CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Free Certified Identity and Access Management Architect Exam Braindumps (page: 6)

Page 5 of 62
PDF with 248 Questions

Universal containers (UC) has a custom, internal-only, mobile billing application for users who are commonly out of the office. The app is configured as a connected App in salesforce. Due to the nature of this app, UC would like to take the appropriate measures to properly secure access to the app. Which two are recommendations to make the UC? Choose 2 answers

  1. Disallow the use of single Sign-on for any users of the mobile app.
  2. Require high assurance sessions in order to use the connected App
  3. Use Google Authenticator as an additional part of the logical processes.
  4. Set login IP ranges to the internal network for all of the app users profiles.

Answer(s): B,C



Universal Containers (UC) wants its closed Won opportunities to be synced to a Data warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is secure. What certificate is sent along with the Outbound Message?

  1. The Self-signed Certificates from the Certificate & Key Management menu.
  2. The default client Certificate from the Develop--> API menu.
  3. The default client Certificate or the Certificate and Key Management menu.
  4. The CA-signed Certificate from the Certificate and Key Management Menu.

Answer(s): B



An architect needs to advise the team that manages the identity provider how to differentiate salesforce from other service providers. What SAML SSO setting in salesforce provides this capability?

  1. Entity id
  2. Issuer
  3. Identity provider login URL
  4. SAML identity location

Answer(s): A



The security team at Universal containers(UC) has identified exporting reports as a high-risk action and would like to require users to be logged into salesforce with their active directory (AD) credentials when doing so. For all other uses of Salesforce, Users should be allowed to use AD credentials or salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with salesforce credentials?

  1. Use SAML Federated Authentication and Custom SAML jit provisioning to dynamically add or remove a permission set that grants the Export Reports permission.
  2. Use SAML Federated Authentication, treat SAML sessions as high assurance, and raise the session level required for exporting reports.
  3. Use SAML Federated Authentication and block access to reports when accesses through a standard assurance session.
  4. Use SAML Federated Authentication with a login flow to dynamically add or remove a permission set that grants the export reports permission.

Answer(s): C






Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam with other Community members:

Certified Identity and Access Management Architect Discussions & Posts