CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Free Certified Identity and Access Management Architect Exam Braindumps (page: 20)

Page 19 of 62
PDF with 248 Questions

Universal containers wants salesforce inbound Oauth-enabled integration clients to use SAML-BASED single Sign-on for authentication. What Oauth flow would be recommended in this scenario?

  1. User-Agent Oauth flow
  2. SAML assertion Oauth flow
  3. User-Token Oauth flow
  4. Web server Oauth flow

Answer(s): B



Universal containers (UC) would like to enable SSO between their existing Active Directory infrastructure and salesforce. The it team prefers to manage all users in Active Directory and would like to avoid doing any initial setup of users in salesforce directly, including the correct assignment of profiles, roles and groups. Which two optimal solutions should UC use to provision users in salesforce? Choose 2 answers

  1. Use the salesforce REST API to sync users from active directory to salesforce
  2. Use an app exchange product to sync users from Active Directory to salesforce.
  3. Use Active Directory Federation Services to sync users from active directory to salesforce.
  4. Use Identity connect to sync users from Active Directory to salesforce

Answer(s): B,D



Which two roles of the systems are involved in an environment where salesforce users are enabled to access Google Apps from within salesforce through App launcher and connected App set up? Choose 2 answers

  1. Google is the identity provider
  2. Salesforce is the identity provider
  3. Google is the service provider
  4. Salesforce is the service provider

Answer(s): D



Universal containers (UC) is setting up Delegated Authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risk of exposing the corporate login service on the Internet and has asked that a reliable trust mechanism be put in place between the login service and salesforce. What mechanism should an architect put in place to enable a trusted connection between the login services and salesforce?

  1. Include client ID and client secret in the login header callout.
  2. Set up a proxy server for the login service in the DMZ.
  3. Require the use of Salesforce security Tokens on password.
  4. Enforce mutual Authentication between systems using SSL.

Answer(s): C






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam with other Community members:

Certified Identity and Access Management Architect Discussions & Posts