Identity-and-Access-Management-Designer試験無料問題集「Salesforce Certified Identity and Access Management Designer 認定」

ページ: 1 / 16
トータル 245 問

サインアップ、ログインされた後に、試験全体を無料で表示できるようになります。

出題：1

Containers (UC) has decided to implement a federated single Sign-on solution using a third-party Idp. In reviewing the third-party products, they would like to ensure the product supports the automated provisioning and deprovisioning of users. What are the underlining mechanisms that the UC Architect must ensure are part of the product?

A. Just-In-time (JIT) for Provisioning; SOAP API for Deprovisioning.

B. Provisioning API for both Provisioning and Deprovisioning.

C. SOAP API for provisioning; Just-in-Time (JIT) for Deprovisioning.

D. Just-in-Time (JIT) for both Provisioning and Deprovisioning.

正解：D 解答を投票する

出題：2

A public sector agency is setting up an identity solution for its citizens using a Community built on Experience Cloud and requires the new user registration functionality to capture first name, last name, and phone number. The phone number will be used for identity verification.
Which feature should an identity architect recommend to meet the requirements?

A. Use Login Discovery

B. Integrate with social websites (Facebook, Linkedin. Twitter)

C. Create a custom Lightning Web Component

D. Use an external Identity Provider

正解：A 解答を投票する

出題：3

An Architect has configured a SAML-based SSO integration between Salesforce and an external Identity provider and is ready to test it. When the Architect attempts to log in to Salesforce using SSO, the Architect receives a SAML error. Which two optimal actions should the Architect take to troubleshoot the issue?

A. Use a browser that has an add-on/extension that can inspect SAML.

B. Use the browser's Development tools to view the Salesforce page's markup.

C. Paste the SAML Assertion Validator in Salesforce.

D. Ensure the Callback URL is correctly set in the Connected Apps settings.

正解：A,C 解答を投票する

出題：4

Sales users at Universal containers use salesforce for Opportunity management. Marketing uses a third-party application called Nest for Lead nurturing that is accessed using username/password. The VP of sales wants to open up access to nest for all sales uses to provide them access to lead history and would like SSO for better adoption. Salesforce is already setup for SSO and uses Delegated Authentication. Nest can accept username/Password or SAML-based Authentication. IT teams have received multiple password-related issues for nest and have decided to set up SSO access for Nest for Marketing users as well. The CIO does not want to invest in a new IDP solution and is considering using Salesforce for this purpose. Which are appropriate license type choices for sales and marketing users, giving salesforce is using Delegated Authentication? Choose 2 answers

A. Identity license for sales users and Identity connect license for Marketing users

B. Salesforce license for sales users and platform license for Marketing users.

C. Salesforce license for sales users and External Identity license for Marketing users

D. Salesforce license for sales users and Identity license for Marketing users

正解：B,D 解答を投票する

出題：5

A global company is using the Salesforce Platform as an Identity Provider and needs to integrate a third-party application with its Experience Cloud customer portal.
Which two features should be utilized to provide users with login and identity services for the third-party application?
Choose 2 answers

A. Use Delegated Authentication.

B. External a Data source with Named Principal identity type.

C. Use the App Launcher with single sign-on (SSO).

D. Use a connected app.

正解：C,D 解答を投票する

出題：6

Which two things should be done to ensure end users can only use single sign-on (SSO) to login in to Salesforce?
Choose 2 answers

A. Assign user "is Single Sign-on Enabled" permission via profile or permission set.

B. Request Salesforce Support to enable delegated authentication.

C. Once SSO is enabled, users are only able to login using Salesforce credentials.

D. Enable My Domain and select "Prevent login from https://login.salesforce.com".

正解：A,D 解答を投票する

出題：7

A multinational industrial products manufacturer is planning to implement Salesforce CRM to manage their business. They have the following requirements:
1. They plan to implement Partner communities to provide access to their partner network .
2. They have operations in multiple countries and are planning to implement multiple Salesforce orgs.
3. Some of their partners do business in multiple countries and will need information from multiple Salesforce communities.
4. They would like to provide a single login for their partners.
How should an Identity Architect solution this requirement with limited custom development?

A. Create a partner login for the country of their operation and use SAML federation to provide access to other orgs.

B. Consolidate Partner related information in a single org and provide access through Salesforce community.

C. Allow partners to choose the Salesforce org they need information from and use login flows to authenticate access.

D. Register partners in one org and access information from other orgs using APIs.

正解：A 解答を投票する

出題：8

Containers (UC) has an existing Customer Community. UC wants to expand the self-registration capabilities such that customers receive a different community experience based on the data they provide during the registration process. What is the recommended approach an Architect Should recommend to UC?

A. Modify the existing Communities registration controller to assign different profiles.

B. Create an After Insert Apex trigger on the user object to assign specific custom permissions.

C. Modify the Community pages to utilize specific fields on the User and Contact records.

D. Create separate login flows corresponding to the different community user personas.

正解：C 解答を投票する

出題：9

Universal Containers (UC) has decided to replace the homegrown customer portal with Salesforce Experience Cloud. UC will continue to use its third-party single sign-on (SSO) solution that stores all of its customer and partner credentials.
The first time a customer logs in to the Experience Cloud site through SSO, a user record needs to be created automatically.
Which solution should an identity architect recommend in order to automatically provision users in Salesforce upon login?

A. Custom login flow and Apex handler

B. Third-party AppExchange solution

C. Custom middleware and web services

D. Just-in-Time (JIT) provisioning

正解：D 解答を投票する

出題：10

An Identity and Access Management (IAM) Architect is recommending Identity Connect to integrate Microsoft Active Directory (AD) with Salesforce for user provisioning, deprovisioning and single sign-on (SSO).
Which feature of Identity Connect is applicable for this scenano?

A. If the number of provisioned users exceeds Salesforce licence allowances, identity Connect will start disabling the existing Salesforce users in First-in, First-out (FIFO) fashion.

B. When Identity Connect is in place, if a user is deprovisioned in an on-premise AD, the user's Salesforce session Is revoked Immediately.

C. When configured, Identity Connect acts as an identity provider to both Active Directory and Salesforce, thus providing SSO as a default feature.

D. Identity Connect can be deployed as a managed package on salesforce org, leveraging High Availability of Salesforce Platform out-of-the-box.

正解：B 解答を投票する

出題：11

Universal containers(UC) has implemented SAML-BASED single Sign-on for their salesforce application and is planning to provide access to salesforce on mobile devices using the salesforce1 mobile app. UC wants to ensure that single Sign-on is used for accessing the salesforce1 mobile app. Which two recommendations should the architect make? Choose 2 answers

A. Configure the salesforce1 app to use the my domain URL

B. Configure the embedded Web browser to use my domain URL.

C. Use the existing SAML SSO flow along with Web server flow

D. Use the existing SAML SSO flow along with user agent flow.

正解：A,D 解答を投票する

出題：12

Under which scenario Web Server flow will be used?

A. Used for verifying Access protected resources.

B. Used for server-side components when page needs to be rendered.

C. Used for mobile applications and testing legacy Integrations.

D. Used for web applications when server-side code needs to interact with APIS.

正解：D 解答を投票する

出題：13

Northern Trail Outfitters would like to automatically create new employee users in Salesforce with an appropriate profile that maps to its Active Directory Department.
How should an identity architect implement this requirement?

A. Use a login flow to collect Security Assertion Markup Language attributes and assign the appropriate profile during Just-In-Time (JIT) provisioning.

B. Use the updateUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.

C. Use the createUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.

D. Make a callout during the login flow to query department from Active Directory to assign the appropriate profile.

正解：B 解答を投票する

出題：14

A financial services company uses Salesforce and has a compliance requirement to track information about devices from which users log in. Also, a Salesforce Security Administrator needs to have the ability to revoke the device from which users log in.
What should be used to fulfill this requirement?

A. Use multi-factor authentication (MFA) to meet the compliance requirement to track device information.

B. Use Login Flows to capture device from which users log in and store device and user information in a custom object.

C. Use the Login History object to track information about devices from which users log in.

D. Use the Activations feature to meet the compliance requirement to track device information.

正解：D 解答を投票する

出題：15

Universal containers (UC) wants users to authenticate into their salesforce org using credentials stored in a custom identity store. UC does not want to purchase or use a third-party Identity provider. Additionally, UC is extremely wary of social media and does not consider it to be trust worthy. Which two options should an architect recommend to UC? Choose 2 answers

A. Build a custom Web service that is supported by Delegated Authentication.

B. Implement the Openid protocol and configure an Authentication provider

C. Build a custom web page that uses the identity store and calls frontdoor.jsp

D. Use a professional social media such as LinkedIn as an Authentication provider

正解：A,B 解答を投票する

出題：16

Universal Containers (UC) plans to use a SAML-based third-party IdP serving both of the Salesforce Partner Community and the corporate portal. UC partners will log in 65* to the corporate portal to access protected resources, including links to Salesforce resources. What would be the recommended way to configure the IdP so that seamless access can be achieved in this scenario?

A. Configure IdP-initiated SSO that passes the SAML token upon Salesforce resource access request.

B. Configure SP-initiated SSO that passes the SAML token upon Salesforce resource access request.

C. Set up the corporate portal as a Connected App in Salesforce and use the User Agent OAuth flow.

D. Set up the corporate portal as a Connected App in Salesforce and use the Web server OAuth flow.

正解：A 解答を投票する

ページ: 1 / 16
トータル 245 問

Identity-and-Access-Management-Designer の機能をすべて解除する

キャプチャ不要
365日無料更新サービス
希望する合格率を設定できる
時間の割り当てられる（時間：分）
Identity-and-Access-Management-Designer に2つの練習用モード
サポートサービス対応

完全版を入手する

弊社のサイトにはあなたの試験合格を助けるために研究された効果的な知能問題集を提供しています。材料はすべてのユーザーによって称賛されています。弊社のサイトは、最短時間で多くの証明書を取得するのに役立つ学習プラットフォームになります。

掲示板

試験C-CPI-2404-JPN トピック1 問題31 スレッド
試験Associate-Reactive-Developer-JPN トピック1 問題6 スレッド
試験CRT-261 トピック22 問題61 スレッド
試験CRT-261J トピック25 問題82 スレッド
試験CRT-251-JPN トピック2 問題134 スレッド
試験Associate-Reactive-Developer-JPN トピック3 問題9 スレッド
試験Sales-Cloud-Consultant-JPN トピック4 問題21 スレッド

弊社を連絡する

我々の働いている時間：( UTC+9 ) 9:00-24:00

月曜日から土曜日まで

サポート：現在連絡

我々は１２時間以内ですべてのお問い合わせを答えます。