Identity-and-Access-Management-Designer試験無料問題集（245題）「Salesforce Certified Identity and Access Management Designer 認定」

出題：1

Northern Trail Outfitters (NTO) recently purchased Salesforce Identity Connect to streamline user provisioning across Microsoft Active Directory (AD) and Salesforce Sales Cloud.
NTO has asked an identity architect to identify which salesforce security configurations can map to AD permissions.
Which three Salesforce permissions are available to map to AD permissions?
Choose 3 answers

A. Field-Level Security

B. Roles

C. Public Groups

D. Profiles and Permission Sets

E. Sharing Rules

正解：B,C,D 解答を投票する

出題：2

Universal containers (UC) is setting up Delegated Authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risk of exposing the corporate login service on the Internet and has asked that a reliable trust mechanism be put in place between the login service and salesforce. What mechanism should an architect put in place to enable a trusted connection between the login services and salesforce?

A. Include client ID and client secret in the login header callout.

B. Set up a proxy server for the login service in the DMZ.

C. Enforce mutual Authentication between systems using SSL.

D. Require the use of Salesforce security Tokens on password.

正解：D 解答を投票する

出題：3

Universal Containers wants to secure its Salesforce APIs by using an existing Security Assertion Markup Language (SAML) configuration supports the company's single sign-on process to Salesforce, Which Salesforce OAuth authorization flow should be used?

A. OAuth 2.0 SAML Bearer Assertion Flow

B. A SAML Assertion Row

C. OAuth 2.0 User-Agent Flow

D. OAuth 2.0 JWT Bearer Flow

正解：B 解答を投票する

出題：4

In a typical SSL setup involving a trusted party and trusting party, what consideration should an Architect take into account when using digital certificates?

A. Use of self-signed certificate leads to lower maintenance for trusting party because there is no trusted CA cert to maintain.

B. Use of self-signed certificate leads to higher maintenance for trusted party because they have to act as the trusted CA

C. Use of self-signed certificate leads to lower maintenance for trusted party because multiple self-signed certs need to be maintained.

D. Use of self-signed certificate leads to higher maintenance for trusting party because the cert needs to be added to their truststore.

正解：A 解答を投票する

出題：5

Universal Containers (UC) uses Salesforce as a CRM and identity provider (IdP) for their Sales Team to seamlessly login to intemaJ portals. The IT team at UC is now evaluating Salesforce to act as an IdP for its remaining employees.
Which Salesforce license is required to fulfill this requirement?

A. Identity Verification

B. External Identity

C. Identity Only

D. Identity Connect

正解：C 解答を投票する

出題：6

The CIO of universal containers(UC) wants to start taking advantage of the refresh token capability for the UC applications that utilize Oauth 2.0. UC has listed an architect to analyze all of the applications that use Oauth flows to. See where refresh Tokens can be applied. Which two OAuth flows should the architect consider in their evaluation? Choose 2 answers

A. Username-password

B. Web server

C. User-Agent

D. Jwt bearer token

正解：B,C 解答を投票する

出題：7

Northern Trail Outfitters (NTO) has an existing custom business-to-consumer (B2C) website that does NOT support single sign-on standards, such as Security Assertion Markup Language (SAMi) or OAuth. NTO wants to use Salesforce Identity to register and authenticate new customers on the website.
Which two Salesforce features should an identity architect use in order to provide username/password authentication for the website?
Choose 2 answers

A. Embedded Login

B. Identity Connect

C. Connected Apps

D. Delegated Authentication

正解：A,D 解答を投票する

出題：8

An identity architect is setting up an integration between Salesforce and a third-party system. The third-party system needs to authenticate to Salesforce and then make API calls against the REST API.
One of the requirements is that the solution needs to ensure the third party service providers connected app in Salesforce mini need for end user interaction and maximizes security.
Which OAuth flow should be used to fulfill the requirement?

A. User Agent Flow

B. Username-Password Flow

C. Web Server Flow

D. JWT Bearer Flow

正解：D 解答を投票する

出題：9

What information does the 'Relaystate' parameter contain in sp-Initiated Single Sign-on?

A. Reference to the login address URL of the service provider.

B. Reference to a URL redirect parameter at the identity provider.

C. Reference to a URL redirect parameter at the service provider.

D. Reference to the login address URL of the identity Provider.

正解：C 解答を投票する

出題：10

A global fitness equipment manufacturer is planning to sell fitness tracking devices and has the following requirements:
1) Customer purchases the device.
2) Customer registers the device using their mobile app.
3) A case should automatically be created in Salesforce and associated with the customers account in cases where the device registers issues with tracking.
Which OAuth flow should be used to meet these requirements?

A. OAuth 2.0 SAML Bearer Assertion Flow

B. OAuth 2.0 Username-Password Flow

C. OAuth 2.0 Asset Token Flow

D. OAuth 2.0 User-Agent Flow

正解：C 解答を投票する

出題：11

Containers (UC) has an existing Customer Community. UC wants to expand the self-registration capabilities such that customers receive a different community experience based on the data they provide during the registration process. What is the recommended approach an Architect Should recommend to UC?

A. Modify the existing Communities registration controller to assign different profiles.

B. Create an After Insert Apex trigger on the user object to assign specific custom permissions.

C. Modify the Community pages to utilize specific fields on the User and Contact records.

D. Create separate login flows corresponding to the different community user personas.

正解：C 解答を投票する

出題：12

A global fitness equipment manufacturer uses Salesforce to manage its sales cycle. The manufacturer has a custom order fulfillment app that needs to request order data from Salesforce. The order fulfillment app needs to integrate with the Salesforce API using OAuth 2.0 protocol.
What should an identity architect use to fulfill this requirement?

A. Canvas App Integration

B. OAuth Tokens

C. Authentication Providers

D. Connected App and OAuth scopes

正解：D 解答を投票する

Identity-and-Access-Management-Designer試験無料問題集「Salesforce Certified Identity and Access Management Designer 認定」