Salesforce Identity-and-Access-Management-designer Exam Questions Instant Access

Question 1

A pharmaceutical company has an on-premise application (see illustration) that it wants to integrate with Salesforce.

The IT director wants to ensure that requests must include a certificate with a trusted certificate chain to access the company's on-premise application endpoint.

What should an Identity architect do to meet this requirement?

AUse open SSL to generate a Self-signed Certificate and upload it to the on-premise app.

BConfigure the company firewall to allow traffic from Salesforce IP ranges.

CGenerate a certificate authority-signed certificate in Salesforce and uploading it to the on-premise application Truststore.

DUpload a third-party certificate from Salesforce into the on-premise server.

Answer : B

Question 2

Universal Containers (UC) uses Salesforce to allow customers to keep track of the order status. The customers can log in to Salesforce using external authentication providers, such as Facebook and Google. UC is also leveraging the App Launcher to let customers access an of platform application for generating shipping labels. The label generator application uses OAuth to provide users access. What license type should an Architect recommend for the customers?

ACustomer Community license

BIdentity license

CCustomer Community Plus license

DExternal Identity license

Answer : B

Question 3

Universal containers (UC) has implemented ansp-Initiated SAML flow between an external IDP and salesforce. A user at UC is attempting to login to salesforce1 for the first time and is being prompted for salesforce credentials instead of being shown the IDP login page. What is the likely cause of the issue?

AThe 'Redirect to Identity Provider' option has been selected in the my domain configuration.

BThe user has not configured the salesforce1 mobile app to use my domain for login

CThe 'Redirect to identity provider' option has not been selected the SAML configuration.

DThe user has not been granted the 'Enable single Sign-on' permission

Answer : B

Question 4

Universal Containers (UC) would like its community users to be able to register and log in with Linkedin or Facebook Credentials. UC wants users to clearly see Facebook &Linkedin Icons when they register and login. What are the two recommended actions UC can take to achieve this Functionality? Choose 2 answers

AEnable Facebook and Linkedin as Login options in the login section of the Community configuration.

BCreate custom Registration Handlers to link Linkedin and facebook accounts to user records.

CStore the Linkedin or Facebook user IDs in the Federation ID field on the Salesforce User record.

DCreate custom buttons for Facebook and inkedin using JAVAscript/CSS on a custom Visualforce page.

Answer : A, B

Question 5

Universal Containers (UC) has decided to use Salesforce as an Identity Provider for multiple external applications. UC wants to use the salesforce App Launcher to control the Apps that are available to individual users. Which three steps are required to make this happen?

AAdd each connected App to the App Launcher with a Start URL.

BSet up an Auth Provider for each External Application.

CSet up Salesforce as a SAML Idp with My Domain.

DSet up Identity Connect to Synchronize user data.

ECreate a Connected App for each external application.

Answer : A, C, E

Question 6

Universal Containers is creating a mobile application that will be secured by Salesforce Identity using the OAuth 2.0 user-agent flow (this flow uses the OAuth 2.0 implicit grant type).

Which three OAuth concepts apply to this flow?

Choose 3 answers

AClient ID

BRefresh Token

CAuthorization Code

DVerification Code

EScopes

Answer : A, B, E

Question 7

Universal Containers (UC) uses Salesforce for its customer service agents. UC has a proprietary system for order tracking which supports Security Assertion Markup Language (SAML) based single sign-on. The VP of customer service wants to ensure only active Salesforce users should be able to access the order tracking system which is only visible within Salesforce.

What should be done to fulfill the requirement?

Choose 2 answers

ASetup Salesforce as an identity provider (IdP) for order Tracking.

BSet up the Corporate Identity store as an identity provider (IdP) for Order Tracking,

CCustomize Order Tracking to initiate a REST call to validate users in Salesforce after login.

DSetup Order Tracking as a Canvas app in Salesforce to POST IdP initiated SAML assertion.

Answer : A, B

Salesforce Identity and Access Management Designer Identity-and-Access-Management-designer Exam Questions