- Home
- Salesforce
- Identity-and-Access-Management-Architect
- Salesforce.Identity-and-Access-Management-Architect.v2023-09-29.q122.pdf
Valid Identity-and-Access-Management-Architect Dumps shared by ExamDiscuss.com for Helping Passing Identity-and-Access-Management-Architect Exam! ExamDiscuss.com now offer the newest Identity-and-Access-Management-Architect exam dumps, the ExamDiscuss.com Identity-and-Access-Management-Architect exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Identity-and-Access-Management-Architect dumps with Test Engine here:
Access Identity-and-Access-Management-Architect Dumps Premium Version
(245 Q&As Dumps, 35%OFF Special Discount Code: freecram)
Online Access Free Identity-and-Access-Management-Architect Exam Questions
| Exam Code: | Identity-and-Access-Management-Architect |
| Exam Name: | Salesforce Certified Identity and Access Management Architect |
| Certification Provider: | Salesforce |
| Free Question Number: | 122 |
| Version: | v2023-09-29 |
| Rating: | |
| # of views: | 4434 |
| # of Questions views: | 189736 |
| Go To Identity-and-Access-Management-Architect Questions | |
- Other Version
- 2444 viewsSalesforce.Identity-and-Access-Management-Architect.v2023-06-17.q81
- 2449 viewsSalesforce.Identity-and-Access-Management-Architect.v2022-12-05.q87
- Exam Question List
- Question 1: Which two capabilities does My Domain enable in the context ...
- Question 2: Universal containers wants to implement SAML SSO for their i...
- Question 3: How should an Architect force users to authenticate with Two...
- Question 4: A multinational industrial products manufacturer is planning...
- Question 5: Universal Containers (UC) has an existing web application th...
- 1 commentQuestion 6: A farming enterprise offers smart farming technology to its ...
- Question 7: Universal containers (UC) built a customer Community for cus...
- Question 8: Universal Containers is implementing a new Experience Cloud ...
- 1 commentQuestion 9: Northern Trail Outfitters manages application functional per...
- 1 commentQuestion 10: A leading fitness tracker company is getting ready to launch...
- Question 11: Universal containers (UC) uses a legacy Employee portal for ...
- 1 commentQuestion 12: Which two security risks can be mitigated by enabling Two-Fa...
- Question 13: Containers (UC) uses a legacy Employee portal for their empl...
- 1 commentQuestion 14: Universal Containers (UC) has a mobile application for its e...
- 1 commentQuestion 15: Universal containers (UC) has a mobile application that call...
- Question 16: Universal Containers (UC) has built a custom time tracking a...
- 2 commentQuestion 17: Northern Trail Outfitters (NTO) has an off-boarding process ...
- 2 commentQuestion 18: Universal Containers (UC) currently uses Salesforce Sales Cl...
- 1 commentQuestion 19: An insurance company has a connected app in its Salesforce e...
- 1 commentQuestion 20: Universal Containers is creating a web application that will...
- Question 21: An Identity architect works for a multinational, multi-brand...
- 1 commentQuestion 22: Universal containers (UC) would like to enable self - regist...
- Question 23: Northern Trail Outfitters (NTO) is planning to build a new c...
- Question 24: Universal Containers (UC) has decided to use Salesforce as a...
- 1 commentQuestion 25: Universal Containers (UC) is looking to purchase a third-par...
- Question 26: Northern Trail Outfitters (NTO) uses Salesforce for Sales Op...
- 1 commentQuestion 27: Universal Containers (UC) is planning to add Wi-Fi enabled G...
- 1 commentQuestion 28: Containers (UC) has an existing Customer Community. UC wants...
- Question 29: (Exhibit) An organization has a central cloud-based Identity...
- Question 30: Northern Trail Outfitters (NTO) has a number of employees wh...
- Question 31: A global company is using the Salesforce Platform as an Iden...
- 1 commentQuestion 32: Universal Containers (UC) would like to enable self-registra...
- 1 commentQuestion 33: An Identity and Access Management (IAM) Architect is recomme...
- 1 commentQuestion 34: Northern Trail Outfitters (NTO) wants to improve its engagem...
- Question 35: Universal Containers uses Salesforce as an identity provider...
- 1 commentQuestion 36: Universal Containers (UC) has implemented SAML-based Single ...
- Question 37: Universal Containers (UC) has a Customer Community that uses...
- 1 commentQuestion 38: An architect needs to advise the team that manages the ident...
- 1 commentQuestion 39: What item should an Architect consider when designing a Dele...
- Question 40: A Salesforce customer is implementing Sales Cloud and a cust...
- 1 commentQuestion 41: An architect needs to set up a Facebook Authentication provi...
- 1 commentQuestion 42: Universal Containers (UC) is implementing Salesforce and wou...
- Question 43: Universal Containers (UC) has a Customer Community that uses...
- Question 44: Universal Containers (UC) is building a customer community a...
- 1 commentQuestion 45: Universal Containers (UC) has a classified information syste...
- Question 46: Universal containers wants to build a custom mobile app conn...
- Question 47: An identity architect is implementing a mobile-first Consume...
- 1 commentQuestion 48: An identity architect wants to secure Salesforce APIs using ...
- 2 commentQuestion 49: Universal Containers (UC) uses Salesforce to allow customers...
- Question 50: Universal Containers would like its customers to register an...
- 1 commentQuestion 51: Universal Containers (UC) plans to use a SAML-based third-pa...
- Question 52: A division of a Northern Trail Outfitters (NTO) purchased Sa...
- Question 53: Universal Containers (UC) wants to build a custom mobile app...
- 1 commentQuestion 54: Northern Trail Outfitters (NTO) has a requirement to ensure ...
- Question 55: IT security at Unversal Containers (UC) us concerned about r...
- Question 56: Universal Containers (UC) wants to integrate a third-party R...
- 3 commentQuestion 57: Containers (UC) has decided to implement a federated single ...
- Question 58: Universal containers (UC) uses a home-grown employee portal ...
- 1 commentQuestion 59: Universal containers (UC) has an e-commerce website while cu...
- Question 60: A real estate company wants to provide its customers a digit...
- 1 commentQuestion 61: What information does the 'Relaystate' parameter contain in ...
- Question 62: Universal containers (UC) is building a mobile application t...
- Question 63: Northern Trail Outfitters (NTO) is planning to implement a c...
- 2 commentQuestion 64: An administrator created a connected app for a custom wet) a...
- Question 65: Universal Containers (UC) wants to build a mobile applicatio...
- 1 commentQuestion 66: In a typical SSL setup involving a trusted party and trustin...
- Question 67: Universal Containers (UC) has an e-commerce website where cu...
- 2 commentQuestion 68: Northern Trail Outfitters (NTO) employees use a custom on-pr...
- Question 69: Universal Containers (UC) is building a custom Innovation pl...
- Question 70: A consumer products company uses Salesforce to maintain cons...
- Question 71: Universal containers (UC) has implemented a multi-org strate...
- Question 72: Universal Containers is creating a mobile application that w...
- 1 commentQuestion 73: Universal containers wants salesforce inbound Oauth-enabled ...
- 1 commentQuestion 74: Universal Containers (UC) is planning to deploy a custom mob...
- 2 commentQuestion 75: Which two are valid choices for digital certificates when se...
- Question 76: Universal Containers (UC) has an existing Salesforce org con...
- Question 77: A global fitness equipment manufacturer is planning to sell ...
- Question 78: Universal containers(UC) has a customer Community that uses ...
- Question 79: A company's external application is protected by Salesforce ...
- Question 80: Universal containers (UC) has a classified information syste...
- 2 commentQuestion 81: Universal Containers wants to secure its Salesforce APIs by ...
- Question 82: Northern Trail Outfitters wants to implement a partner commu...
- 1 commentQuestion 83: A third-party app provider would like to have users provisio...
- Question 84: Universal Containers is using OpenID Connect to enable a con...
- Question 85: Northern Trail Outfitters (NTO) is planning to roll out a pa...
- Question 86: Universal containers (UC) has implemented SAML SSO to enable...
- Question 87: Universal Containers (UC) has a custom, internal-only, mobil...
- 1 commentQuestion 88: A global fitness equipment manufacturer uses Salesforce to m...
- Question 89: Universal containers (UC) wants to implement Delegated Authe...
- Question 90: Uwversal Containers (UC) is building a custom employee hut) ...
- Question 91: Universal Containers (UC) has an existing e-commerce platfor...
- 1 commentQuestion 92: Universal Container's (UC) is using Salesforce Experience Cl...
- Question 93: A division of a Northern Trail Outfitters (NTO) purchased Sa...
- Question 94: Universal Containers built a custom mobile app for their fie...
- Question 95: Universal Containers wants to implement Single Sign-on for a...
- 1 commentQuestion 96: Universal Containers (UC) is looking to build a Canvas app a...
- Question 97: Northern Trail Outfitters (NTO) uses the Customer 360 Platfo...
- 2 commentQuestion 98: Which three different attributes can be used to identify the...
- Question 99: Universal Containers allows employees to use a mobile device...
- Question 100: Under which scenario Web Server flow will be used?...
- Question 101: In an SP-Initiated SAML SSO setup where the user tries to ac...
- Question 102: An identity architect's client has a homegrown identity prov...
- 2 commentQuestion 103: Universal containers (UC) is successfully using Delegated Au...
- 1 commentQuestion 104: How should an Architect automatically redirect users to the ...
- Question 105: customer service representatives at Universal containers (UC...
- Question 106: Universal Container's (UC) identity architect needs to recom...
- 2 commentQuestion 107: Universal Containers (UC) is using its production org as the...
- Question 108: Northern Trail Outfitters want to allow its consumer to self...
- Question 109: Users logging into Salesforce are frequently prompted to ver...
- Question 110: Universal Containers (UC) has decided to replace the homegro...
- Question 111: A group of users try to access one of Universal Containers' ...
- Question 112: A company with 15,000 employees is using Salesforce and woul...
- Question 113: Refer to the exhibit. (Exhibit) Outfitters (NTO) is using Ex...
- Question 114: Northern Trail Outfitters (NTO) believes a specific user acc...
- Question 115: Universal Containers (UC) has Active Directory (AD) as their...
- Question 116: An Enterprise is using a Lightweight Directory Access Protoc...
- Question 117: Universal Containers (UC) is considering a Customer 360 init...
- 1 commentQuestion 118: Universal Containers (UC) has built a custom token-based Two...
- Question 119: universal container plans to develop a custom mobile app for...
- Question 120: A company wants to provide its employees with a custom mobil...
- 1 commentQuestion 121: The security team at Universal containers(UC) has identified...
- Question 122: Universal containers (UC) wants to integrate a Web applicati...
[×]
Download PDF File
Enter your email address to download Salesforce.Identity-and-Access-Management-Architect.v2023-09-29.q122.pdf
Recent Comments (The most recent comments are at the top.)
No.# A and D is correct.
To enable self-registration for partner community users, UC should modify the CommunitiesSelfRegController class to assign the Profile and Account values based on the custom data elements captured from the partner user.
UC should also configure Registration for Communities to use a custom Apex controller that extends the CommunitiesSelfRegController class and overrides the default registration logic
No.# B
https://www.freecram.net/question/Salesforce.Identity-and-Access-Management-Designer.v2021-08-28.q43/universal-containers-uc-has-built-a-custom-token-based-two-factor-authentication-2fa-system-for-their
No.# B,D are correct : https://help.salesforce.com/s/articleView?id=sf.external_identity_login_discovery_login_types.htm&type=5
No.# A C
below can be set for Auth Providers
Auth. Provider ID
Provider Type
Name
URL Suffix
Consumer Key
Consumer Secret
Click to reveal
Authorize Endpoint URL
Token Endpoint URL
User Info Endpoint URL
Use Proof Key for Code Exchange (PKCE) Extension
Not Checked
Default Scopes
Include Consumer Secret in SOAP API Responses
Checked
Custom Error URL
Custom Logout URL
Registration Handler Type
Registration Handler
Execute Registration As
Portal
Icon URL
Use Salesforce MFA for this SSO Provider
No.# D
To enable the custom order fulfillment app to access Salesforce data via OAuth 2.0, the identity architect should use a Salesforce Connected App. This connected app acts as a bridge, allowing the order fulfillment app to request access to Salesforce data using OAuth 2.0, which is the open protocol for secure data sharing between applications through token exchange.
Here's why and how:
Why Connected Apps?
Security:
Connected Apps provide a secure way to authorize external apps to access Salesforce data by using OAuth 2.0.
Integration:
They facilitate integration by allowing external apps to authenticate and retrieve data from Salesforce.
Flexibility:
They allow various OAuth 2.0 flows for different use cases
No.# D
https://help.salesforce.com/s/articleView?id=sf.connected_app_user_provisioning.htm&language=en_US&type=5
No.# D is right.
The SAML Bearer Assertion Flow and the SAML Assertion Flow are both methods for exchanging a SAML assertion for an OAuth 2.0 access token, but they differ in how they use the assertion. The SAML Bearer Assertion Flow specifically adheres to OAuth 2.0 Bearer Token Usage, using the SAML assertion as a bearer token in the OAuth 2.0 token request. The SAML Assertion Flow is a broader term that can refer to any flow where a SAML assertion is used for authentication or authorization, not necessarily within the OAuth 2.0 framework.
No.# https://www.pass4success.com/salesforce/discussions/exam-identity-and-access-management-designer-topic-7-question-36-discussion
No.# OAuth 2.0 SAML Bearer Assertion Flow allows a client application to use a SAML assertion to request an access token from Salesforce. This flow can leverage theexisting SAML configuration for single sign-on and secure the Salesforce APIs.
No.# https://www.freecram.net/question/Salesforce.Identity-and-Access-Management-designer.v2021-08-02.q46/which-two-are-valid-choices-for-digital-certificates-when-setting-up-two-way-ssl-between-salesforce-and
No.# B. Use a self-signed certificate for salesforce and a trusted CA-signed cert for the external system
A. Use a trusted CA-signed certificate for salesforce and a trusted CA-signed cert for the external system
No.# For inbound integrations with Salesforce that utilize SAML-based single sign-on (SSO), the recommended OAuth flow is the OAuth 2.0 SAML Bearer Assertion Flow. This flow leverages a SAML assertion obtained from the external Identity Provider (IdP) as a credential to authenticate and authorize access to Salesforce.
https://help.salesforce.com/s/articleView?id=xcloud.remoteaccess_oauth_flows.htm&type=5
No.# using self-signed certificates can indeed lead to higher maintenance for the trusting party. This is because the trusting party needs to manually add the self-signed certificate to their truststore, a process that can be time-consuming and error-prone, especially in large environments where many certificates need to be managed
No.# A D
https://help.salesforce.com/s/articleView?id=000383976&language=en_US&type=1
No.# Relay State represents your landing page when the SSO flow is complete.
For IdP-Init flow, Relay State can be hardcoded to be a specific page within the service provider (like a home page).
For SP-Init flow, Relay State is often the link or URL that a user clicked (for example, a link to an Account record in Salesforce) which started the SP-Init flow (i.e. where you originally intended to go).
No.# https://help.salesforce.com/s/articleView?id=xcloud.sso_saml.htm&type=5
No.# JIT doesnt support Deprovisioning. You'll need to perform an API call, in this case SOAP API to deprovision
https://developer.salesforce.com/forums/?id=9060G000000MRYxQAO
No.# https://www.freecram.net/question/Salesforce.Identity-and-Access-Management-Designer.v2022-05-30.q112/northern-trail-outfitters-nto-has-a-requirement-to-ensure-all-user-logins-include-a-single-multi-factor
B is correct, except the setting is actually called something slightly different.
I just now did in my org and its asking for MFA.
"Require multi-factor authentication (MFA) for all direct UI logins to your Salesforce org"
No.# The recommended way to configure the IdP for seamless access is to use IdP-initiated SSO that passes the SAML token upon Salesforce resource accessrequest.
This means that the user logs in to the corporate portal first, and then clicks a link to access a Salesforce resource. The IdP sends a SAML response to Salesforce with the user’s identity and other attributes.
Salesforce verifies the SAML response and logs in the user to the appropriate Salesforce org and community.
This way, the user does not have to log in again to Salesforce or enter any credentials
No.# D
For customers to access the off-platform shipping label generator application through the App Launcher, a Salesforce Community License should be recommended. This license allows customers to use the App Launcher and access connected apps like the label generator. The usage of external authentication providers (Facebook, Google) and the OAuth flow in the label generator application further supports the use of a Community License.
Identity Only is for internal users.
External identity license does not give user access to Case / Order object.
Customer Community Plus license is overkill.