CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Free Certified Identity and Access Management Architect Exam Braindumps (page: 28)

Page 27 of 62
PDF with 248 Questions

Universal Containers (UC) has Active Directory (AD) as their enterprise identity store and would like to use it for Salesforce user authentication. UC expects to synchronize user data between Salesforce and AD and Assign the appropriate Profile and Permission Sets based on AD group membership. What would be the optimal way to implement SSO?

  1. Use Active Directory with Reverse Proxy as the Identity Provider.
  2. Use Microsoft Access control Service as the Authentication provider.
  3. Use Active Directory Federation Service (ADFS) as the Identity Provider.
  4. Use Salesforce Identity Connect as the Identity Provider.

Answer(s): D



Universal Containers (UC) is building a custom Innovation platform on their Salesforce instance. The Innovation platform will be written completely in Apex and Visualforce and will use custom objects to store the Data. UC would like all users to be able to access the system without having to log in with Salesforce credentials. UC will utilize a third-party idp using SAML SSO. What is the optimal Salesforce licence type for all of the UC employees?

  1. Identity Licence.
  2. Salesforce Licence.
  3. External Identity Licence.
  4. Salesforce Platform Licence.

Answer(s): D



Universal Containers (UC) has a mobile application for its employees that uses data from Salesforce as well as uses Salesforce for Authentication purposes. UC wants its mobile users to only enter their credentials the first time they run the app. The application has been live for a little over 6 months, and all of the users who were part of the initial launch are complaining that they have to reauthenticate. UC has also recently changed the URI Scheme associated with the mobile app. What should the Architect at UC first investigate?Universal Containers (UC) has a mobile application for its employees that uses data from Salesforce as well as uses Salesforce for Authentication purposes. UC wants its mobile users to only enter their credentials the first time they run the app. The application has been live for a little over 6 months, and all of the users who were part of the initial launch are complaining that they have to re-authenticate. UC has also recently changed the URI Scheme associated with the mobile app. What should the Architect at UC first investigate?

  1. Check the Refresh Token policy defined in the Salesforce Connected App.
  2. Validate that the users are checking the box to remember their passwords.
  3. Verify that the Callback URL is correctly pointing to the new URI Scheme.
  4. Confirm that the access Token's Time-To-Live policy has been set appropriately.

Answer(s): A



Universal Containers (UC) wants to build a mobile application that twill be making calls to the Salesforce REST API. UC's Salesforce implementation relies heavily on custom objects and custom Apex code. UC does not want its users to have to enter credentials every time they use the app. Which two scope values should an Architect recommend to UC? Choose 2 answers.

  1. Custom_permissions
  2. Api
  3. Refresh_token
  4. Full

Answer(s): B,C






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam with other Community members:

Certified Identity and Access Management Architect Discussions & Posts