Download Salesforce Certified Identity and Access Management Architect.Identity-and-Access-Management-Architect.VCEplus.2022-10-28.30q.vcex

Vendor: Salesforce
Exam Code: Identity-and-Access-Management-Architect
Exam Name: Salesforce Certified Identity and Access Management Architect
Date: Oct 28, 2022
File Size: 24 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
Universal Containers (UC) built an integration for their employees to post, view, and vote for ideas in Salesforce from an internal Company portal. When ideas are posted in Salesforce, links to the ideas are created in the company portal pages as part of the integration process. The Company portal connects to Salesforce using OAuth. Everything is working fine, except when users click on links to existing ideas, they are always taken to the Ideas home page rather than the specific idea, after authorization. Which OAuth URL parameter can be used to retain the original requested page so that a user can be redirected correctly after OAuth authorization?
  1. Redirect_uri
  2. State
  3. Scope
  4. Callback_uri
Correct answer: A
Question 2
Universal containers (UC) would like to enable SAML-BASED SSO for a salesforce partner community.
UC has an existing ldap identity store and a third-party portal. They would like to use the existing portal as the primary site these users access, but also want to allow seamless access to the partner community. What SSO flow should an architect recommend?
  1. User-Agent
  2. IDP-initiated
  3. Sp-Initiated
  4. Web server  
Correct answer: B
Question 3
Universal Containers (UC) is building an integration between Salesforce and a legacy web applications using the canvas framework. The security for UC has determined that a signed request from Salesforce is not an adequate authentication solution for the Third-Party app. Which two options should the Architect consider for authenticating the third-party app using the canvas framework? 
Choose 2 Answers
  1. Utilize the SAML Single Sign-on flow to allow the third-party to authenticate itself against UC's IdP.
  2. Utilize Authorization Providers to allow the third-party appliction to authenticate itself against Salesforce as the Idp.
  3. Utilize Canvas OAuth flow to allow the third-party appliction to authenticate itself against Salesforce as the Idp.
  4. Create a registration handler Apex class to allow the third-party appliction to authenticate itself against Salesforce as the Idp.
Correct answer: AC
Question 4
Universal Containers (UC) wants to build a custom mobile app for their field reps to create orders in salesforce. After the first time the users log in, they must be able to access salesforce upon opening the mobile app without being prompted to log in again. What Oauth flows should be considered to support this requirement?
  1. Web Server flow with a Refresh Token.
  2. Mobile Agent flow with a Bearer Token.
  3. User Agent flow with a Refresh Token. 
  4. SAML Assertion flow with a Bearer Token.
Correct answer: C
Question 5
What item should an Architect consider when designing a Delegated Authentication implementation?
  1. The Web service should be secured with TLS using Salesforce trusted certificates.
  2. The Web service should be able to accept one to four input method parameters.
  3. The web service should use the Salesforce Federation ID to identify the user.
  4. The Web service should implement a custom password decryption method.
Correct answer: A
Question 6
A group of users try to access one of Universal Containers' Connected Apps and receive the following error message: " Failed: Not approved for access." 
What is the most likely cause of this issue?
  1. The Connected App settings "All users may self-authorize" is enabled.
  2. The Salesforce Administrators have revoked the OAuth authorization. 
  3. The Users do not have the correct permission set assigned to them.
  4. The User of High Assurance sessions are required for the Connected App.
Correct answer: C
Question 7
Containers (UC) has decided to implement a federated single Sign-on solution using a third-party Idp.
In reviewing the third-party products, they would like to ensure the product supports the automated provisioning and deprovisioning of users. 
What are the underlining mechanisms that the UC Architect must ensure are part of the product?
  1. SOAP API for provisioning; Just-in-Time (JIT) for Deprovisioning.
  2. Just-In-time (JIT) for Provisioning; SOAP API for Deprovisioning.
  3. Provisioning API for both Provisioning and Deprovisioning.
  4. Just-in-Time (JIT) for both Provisioning and Deprovisioning.
Correct answer: D
Question 8
Under which scenario Web Server flow will be used?
  1. Used for web applications when server-side code needs to interact with APIS. 
  2. Used for server-side components when page needs to be rendered.
  3. Used for mobile applications and testing legacy Integrations.
  4. Used for verifying Access protected resources.
Correct answer: A
Question 9
architect is troubleshooting some SAML-based SSO errors during testing. The Architect confirmed that all of the Salesforce SSO settings are correct. Which two issues outside of the Salesforce SSO settings are most likely contributing to the SSO errors the Architect is encountering? 
Choose 2 Answers
  1. The Identity Provider is also used to SSO into five other applications.
  2. The clock on the Identity Provider server is twenty minutes behind Salesforce.
  3. The Issuer Certificate from the Identity Provider expired two weeks ago.
  4. The default language for the Identity Provider and Salesforce are Different.
Correct answer: BC
Question 10
Universal Containers (UC) has a Desktop application to collect leads for marketing campaigns. UC wants to extend this application to integrate with Salesforce to create leads. Integration between the desktop application and salesforce should be seamless. What Authorization flow should the Architect recommend?
  1. JWT Bearer Token flow
  2. Web Server Authentication Flow
  3. User Agent Flow
  4. Username and Password Flow
Correct answer: C
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!