Month End Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Salesforce
  3. Identity and Access Management Designer
  4. Identity-and-Access-Management-Architect - Salesforce Certified Identity andAccess Management Architect (SU24)

Identity-and-Access-Management-Architect Exam Dumps - Salesforce Certified Identity andAccess Management Architect (SU24)

Go to page:
Question # 9

Northern Trail Outfitters (NTO) has an existing custom business-to-consumer (B2C) website that does NOT support single sign-on standards, such as Security Assertion Markup Language (SAMi) or OAuth. NTO wants to use Salesforce Identity to register and authenticate new customers on the website.

Which two Salesforce features should an identity architect use in order to provide username/password authentication for the website?

Choose 2 answers

A.

Identity Connect

B.

Delegated Authentication

C.

Connected Apps

D.

Embedded Login

Full Access
Question # 10

Universal containers(UC) wants to integrate a third-party reward calculation system with salesforce to calculate rewards. Rewards will be calculated on a schedule basis and update back into salesforce. The integration between Salesforce and the reward calculation system needs to be secure. Which are the recommended best practices for using Oauth flows in this scenario? Choose 2 answers

A.

Oauth refresh token flow

B.

Oauth SAML bearer assertion flow

C.

Oauthjwt bearer token flow

D.

Oauth Username-password flow

Full Access
Question # 11

An Identity architect works for a multinational, multi-brand organization. As they work with the organization to understand their Customer Identity and Access Management requirements, the identity architect learns that the brand experience is different for each of the customer's sub-brands and each of these branded experiences must be carried through the login experience depending on which sub-brand the user is logging into.

Which solution should the architect recommend to support scalability and reduce maintenance costs, if the organization has more than 150 sub-brands?

A.

Assign each sub-brand a unique Experience ID and use the Experience ID to dynamically brand the login experience.

B.

Use Audiences to customize the login experience for each sub-brand and pass an audience ID to the community during the OAuth and Security Assertion Markup Language (SAML) flows.

C.

Create a community subdomain for each sub-brand and customize the look and feel of the Login page for each community subdomain to match the brand.

D.

Create a separate Salesforce org for each sub-brand so that each sub-brand has complete control over the user experience.

Full Access
Question # 12

Universal Containers (UC) has an e-commerce website where customers can buy products, make payments and manage their accounts. UC decides to build a Customer Community on Salesforce and wants to allow the customers to access the community from their accounts without logging in again. UC decides to implement an SP-initiated SSO using a SAML-compliant Idp. In this scenario where Salesforce is the Service Provider, which two activities must be performed in Salesforce to make SP-initiated SSO work? Choose 2 answers

A.

Configure SAML SSO settings.

B.

Create a Connected App.

C.

Configure Delegated Authentication.

D.

Set up My Domain.

Full Access
Question # 13

Universal Containers is creating a web application that will be secured by Salesforce Identity using the OAuth 2.0 Web Server Flow uses the OAuth 2.0 authorization code grant type).

Which three OAuth concepts apply to this flow?

Choose 3 answers

A.

Verification URL

B.

Client Secret

C.

Access Token

D.

Scopes

Full Access
Question # 14

Universal Containers (UC) wants to provide single sign-on (SSO) for a business-to-consumer (B2C) application using Salesforce Identity.

Which Salesforce license should UC utilize to implement this use case?

A.

Identity Only

B.

Salesforce Platform

C.

External Identity

D.

Partner Community

Full Access
Question # 15

Universal Containers (UC) is building a customer community and will allow customers to authenticate using Facebook credentials. The First time the user authenticating using facebook, UC would like a customer account created automatically in their Accounting system. The accounting system has a web service accessible to Salesforce for the creation of accounts. How can the Architect meet these requirements?

A.

Create a custom application on Heroku that manages the sign-on process from Facebook.

B.

Use JIT Provisioning to automatically create the account in the accounting system.

C.

Add an Apex callout in the registration handler of the authorization provider.

D.

Use OAuth JWT flow to pass the data from Salesforce to the Accounting System.

Full Access
Question # 16

A financial services company uses Salesforce and has a compliance requirement to track information about devices from which users log in. Also, a Salesforce Security Administrator needs to have the ability to revoke the device from which users log in.

What should be used to fulfill this requirement?

A.

Use multi-factor authentication (MFA) to meet the compliance requirement to track device information.

B.

Use the Activations feature to meet the compliance requirement to track device information.

C.

Use the Login History object to track information about devices from which users log in.

D.

Use Login Flows to capture device from which users log in and store device and user information in a custom object.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps