job to sync users between the Customer Community and the e-commerce platform and use SAML to allow SSO.
C.
Use a nightly batch ETL job to sync users between the Customer Community and the e-commerce platform and use SAML to allow SSO.
Answers
D.
Use the standard Salesforce API to create users in the Community When a User is Created in the e- Commerce platform and use SAML to allow SSO.
D.
Use the standard Salesforce API to create users in the Community When a User is Created in the e- Commerce platform and use SAML to allow SSO.
Answers
Suggested answer: A

Question 45

Report
Export
Collapse

Containers (UC) has an existing Customer Community. UC wants to expand the self-registration capabilities such that customers receive a different community experience based on the data they provide during the registration process. What is the recommended approach an Architect Should recommend to UC?

A.
Create an After Insert Apex trigger on the user object to assign specific custom permissions.
A.
Create an After Insert Apex trigger on the user object to assign specific custom permissions.
Answers
B.
Create separate login flows corresponding to the different community user personas.
B.
Create separate login flows corresponding to the different community user personas.
Answers
C.
Modify the Community pages to utilize specific fields on the User and Contact records.
C.
Modify the Community pages to utilize specific fields on the User and Contact records.
Answers
D.
Modify the existing Communities registration controller to assign different profiles.
D.
Modify the existing Communities registration controller to assign different profiles.
Answers
Suggested answer: C

Question 46

Report
Export
Collapse

Universal Containers (UC) has a Customer Community that uses Facebook for Authentication. UC would like to ensure that Changes in the Facebook profile are reflected on the appropriate Customer Community user: How can this requirement be met?

A.
Use the updateUser method on the registration Handler Class.
A.
Use the updateUser method on the registration Handler Class.
Answers
B.
Develop a scheduled job that calls out to Facebook on a nightly basis.
B.
Develop a scheduled job that calls out to Facebook on a nightly basis.
Answers
C.
Use information in the signed Request that is received from facebook.
C.
Use information in the signed Request that is received from facebook.
Answers
D.
Use SAML Just-In-Time Provisioning between Facebook and Salesforce.
D.
Use SAML Just-In-Time Provisioning between Facebook and Salesforce.
Answers
Suggested answer: A

Question 47

Report
Export
Collapse

What are three capabilities of Delegated Authentication? Choose 3 answers

A.
It can be assigned by Custom Permissions.
A.
It can be assigned by Custom Permissions.
Answers
B.
It can connect to SOAP services.
B.
It can connect to SOAP services.
Answers
C.
It can be assigned by Permission Sets.
C.
It can be assigned by Permission Sets.
Answers
D.
It can be assigned by Profiles.
D.
It can be assigned by Profiles.
Answers
E.
It can connect to REST services.
E.
It can connect to REST services.
Answers
Suggested answer: B, C, E

Question 48

Report
Export
Collapse

In an SP-Initiated SAML SSO setup where the user tries to access a resource on the Service Provider, What HTTP param should be used when submitting a SAML Request to the Idp to ensure the user is returned to the intended resourse after authentication?

A.
RedirectURL
A.
RedirectURL
Answers
B.
RelayState
B.
RelayState
Answers
C.
DisplayState
C.
DisplayState
Answers
D.
StartURL
D.
StartURL
Answers
Suggested answer: B

Question 49

Report
Export
Collapse

Universal Containers (UC) is building a customer community and will allow customers to authenticate using Facebook credentials. The First time the user authenticating using facebook, UC would like a customer account created automatically in their Accounting system. The accounting system has a web service accessible to Salesforce for the creation of accounts. How can the Architect meet these requirements?

A.
Create a custom application on Heroku that manages the sign-on process from Facebook.
A.
Create a custom application on Heroku that manages the sign-on process from Facebook.
Answers
B.
Use JIT Provisioning to automatically create the account in the accounting system.
B.
Use JIT Provisioning to automatically create the account in the accounting system.
Answers
C.
Add an Apex callout in the registration handler of the authorization provider.
C.
Add an Apex callout in the registration handler of the authorization provider.
Answers
D.
Use OAuth JWT flow to pass the data from Salesforce to the Accounting System.
D.
Use OAuth JWT flow to pass the data from Salesforce to the Accounting System.
Answers
Suggested answer: C

Question 50

Report
Export
Collapse

Universal containers (UC) has multiple salesforce orgs and would like to use a single identity provider to access all of their orgs. How should UC'S architect enable this behavior?

A.
Ensure that users have the same email value in their user records in all of UC's salesforce orgs.
A.
Ensure that users have the same email value in their user records in all of UC's salesforce orgs.
Answers
B.
Ensure the same username is allowed in multiple orgs by contacting salesforce support.
B.
Ensure the same username is allowed in multiple orgs by contacting salesforce support.
Answers
C.
Ensure that users have the same Federation ID value in their user records in all of UC's salesforce orgs.
C.
Ensure that users have the same Federation ID value in their user records in all of UC's salesforce orgs.
Answers
D.
Ensure that users have the same alias value in their user records in all of UC's salesforce orgs.
D.
Ensure that users have the same alias value in their user records in all of UC's salesforce orgs.
Answers
Suggested answer: C
Total 248 questions
Go to page: of 25
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms