Salesforce Identity-and-Access-Management-designer Exam Practice Test Instant Access

Question 1

Northern Trail Outfitters (NTO) utilizes a third-party cloud solution for an employee portal. NTO also owns Salesforce Service Cloud and would like employees to be able to login to Salesforce with their third-party portal credentials for a seamless expenence. The third-party employee portal only supports OAuth.

What should an identity architect recommend to enable single sign-on (SSO) between the portal and Salesforce?

AConfigure SSO to use the third party portal as an identity provider.

BCreate a custom external authentication provider.

CAdd the third-party portal as a connected app.

DConfigure Salesforce for Delegated Authentication.

Answer : A

Question 2

Which two considerations should be made when implementing Delegated Authentication?

Choose 2 answers

AThe authentication web service can include custom attributes.

BIt can be used to authenticate API clients and mobile apps.

CIt requires trusted IP ranges at the User Profile level.

DSalesforce servers receive but do not validate a user's credentials.

EJust-in-time Provisioning can be configured for new users.

Answer : B, E

Question 3

Universal Containers would like its customers to register and log in to a portal built on Salesforce Experience Cloud. Customers should be able to use their Facebook or Linkedln credentials for ease of use.

Which three steps should an identity architect take to implement social sign-on?

Choose 3 answers

ARegister both Facebook and Linkedln as connected apps.

BCreate authentication providers for both Facebook and Linkedln.

CCheck 'Facebook' and 'Linkedln' under Login Page Setup.

DEnable 'Federated Single Sign-On Using SAML'.

EUpdate the default registration handlers to create and update users.

Answer : B, C, E

Question 4

Universal Containers is implementing Salesforce Identity to broker authentication from its enterprise single sign-on (SSO) solution through Salesforce to third party applications using SAML.

What rote does Salesforce Identity play in its relationship with the enterprise SSO system?

AIdentity Provider (IdP)

BResource Server

CService Provider (SP)

DClient Application

Answer : C

Question 5

An Architect has configured a SAML-based SSO integration between Salesforce and an external Identity provider and is ready to test it. When the Architect attempts to log in to Salesforce using SSO, the Architect receives a SAML error. Which two optimal actions should the Architect take to troubleshoot the issue?

AEnsure the Callback URL is correctly set in the Connected Apps settings.

BUse a browser that has an add-on/extension that can inspect SAML.

CPaste the SAML Assertion Validator in Salesforce.

DUse the browser's Development tools to view the Salesforce page's markup.

Answer : B, C

Question 6

The CMO of an advertising company has invited an Identity and Access Management (IAM) specialist to discuss Salesforce out-of-box capabilities for configuring the company*s login and registration experience on Salesforce Experience Cloud.

The CMO is looking to brand the login page with the company's logo, background color, login button color, and dynamic right-frame from an external URL.

Which two solutions should the IAM specialist recommend?

Choose 2 answers

AUse Experience Builder to build branded Reset and Forgot Password pages.

BBuild custom pages for branding requirements in Experience Cloud.

CBuild custom site pages for reset and forgot password features.

DLogin & Registration pages can be branded in the Community Administration settings.

Answer : A, D

Question 7

What are three capabilities of Delegated Authentication? Choose 3 answers

AIt can be assigned by Custom Permissions.

BIt can connect to SOAP services.

CIt can be assigned by Permission Sets.

DIt can be assigned by Profiles.

EIt can connect to REST services.

Answer : B, C, E

Salesforce Identity and Access Management Designer Identity-and-Access-Management-designer Exam Practice Test