CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Free Certified Identity and Access Management Architect Exam Braindumps (page: 18)

Page 17 of 62
PDF with 248 Questions

Universal containers (UC) has a mobile application that it wants to deploy to all of its salesforce users, including customer Community users. UC would like to minimize the administration overhead, which two items should an architect recommend? Choose 2 answers

  1. Enable the "Refresh Tokens is valid until revoked " setting in the Connected App.
  2. Enable the "Enforce Ip restrictions" settings in the connected App.
  3. Enable the "All users may self-authorize" setting in the Connected App.
  4. Enable the "High Assurance session required" setting in the Connected App.

Answer(s): A,C



The security team at Universal Containers (UC) has identified exporting reports as a high-risk action and would like to require users to be logged into Salesforce with their Active Directory (AD) credentials when doing so. For all other users of Salesforce, users should be allowed to use AD Credentials or Salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with Salesforce credentials?

  1. Use SAML Federated Authentication and block access to reports when accessed through a Standard Assurance session.
  2. Use SAML Federated Authentication and Custom SAML JIT Provisioning to dynamically and or remove a permission set that grants the Export Reports Permission.
  3. Use SAML federated Authentication, treat SAML Sessions as High Assurance, and raise the session level required for exporting reports.
  4. Use SAML federated Authentication with a Login Flow to dynamically add or remove a Permission Set that grants the Export Reports Permission.

Answer(s): C



Universal Containers (UC) wants its users to access Salesforce and other SSO-enabled applications from a custom web page that UC magnets. UC wants its users to use the same set of credentials to access each of the applications. what SAML SSO flow should an Architect recommend for UC?

  1. SP-Initiated with Deep Linking
  2. SP-Initiated
  3. IdP-Initiated
  4. User-Agent

Answer(s): C



Universal Containers (UC) uses a home-grown Employee portal for their employees to collaborate. UC decides to use Salesforce Ideas to allow employees to post Ideas from the Employee portal. When users click on some of the links in the Employee portal, the users should be redirected to Salesforce, authenticated, and presented with the relevant pages. What OAuth flow is best suited for this scenario?

  1. Web Application flow
  2. SAML Bearer Assertion flow
  3. User-Agent flow
  4. Web Server flow

Answer(s): D






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam with other Community members:

Certified Identity and Access Management Architect Discussions & Posts