- Home
- Salesforce
- Identity-and-Access-Management-Designer
- Salesforce.Identity-and-Access-Management-Designer.v2022-05-30.q112.pdf
Valid Identity-and-Access-Management-Designer Dumps shared by ExamDiscuss.com for Helping Passing Identity-and-Access-Management-Designer Exam! ExamDiscuss.com now offer the newest Identity-and-Access-Management-Designer exam dumps, the ExamDiscuss.com Identity-and-Access-Management-Designer exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Identity-and-Access-Management-Designer dumps with Test Engine here:
Access Identity-and-Access-Management-Designer Dumps Premium Version
(245 Q&As Dumps, 35%OFF Special Discount Code: freecram)
Online Access Free Identity-and-Access-Management-Designer Exam Questions
| Exam Code: | Identity-and-Access-Management-Designer |
| Exam Name: | Salesforce Certified Identity and Access Management Designer |
| Certification Provider: | Salesforce |
| Free Question Number: | 112 |
| Version: | v2022-05-30 |
| Rating: | |
| # of views: | 4507 |
| # of Questions views: | 174852 |
| Go To Identity-and-Access-Management-Designer Questions | |
- Other Version
- 5199 viewsSalesforce.Identity-and-Access-Management-Designer.v2022-09-27.q96
- 2571 viewsSalesforce.Identity-and-Access-Management-designer.v2022-05-03.q80
- 2599 viewsSalesforce.Identity-and-Access-Management-Designer.v2022-02-02.q45
- 2378 viewsSalesforce.Identity-and-Access-Management-designer.v2022-01-13.q67
- 2331 viewsSalesforce.Identity-and-Access-Management-Designer.v2021-08-28.q43
- 2119 viewsSalesforce.Identity-and-Access-Management-designer.v2021-08-02.q46
- 3689 viewsSalesforce.Identity-and-Access-Management-Designer.v2021-01-08.q46
- 2575 viewsSalesforce.Identity-and-Access-Management-Designer.v2020-12-01.q43
- Exam Question List
- Question 1: Universal containers (UC) does my domain enable in the conte...
- Question 2: Universal Containers (UC) is considering a Customer 360 init...
- 2 commentQuestion 3: Universal containers (UC) employees have salesforce access f...
- Question 4: Universal Containers (UC) has a mobile application for its e...
- 2 commentQuestion 5: Northern Trail Outfitters (NTO) has an existing custom busin...
- 1 commentQuestion 6: Northern Trail Outfitters would like to automatically create...
- 3 commentQuestion 7: Universal Containers (UC) wants to integrate a third-party R...
- Question 8: Universal Containers (UC) is building an integration between...
- 4 commentQuestion 9: Which two statements are capable of Identity Connect? Choose...
- Question 10: Universal Containers (UC) has implemented a multi-org archit...
- 3 commentQuestion 11: Universal containers wants salesforce inbound Oauth-enabled ...
- 2 commentQuestion 12: What information does the 'Relaystate' parameter contain in ...
- Question 13: customer service representatives at Universal containers (UC...
- 1 commentQuestion 14: Containers (UC) uses an internal system for recruiting and w...
- Question 15: Northern Trail Outfitters (NTO) wants to improve its engagem...
- Question 16: The security team at Universal Containers has identified exp...
- Question 17: Universal containers (UC) has implemented ansp-Initiated SAM...
- Question 18: Which three are capabilities of SAML-based Federated authent...
- Question 19: A global company's Salesforce Identity Architect is reviewin...
- Question 20: A pharmaceutical company has an on-premise application (see ...
- 1 commentQuestion 21: Universal Containers (UC) uses Salesforce for its customer s...
- 1 commentQuestion 22: How should an Architect force users to authenticate with Two...
- Question 23: The security team at Universal Containers (UC) has identifie...
- 3 commentQuestion 24: A client is planning to rollout multi-factor authentication ...
- Question 25: Universal Containers allows employees to use a mobile device...
- 1 commentQuestion 26: Which two security risks can be mitigated by enabling Two-Fa...
- 2 commentQuestion 27: In an SP-Initiated SAML SSO setup where the user tries to ac...
- Question 28: Northern Trail Outfitters (NTO) wants to give customers the ...
- Question 29: The security team at Universal Containers (UC) hasidentified...
- Question 30: Universal Containers has implemented a multi-org strategy an...
- 1 commentQuestion 31: Universal Containers (UC) built an integration for their emp...
- Question 32: Universal Containers (UC) has Active Directory (AD) as their...
- 2 commentQuestion 33: Containers (UC) has an existing Customer Community. UC wants...
- 2 commentQuestion 34: Universal Containers (UC) has five Salesforce orgs (UC1, UC2...
- Question 35: A group of users try to access one of Universal Containers' ...
- Question 36: Containers (UC) uses a legacy Employee portal for their empl...
- 2 commentQuestion 37: What are threecapabilitiesof Delegated Authentication? Choos...
- 2 commentQuestion 38: What item should an Architect consider when designing a Dele...
- Question 39: Universal Containers (UC) uses a home-grown Employee portal ...
- 2 commentQuestion 40: Northern Trail Outfitters (NTO) employees use a custom on-pr...
- Question 41: Universal Containers is using OpenID Connect to enable a con...
- Question 42: Northern Trail Outfitters (NTO) wants to give customers the ...
- Question 43: Universal containers wants to set up SSO for a selected grou...
- Question 44: Northern Trail Outfitters (NTO) is planning to roll out a pa...
- 1 commentQuestion 45: Universal containers (UC) would like to enable SAML-BASED SS...
- Question 46: Universal containers (UC) uses a legacy Employee portal for ...
- 2 commentQuestion 47: The security team at Universal containers(UC) has identified...
- 1 commentQuestion 48: Universal Containers (UC) wants its users to access Salesfor...
- Question 49: Universal Containers (UC) is building an integration between...
- 4 commentQuestion 50: Which three types of attacks would a 2-Factor Authentication...
- Question 51: Universal containers uses an Employee portal for their emplo...
- Question 52: Universal containers (UC) has a custom, internal-only, mobil...
- Question 53: Universal containers (UC) is concerned that having a self-re...
- Question 54: Universal containers (UC) has decided to use salesforce as a...
- Question 55: Universal Containers (UC) has decided to replace the homegro...
- Question 56: A technology enterprise is planning to implement single sign...
- Question 57: Universal Containers has implemented a multi-org strategy an...
- Question 58: An Identity and Access Management (IAM) Architect is recomme...
- Question 59: Universal Containers (UC) is building an integration between...
- Question 60: Universal containers(UC) has implemented SAML-BASED single S...
- Question 61: A global fitness equipment manufacturer uses Salesforce to m...
- 1 commentQuestion 62: Universal Containers (UC) would like to enable SAML-based SS...
- 2 commentQuestion 63: Which three are features of federated Single sign-on solutio...
- 2 commentQuestion 64: Containers (UC) has decided to implement a federated single ...
- Question 65: Universal containers(UC) wants to integrate a third-party re...
- Question 66: Universal Containers (UC) wants to build a custom mobile app...
- 1 commentQuestion 67: Universal containers (UC) is setting up their customer Commu...
- Question 68: A multinational company is looking to rollout Salesforce glo...
- Question 69: Universal Containers (UC) has implemented SAML-based Single ...
- Question 70: The CMO of an advertising company has invited an Identity an...
- 3 commentQuestion 71: Universal Containers (UC) has an existing Salesforce org con...
- 1 commentQuestion 72: Universal Containers (UC) wants to integrate a web applicati...
- Question 73: Universal Containers has built a custom token-based Two-Fact...
- Question 74: Universal Containers (UC) is looking to purchase a third-par...
- Question 75: An architect has successfully configured SAML-BASED SSO for ...
- Question 76: Universal Containers (UC) would like to enable self-registra...
- 2 commentQuestion 77: universal container plans to develop a custom mobile app for...
- Question 78: Universal Containers want users to be able to log in to the ...
- 1 commentQuestion 79: Northern Trail Outfitters (NTO) is planning to build a new c...
- Question 80: Universal containers wants to implement SAML SSO for their i...
- Question 81: A financial enterprise is planning to set up a user authenti...
- Question 82: The CIO of universal containers(UC) wants to start taking ad...
- 3 commentQuestion 83: Northern Trail Outfitters (NTO) has a requirement to ensure ...
- Question 84: Universal Containers is creating a mobile application that w...
- Question 85: Universal Containers (UC) would liketo enable self-registrat...
- Question 86: Universal Containers (UC) is using Active Directory as its c...
- Question 87: A multinational industrial products manufacturer is planning...
- 1 commentQuestion 88: Northern Trail Outfitters (NTO) uses the Customer 360 Platfo...
- 1 commentQuestion 89: Universal Containers (UC) wants to implement SAML SSO for th...
- 2 commentQuestion 90: Which two are valid choices for digital certificates when se...
- 2 commentQuestion 91: which three are features of federated Single Sign-on solutio...
- Question 92: The CIO of Universal Containers (UC) wants to start taking a...
- 3 commentQuestion 93: A global company has built an external application that uses...
- Question 94: In a typical SSL setup involving a trusted party and trustin...
- 1 commentQuestion 95: Universal Containers (UC) has an existing e-commerce platfor...
- 2 commentQuestion 96: Which two considerations should be made when implementing De...
- 1 commentQuestion 97: Universal Containers (UC) wants to implement SAML SSO for th...
- Question 98: Universal Containers (UC) plans to use a SAML-based third-pa...
- Question 99: Universal Containers is creating a mobile application that w...
- Question 100: An organization has a central cloud-based Identity and Acces...
- Question 101: Universal Containers (UC) wants to provide single sign-on (S...
- 2 commentQuestion 102: Universal Containers (UC) wants to build a few applications ...
- 2 commentQuestion 103: Which two things should be done to ensure end users can only...
- Question 104: Universal Containers (UC) has a custom, internal-only, mobil...
- Question 105: Universal Containers (UC) wants to build a mobile applicatio...
- 3 commentQuestion 106: Universal Containers (UC) uses Salesforce to allow customers...
- Question 107: Universal Containers (UC) has a classified information syste...
- 1 commentQuestion 108: architect is troubleshooting some SAML-based SSO errors duri...
- Question 109: Which three capabilities does SAML-based Federated authentic...
- Question 110: Universal Containers (UC) uses middleware to integrate multi...
- Question 111: After a recent audit, universal containers was advised to im...
- Question 112: Users logging into Salesforce are frequently prompted to ver...
[×]
Download PDF File
Enter your email address to download Salesforce.Identity-and-Access-Management-Designer.v2022-05-30.q112.pdf
Recent Comments (The most recent comments are at the top.)
No.# A - SAML assertion Oauth flow
No.# A is correct because SF is used to authenticate users meaning SF is identity provider. So if user uses login flow --> then it can call Helpdesk to find the status and create user in SF.
No.# Answer is A ....external identity license does not give user access to Case / Order object
No.# B and C is the right answer as it is asking which SF features provides Username / password capabilities . App Launcher is not a SF feature.
I passed the Identity-and-Access-Management-Designer with perfect score.
No.# A is wrong because a login flow would not be triggered until a user tries to login. The requirement says the user should be created as soon as they are approved. Plus login flows are not meant for JIT.
B is wrong because the helpdesk is not the idp so it can't initiate idp initiated JIT. Plus JIT is only done when the user attempts to login, not immediately when the help desk approves the user.
C - it's certainly possible to create users via soap or rest. Doesn't seem like an ideal answer, but it's the only valid option.
D is wrong because Salesforce connect is not used for creating users, it's used to access external data which is configured as an external object in Salesforce.
No.# Assuming the user is logging into Salesforce via SSO, the correct answer is RelayState
https://help.salesforce.com/s/articleView?id=sf.sso_saml_start_stop_pages.htm&type=5
redirect_url is configured at the connected app level and is not specific to a specific Idea or other record in Salesforce.
https://trailhead.salesforce.com/content/learn/projects/build-a-connected-app-for-api-integration/implement-the-oauth-20-web-server-authentication-flow
No.# Not a great question.
A is wrong since session timeout should mitigate this, not MFA
B is wrong because you can still use Salesforce from a public wifi even with MFA
C is wrong because this could be mitigated without MFA, by enforcing password policies.
D is wrong because they can still use their Facebook password even with MFA
Okay I guess B and D are still the best answers, because even though users can still do these things which are not secure, adding MFA makes it a little more secure.
No.# I think A, B D, E, are all correct.
Lightning login:
https://help.salesforce.com/s/articleView?id=sf.security_ll_overview.htm&type=5
Lightning Login relies on Salesforce Authenticator (version 2 or later), the multi-factor authentication mobile app that’s available as a free download for iOS and Android devices. By requiring two factors of authentication for login, Lightning Login adds an extra layer of security.
The first factor is something that the user has—for example, a mobile device that has Salesforce Authenticator installed and connected with the user’s Salesforce account.
The second factor is something that the user is, such as a fingerprint, or something that the user knows, such as a PIN. The second level of authentication enhances security by requiring access to the mobile device and the user’s fingerprint or PIN.
SMS: https://help.salesforce.com/s/articleView?id=sf.security_mfa_sms_for_external_users.htm&type=5
Third party: https://help.salesforce.com/s/articleView?id=sf.mfa_supported_verification_methods_totp.htm&type=5
Security Key: https://help.salesforce.com/s/articleView?id=sf.mfa_supported_verification_methods_securitykey.htm&type=5...
No.# This question is outdated since Salesforce requires MFA for all UI logins now.
No.# B. SF is the Idp
D. If the application should be "only visible within Salesforce" then option D Canvas makes sense.
And since Salesforce is the IdP, it makes sense that it would be an IdP initiated session.
No.# JWT and SAML both deal with digital certificates. So they are the best answers.
JWT makes sense because the server to server integration.
But I don't see how SAML makes sense, because I don't think the recruiting system user is logging into Salesforce.
If the recruiting system itself connects via API SSO, it should be SAML Assertion, not SAML Bearer Assertion.
No.# Only C is correct.
A is not correct because it's not secure. But if we have to choose a second option, I would choose A. On the exam we hope to see Web Server or Client Credentials option instead for this scenario.
https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_username_password_flow.htm&type=5
B is not correct because SSO is not mentioned in the question, but if SSO did apply, it would be SAML Assertion Flow, not SAML Bearer Assertion
https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_jwt_flow.htm&type=5
C is correct because JWT applies for server to server. Since it's a scheduled job not initiated by a user, we assume it's server to server.
D is not correct because JWT doesn't support refresh token
https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_jwt_flow.htm&type=5
No.# This is a poorly written question. It says it doesn't support SAML. This implies the website is not built on Salesforce Experience Cloud. If Salesforce is not being used as the platform, but Salesforce is needed for authentication, then we would assume it would be an Identity only license
https://help.salesforce.com/s/articleView?id=sf.identity_licenses.htm&type=5
But Identity only license is meant for SSO, which is not supported here. So that would imply maybe C) Delegated Authentication, but Delegate Authentication is documented as a feature for logging into Salesforce with non-Salesforce credentials. Not logging into another application with Salesforce credentials.
So the answer should be B and D.
A. Is wrong because Identity Connect requires Active Directory, and external consumer users would not be in AD.
B. Could be a right answer in the past, but as of Summer '24, it's not supported anymore.
D. Embeded Login requires a connected app, so if B is correct, so is D
https://help.salesforce.com/s/articleView?id=sf.external_identity_login_step_2.htm&type=5...
No.# Ans should be C.
Please See: https://help.salesforce.com/s/articleView?id=000392426&type=1
The service customers are very nice with immediate responses, if you have any questions about the Identity-and-Access-Management-Designer exam materials, don't worry about that for they can explain for you.
No.# Due to nature of 5 possible answers I assume that 3 are correct. A, D, E
No.# Should be B
No.# A & B are correct. You dont have to request authorization anymore.
https://help.salesforce.com/s/articleView?id=sf.sso_enforce_sso_login.htm&type=5
No.# ACDE : https://www.onelogin.com/learn/mfa-types-of-cyber-attacks#:~:text=In%20addition%20to%20combating%20common,to%20access%20the%20target%20account.