Salesforce Identity-and-Access-Management-designer Exam Practice Test Instant Access

Question 1

Universal Containers (UC) wants its users to access Salesforce and other SSO-enabled applications from a custom web page that UC magnets. UC wants its users to use the same set of credentials to access each of the applications. what SAML SSO flow should an Architect recommend for UC?

ASP-Initiated with Deep Linking

BSP-Initiated

CIdP-Initiated

DUser-Agent

Answer : C

Question 2

Uwversal Containers (UC) is building a custom employee hut) application on Amazon Web Services (AWS) and would like to store their users' credentials there. Users will also need access to Salesforce for internal operations. UC has tasked an identity architect with evaluating Afferent solutions for authentication and authorization between AWS and Salesforce.

How should an identity architect configure AWS to authenticate and authorize Salesforce users?

AConfigure the custom employee app as a connected app.

BConfigure AWS as an OpenID Connect Provider.

CCreate a custom external authentication provider.

DDevelop a custom Auth server in AWS.

Answer : B

Question 3

Universal containers(UC) has a customer Community that uses Facebook for authentication. UC would like to ensure that changes in the Facebook profile are reflected on the appropriate customer Community user. How can this requirement be met?

AUse the updateuser() method on the registration handler class.

BUse SAML just-in-time provisioning between Facebook and Salesforce

CUse information in the signed request that is received from Facebook.

DDevelop a schedule job that calls out to Facebook on a nightly basis.

Answer : A

Question 4

A security architect is rolling out a new multi-factor authentication (MFA) mandate, where all employees must go through a secure authentication process before accessing Salesforce. There are multiple Identity Providers (IdP) in place and the architect is considering how the "Authentication Method Reference" field (AMR) in the Login History can help.

Which two considerations should the architect keep in mind?

Choose 2 answers

AAMR field shows the authentication methods used at IdP.

BBoth OIDC and Security Assertion Markup Language (SAML) are supported but AMR must be implemented at IdP.

CHigh-assurance sessions must be configured under Session Security Level Policies.

DDependency on what is supported by OpenID Connect (OIDC) implementation at IdP.

Answer : A, B

Question 5

Universal containers (UC) would like to enable SAML-BASED SSO for a salesforce partner community. UC has an existing ldap identity store and a third-party portal. They would like to use the existing portal as the primary site these users access, but also want to allow seamless access to the partner community. What SSO flow should an architect recommend?

AUser-Agent

BIDP-initiated

CSp-Initiated

DWeb server

Answer : B

Question 6

Universal Containers is creating a mobile application that will be secured by Salesforce Identity using the OAuth 2.0 user-agent flow (this flow uses the OAuth 2.0 implicit grant type).

Which three OAuth concepts apply to this flow?

Choose 3 answers

AClient ID

BRefresh Token

CAuthorization Code

DVerification Code

EScopes

Answer : A, B, E

Question 7

Universal Containers (UC) wants its closed Won opportunities to be synced to a Data Warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is Secure. What Certificate is sent along with the Outbound Message?

AThe CA-Signed Certificate from the Certificate and Key Management menu.

BThe default Client Certificate from the Develop--> API Menu.

CThe default Client Certificate or a Certificate from Certificate and Key Management menu.

DThe Self-Signed Certificates from the Certificate & Key Management menu.

Answer : B

Salesforce Identity and Access Management Designer Identity-and-Access-Management-designer Exam Practice Test