Salesforce Certified Identity and Access Management Designer Exam Practice Questions (P. 3)
- Full Access (60 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #11
Universal Containers has implemented a multi-org strategy and would like to centralize the management of their Salesforce user profiles.
What should the Architect recommend to allow Salesforce profiles to be managed from a central system of record?
What should the Architect recommend to allow Salesforce profiles to be managed from a central system of record?
- AImplement JIT provisioning on the SAML IdP that will pass the ProfileID in each assertion.Most Voted
- BImplement Delegated Authentication that will update the user profiles as necessary.
- CCreate an Apex scheduled job in one org that will synchronize the other org's profiles.
- DImplement an OAuth JWT flow to pass the profile credentials between systems.
Correct Answer:
A
A
send
light_mode
delete
Question #12
Universal Containers (UC) has implemented SAML-based Single Sign-on for their Salesforce application. UC is using PingFederate as the Identity Provider. To access Salesforce, users usually navigate to a bookmarked link to My Domain URL.
What type of Single Sign-on flow is this?
What type of Single Sign-on flow is this?
- AIdP-Initiated
- BIdP-Initiated with Deep Linking
- CSP-Initiated
- DWeb Server Flow
Correct Answer:
C
C
send
light_mode
delete
Question #13
What item should an Architect consider when designing a Delegated Authentication implementation?
- AThe web service should be secured with TLS using Salesforce trusted certificates.
- BThe web service should be able to accept one to four input method parameters.
- CThe web service should use the Salesforce Federation ID to identify the user.
- DThe web service should implement a custom password decryption method.
Correct Answer:
A
A
send
light_mode
delete
Question #14
Universal Containers has built a custom token-based Two-Factor Authentication system for their existing on-premise applications. They are now implementing Salesforce and would like to enable a Two-Factor login process for it, as well.
What is the recommended solution an Architect should consider?
What is the recommended solution an Architect should consider?
- AReplace the custom 2FA system with an AppExchange App that supports on-premise applications and Salesforce.
- BUse the custom 2FA system for on-premise applications and native 2FA for Salesforce.
- CReplace the custom 2FA system with Salesforce 2FA for on-premise applications and Salesforce.
- DUse Custom Login Flows to connect to the existing custom 2FA system for use in Salesforce.
Correct Answer:
D
D
send
light_mode
delete
Question #15
Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice.
Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case? (Choose two.)
Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case? (Choose two.)
- AThe Identity Provider can authenticate multiple applications.Most Voted
- BThe Identity Provider can authenticate multiple social media accounts.
- CThe Identity Provider can store credentials for multiple applications.
- DThe Identity Provider can centralize enterprise password policy.Most Voted
Correct Answer:
CD
CD
send
light_mode
delete
All Pages