• Home
  • Articles
  • [Aug 25, 2023] Salesforce Identity-and-Access-Management-Designer Exam Dumps Are Essential To Get Good Marks [Q13-Q31]

[Aug 25, 2023] Salesforce Identity-and-Access-Management-Designer Exam Dumps Are Essential To Get Good Marks [Q13-Q31]

Share

[Aug 25, 2023] Salesforce Identity-and-Access-Management-Designer Exam Dumps Are Essential To Get Good Marks

Latest Salesforce Identity-and-Access-Management-Designer Dumps with Test Engine and PDF (New Questions)

NEW QUESTION # 13
Universal Containers (UC) uses Salesforce to allow customers to keep track of the order status. The customers can log in to Salesforce using external authentication providers, such as Facebook and Google. UC is also leveraging the App Launcher to let customers access an of platform application for generating shipping labels. The label generator application uses OAuth to provide users access. What license type should an Architect recommend for the customers?

  • A. Customer Community Plus license
  • B. External Identity license
  • C. Customer Community license
  • D. Identity license

Answer: D


NEW QUESTION # 14
In a typical SSL setup involving a trusted party and a trusting party, what consideration should an Architect take into account when using digital certificates?

  • A. Use of self-signed certificate leads to higher maintenance for trusting party because the cert needs to be added to their truststore.
  • B. Use of self-signed certificate leads to lower maintenance for trusted party because multiple self-signed certs need to be maintained.
  • C. Use of self-signed certificate leads to higher maintenance for trusted party because they have to act as the trusted CA.
  • D. Use of self-signed certificate leads to lower maintenance for trusting party because there is no trusted CA cert to maintain.

Answer: A


NEW QUESTION # 15
Universal Containers (UC) has an existing e-commerce platform and is implementing a new customer community. They do not want to force customers to register on both applications due to concern over the customers experience. It is expected that 25% of the e-commerce customers will utilize the customer community . The e-commerce platform is capable of generating SAML responses and has an existing REST-ful API capable of managing users. How should UC create the identities of its e-commerce users with the customer community?

  • A. Use a nightly batch ETL job to sync users between the Customer Community and the e-commerce platform and use SAML to allow SSO.
  • B. Use the e-commerce REST API to create users when a user self-register on the customer community and use SAML to allow SSO.
  • C. Use the standard Salesforce API to create users in the Community When a User is Created in the e-Commerce platform and use SAML to allow SSO.
  • D. Use SAML JIT in the Customer Community to create users when a user tries to login to the community from the e-commerce site.

Answer: D


NEW QUESTION # 16
After a recent audit, universal containers was advised to implement Two-factor Authentication for all of their critical systems, including salesforce. Which two actions should UC consider to meet this requirement?
Choose 2 answers

  • A. Require users to enter a second password after the first Authentication
  • B. Require users to provide their RSA token along with their credentials.
  • C. Require users to use a biometric reader as well as their password
  • D. Require users to supply their email and phone number, which gets validated.

Answer: C,D


NEW QUESTION # 17
Universal containers(UC) wants to integrate a third-party reward calculation system with salesforce to calculate rewards. Rewards will be calculated on a schedule basis and update back into salesforce. The integration between Salesforce and the reward calculation system needs to be secure. Which are the recommended best practices for using Oauth flows in this scenario? Choose 2 answers

  • A. Oauth Username-password flow
  • B. Oauthjwt bearer token flow
  • C. Oauth refresh token flow
  • D. Oauth SAML bearer assertion flow

Answer: B,D


NEW QUESTION # 18
Universal Containers (UC) has a Customer Community that uses Facebook for Authentication. UC would like to ensure that Changes in the Facebook profile are reflected on the appropriate Customer Community user: How can this requirement be met?

  • A. Use SAML Just-In-Time Provisioning between Facebook and Salesforce.
  • B. Use information in the signed Request that is received from facebook.
  • C. Develop a scheduled job that calls out to Facebook on a nightly basis.
  • D. Use the updateUser method on the registration Handler Class.

Answer: D


NEW QUESTION # 19
Universal Containers built a custom mobile app for their field reps to create orders in Salesforce. OAuth is used for authenticating mobile users. The app is built in such a way that when a user session expires after Initial login, a new access token is obtained automatically without forcing the user to log in again. While that improved the field reps' productivity, UC realized that they need a "logout" feature.
What should the logout function perform in this scenario, where user sessions are refreshed automatically?

  • A. Clear out all the tokens to stop auto session refresh.
  • B. Invoke the revocation URL and pass the access token.
  • C. Clear out the client Id to stop auto session refresh.
  • D. Invoke the revocation URL and pass the refresh token.

Answer: D


NEW QUESTION # 20
Northern Trail Outfitters (NTO) utilizes a third-party cloud solution for an employee portal. NTO also owns Salesforce Service Cloud and would like employees to be able to login to Salesforce with their third-party portal credentials for a seamless expenence. The third-party employee portal only supports OAuth.
What should an identity architect recommend to enable single sign-on (SSO) between the portal and Salesforce?

  • A. Configure Salesforce for Delegated Authentication.
  • B. Create a custom external authentication provider.
  • C. Configure SSO to use the third party portal as an identity provider.
  • D. Add the third-party portal as a connected app.

Answer: C


NEW QUESTION # 21
Universal containers(UC) has implemented SAML-BASED single Sign-on for their salesforce application and is planning to provide access to salesforce on mobile devices using the salesforce1 mobile app. UC wants to ensure that single Sign-on is used for accessing the salesforce1 mobile app. Which two recommendations should the architect make? Choose 2 answers

  • A. Configure the embedded Web browser to use my domain URL.
  • B. Configure the salesforce1 app to use the my domain URL
  • C. Use the existing SAML SSO flow along with user agent flow.
  • D. Use the existing SAML SSO flow along with Web server flow

Answer: B,C


NEW QUESTION # 22
Universal Containers (UC) would like its community users to be able to register and log in with Linkedin or Facebook Credentials. UC wants users to clearly see Facebook &Linkedin Icons when they register and login. What are the two recommended actions UC can take to achieve this Functionality? Choose 2 answers

  • A. Enable Facebook and Linkedin as Login options in the login section of the Community configuration.
  • B. Store the Linkedin or Facebook user IDs in the Federation ID field on the Salesforce User record.
  • C. Create custom Registration Handlers to link Linkedin and facebook accounts to user records.
  • D. Create custom buttons for Facebook and inkedin using JAVAscript/CSS on a custom Visualforce page.

Answer: A,C


NEW QUESTION # 23
Which two are valid choices for digital certificates when setting up two-way SSL between Salesforce and an external system. Choose 2 answers

  • A. Use a trusted CA-signed certificate for salesforce and a trusted CA-signed cert for the external system
  • B. Use a self-signed certificate for salesforce and a self-signed cert for the external system
  • C. Use a trusted CA-signed certificate for salesforce and a self-signed cert for the external system
  • D. Use a self-signed certificate for salesforce and a trusted CA-signed cert for the external system

Answer: D


NEW QUESTION # 24
Universal containers (UC) would like to enable SSO between their existing Active Directory infrastructure and salesforce. The it team prefers to manage all users in Active Directory and would like to avoid doing any initial setup of users in salesforce directly, including the correct assignment of profiles, roles and groups. Which two optimal solutions should UC use to provision users in salesforce? Choose 2 answers

  • A. Use Identity connect to sync users from Active Directory to salesforce
  • B. Use Active Directory Federation Services to sync users from active directory to salesforce.
  • C. Use the salesforce REST API to sync users from active directory to salesforce
  • D. Use an app exchange product to sync users from Active Directory to salesforce.

Answer: A,D


NEW QUESTION # 25
Universal Container's (UC) is using Salesforce Experience Cloud site for its container wholesale business. The identity architect wants to an authentication provider for the new site.
Which two options should be utilized in creating an authentication provider?
Choose 2 answers

  • A. A custom error URL can be set.
  • B. The default login user can be set.
  • C. A custom registration handier can be set.
  • D. The default authentication provider certificate can be set.

Answer: A,C


NEW QUESTION # 26
universal container plans to develop a custom mobile app for the sales team that will use salesforce for authentication and access management. The mobile app access needs to be restricted to only the sales team.
What would be the recommended solution to grant mobile app access to sales users?

  • A. Add a new identity provider to authenticate and authorize mobile users.
  • B. Use a custom attribute on the user object to control access to the mobile app
  • C. Use connected apps Oauth policies to restrict mobile app access to authorized users.
  • D. Use the permission set license to assign the mobile app permission to sales users

Answer: A


NEW QUESTION # 27
Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case?
Choose 2 answers

  • A. The Identity Provider can centralize enterprise password policy.
  • B. The Identity Provider can authenticate multiple applications.
  • C. The Identity provider can store credentials for multiple applications.
  • D. The Identity Provider can authenticate multiple social media accounts.

Answer: A,B


NEW QUESTION # 28
Universal Containers (UC) wants to use Salesforce for sales orders and a legacy of system for order fulfillment. The legacy system must update the status of orders in 65* Salesforce in real time as they are fulfilled. UC decides to use OAuth for connecting the legacy system to Salesforce. What OAuth flow should be considered that doesn't require storing credentials, client secret or refresh tokens?

  • A. User Agent flow
  • B. Web Server flow
  • C. JWT Bearer Token flow
  • D. Username-Password flow

Answer: C


NEW QUESTION # 29
Universal Containers is implementing Salesforce Identity to broker authentication from its enterprise single sign-on (SSO) solution through Salesforce to third party applications using SAML.
What rote does Salesforce Identity play in its relationship with the enterprise SSO system?

  • A. Client Application
  • B. Identity Provider (IdP)
  • C. Resource Server
  • D. Service Provider (SP)

Answer: D


NEW QUESTION # 30
How should an Architect force users to authenticate with Two-factor Authentication (2FA) for Salesforce only when NOT connected to an internal company network?

  • A. Use an Apex Trigger on the UserLogin object to detect the user's IP address and prompt for 2FA if needed.
  • B. Add the company's list of network IP addresses to the Login Range list under 2FA Setup.
  • C. Apply the "Two-factor Authentication for User Interface Logins" permission and Login IP Ranges for all Profiles.
  • D. Use Custom Login Flows with Apex to detect the user's IP address and prompt for 2FA if needed.

Answer: D


NEW QUESTION # 31
......


To prepare for the Salesforce Identity-and-Access-Management-Designer Exam, candidates should have a strong background in Salesforce security and identity and access management concepts. They should also have hands-on experience designing and implementing these solutions using Salesforce technologies. A variety of study materials and resources are available to help candidates prepare for the exam, including study guides, practice exams, and online courses.

 

TestkingPass just published the Salesforce Identity-and-Access-Management-Designer exam dumps!: https://www.testkingpass.com/Identity-and-Access-Management-Designer-testking-dumps.html

Pass Your Identity-and-Access-Management-Designer Exam Easily - Real Identity-and-Access-Management-Designer Practice Dump Updated: https://drive.google.com/open?id=1tjvPmZH8JMof18nwPzaG70aofWiKc2l3

Related Articles

more
Salesforce Identity-and-Access-Management-Designer Certification Practice Exam