Salesforce IDENTITY-AND-ACCESS-MANAGEMENT-DESIGNER Online Practice Questions and Exam Preparation

Salesforce IDENTITY-AND-ACCESS-MANAGEMENT-DESIGNER Online Questions & Answers

• Question 71:

  Universal Containers (UC) uses Salesforce for its customer service agents. UC has a proprietary system for order tracking which supports Security Assertion Markup Language (SAML) based single sign-on. The VP of customer service wants to ensure only active Salesforce users should be able to access the order tracking system which is only visible within Salesforce.

  What should be done to fulfill the requirement?

  Choose 2 answers

  A. Setup Salesforce as an identity provider (IdP) for order Tracking.
  B. Set up the Corporate Identity store as an identity provider (IdP) for Order Tracking,
  C. Customize Order Tracking to initiate a REST call to validate users in Salesforce after login.
  D. Setup Order Tracking as a Canvas app in 5alesforce to POST IdP initiated SAML assertion.
  A. Setup Salesforce as an identity provider (IdP) for order Tracking.
  B. Set up the Corporate Identity store as an identity provider (IdP) for Order Tracking,

• Question 72:

  Containers (UC) has an existing Customer Community. UC wants to expand the self- registration capabilities such that customers receive a different community experience based on the data they provide during the registration process. What is the recommended approach an Architect Should recommend to UC?

  A. Create an After Insert Apex trigger on the user object to assign specific custom permissions.
  B. Create separate login flows corresponding to the different community user personas.
  C. Modify the Community pages to utilize specific fields on the User and Contact records.
  D. Modify the existing Communities registration controller to assign different profiles.
  C. Modify the Community pages to utilize specific fields on the User and Contact records.

• Question 73:

  Northern Trail Outfitters (NTO) wants to give customers the ability to submit and manage issues with their purchases. It is important for to give its customers the ability to login with their Facebook and Twitter credentials.

  Which two actions should an identity architect recommend to meet these requirements?

  Choose 2 answers

  A. Create a custom external authentication provider for Facebook.
  B. Configure a predefined authentication provider for Facebook.
  C. Create a custom external authentication provider for Twitter.
  D. Configure a predefined authentication provider for Twitter.
  B. Configure a predefined authentication provider for Facebook.
  D. Configure a predefined authentication provider for Twitter.

• Question 74:

  How should an Architect automatically redirect users to the login page of the external Identity provider when using an SP-Initiated SAML flow with Salesforce as a Service Provider?

  A. Use visualforce as the landing page for My Domain to redirect users to the Identity Provider login Page.
  B. Enable the Redirect to the Identity Provider setting under Authentication Services on the My domain Configuration.
  C. Remove the Login page from the list of Authentication Services on the My Domain configuration.
  D. Set the Identity Provider as default and enable the Redirect to the Identity Provider setting on the SAML Configuration.
  C. Remove the Login page from the list of Authentication Services on the My Domain configuration.

• Question 75:

  The CMO of an advertising company has invited an Identity and Access Management (IAM) specialist to discuss Salesforce out-of-box capabilities for configuring the company*s login and registration experience on Salesforce Experience

  Cloud.

  The CMO is looking to brand the login page with the company's logo, background color, login button color, and dynamic right-frame from an external URL.

  Which two solutions should the IAM specialist recommend?

  Choose 2 answers

  A. Use Experience Builder to build branded Reset and Forgot Password pages.
  B. Build custom pages for branding requirements in Experience Cloud.
  C. Build custom site pages for reset and forgot password features.
  D. Login and Registration pages can be branded in the Community Administration settings.
  A. Use Experience Builder to build branded Reset and Forgot Password pages.
  D. Login and Registration pages can be branded in the Community Administration settings.

• Question 76:

  Universal Containers (UC) wants to implement SAML SSO for their internal of Salesforce users using a third-party IdP. After some evaluation, UC decides NOT to 65?set up My Domain for their Salesforce org. How does that decision impact their SSO implementation?

  A. IdP-initiated SSO will NOT work.
  B. Neither SP- nor IdP-initiated SSO will work.
  C. Either SP- or IdP-initiated SSO will work.
  D. SP-initiated SSO will NOT work
  B. Neither SP- nor IdP-initiated SSO will work.

• Question 77:

  Universal Containers (UC) is considering a Customer 360 initiative to gain a single source of the truth for its customer data across disparate systems and services. UC wants to understand the primary benefits of Customer 360 Identity and

  how it contributes ato successful Customer 360 Truth project.

  What are two are key benefits of Customer 360 Identity as it relates to Customer 360?

  Choose 2 answers

  A. Customer 360 Identity automatically integrates with Customer 360 Data Manager and Customer 360 Audiences to seamlessly populate all user data.
  B. Customer 360 Identity enables an organization to build a single login for each of its customers, giving the organization an understanding of the user's login activity across all its digital properties and applications.
  C. Customer 360 Identity supports multiple brands so you can deliver centralized identity services and correlation of user activity, even if it spans multiple corporate brands and user experiences.
  D. Customer 360 Identity not only provides a unified sign up and sign in experience, but also tracks anonymous user activity prior to signing up so organizations can understand user activity before and after the users identify themselves.
  B. Customer 360 Identity enables an organization to build a single login for each of its customers, giving the organization an understanding of the user's login activity across all its digital properties and applications.
  C. Customer 360 Identity supports multiple brands so you can deliver centralized identity services and correlation of user activity, even if it spans multiple corporate brands and user experiences.

  ---

  Explanation/Reference:

• Question 78:

  Universal Containers (UC) is rolling out its new Customer Identity and Access Management Solution built on top of its existing Salesforce instance. UC wants to allow customers to login using Facebook, Google, and other social sign-on providers.

  How should this functionality be enabled for UC, assuming ail social sign-on providers support OpenID Connect?

  A. Configure an authentication provider and a registration handler for each social sign-on provider.
  B. Configure a single sign-on setting and a registration handler for each social sign-on provider.
  C. Configure an authentication provider and a Just-In-Time (JIT) handler for each social sign-on provider.
  D. Configure a single sign-on setting and a JIT handler for each social sign-on provider.
  A. Configure an authentication provider and a registration handler for each social sign-on provider.

• Question 79:

  Universal containers wants to set up SSO for a selected group of users to access external applications from salesforce through App launcher. Which three steps must be completed in salesforce to accomplish the goal?

  A. Associate user profiles with the connected Apps.
  B. Complete my domain and Identity provider setup.
  C. Create connected apps for the external applications.
  D. Complete single Sign-on settings in security controls.
  E. Create named credentials for each external system.
  A. Associate user profiles with the connected Apps.
  B. Complete my domain and Identity provider setup.
  C. Create connected apps for the external applications.

• Question 80:

  Northern Trail Outfitters (NTO) employees use a custom on-premise helpdesk application to request, approve, notify, and track access granted to various on-premises and cloud applications, including Salesforce. Salesforce is currently used to authenticate users.

  How should NTO provision Salesforce users as soon as they are approved in the helpdesk application with the approved profiles and permission sets?

  A. Build an integration that performs a remote call-in to the Salesforce SOAP or REST API.
  B. Use a login flow to query the helpdesk to validate user status.
  C. Have the helpdesk initiate an IdP-initiated Just-m-Time provisioning Security Assertion Markup Language flow.
  D. Use Salesforce Connect to integrate with the helpdesk application.
  B. Use a login flow to query the helpdesk to validate user status.