CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Free Certified Identity and Access Management Architect Exam Braindumps (page: 24)

Page 23 of 62
PDF with 248 Questions

Universal containers (UC) uses an internal company portal for their employees to collaborate. UC decides to use salesforce ideas and provide the ability for employees to post ideas from the company portal. They use SAML-BASED SSO to get into the company portal and would like to leverage it to access salesforce. Most of the users don't exist in salesforce and they would like the user records created in salesforce communities the first time they try to access salesforce. What recommendation should an architect make to meet this requirement?

  1. Use on-the-fly provisioning
  2. Use just-in-time provisioning
  3. Use salesforce APIs to create users on the fly
  4. Use Identity connect to sync users

Answer(s): B



Universal containers (UC) has an e-commerce website while customers can buy products, make payments, and manage their accounts. UC decides to build a customer Community on Salesforce and wants to allow the customers to access the community for their accounts without logging in again. UC decides to implement ansp-Initiated SSO using a SAML-BASED complaint IDP. In this scenario where salesforce is the service provider, which two activities must be performed in salesforce to make sp-Initiated SSO work? Choose 2 answers

  1. Configure SAML SSO settings.
  2. Configure Delegated Authentication
  3. Create a connected App
  4. Set up my domain

Answer(s): A,D



Universal containers (UC) wants to implement Delegated Authentication for a certain subset of Salesforce users. Which three items should UC take into consideration while building the Web service to handle the Delegated Authentication request? Choose 3 answers

  1. The web service needs to include Source IP as a method parameter.
  2. UC should whitelist all salesforce ip ranges on their corporate firewall.
  3. The web service can be written using either the soap or rest protocol.
  4. Delegated Authentication is enabled for the system administrator profile.
  5. The return type of the Web service method should be a Boolean value

Answer(s): A,B,E



Universal containers wants to implement single Sign-on for a salesforce org using an external identity provider and corporate identity store. What type of Authentication flow is required to support deep linking?

  1. Web server Oauth SSO flow.
  2. Identity-provider-initiated SSO
  3. Service-provider-initiated SSO
  4. Start URL on identity provider

Answer(s): C






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam with other Community members:

Certified Identity and Access Management Architect Discussions & Posts