Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Architect

Salesforce Certified Identity and Access Management Architect Exam Questions
Salesforce Certified Identity and Access Management Architect (Page 6 )

Updated On: 9-Mar-2026
Page 6 of 51
PDF with 248 Questions

Universal containers (UC) employees have salesforce access from restricted ip ranges only, to protect against unauthorised access. UC wants to rollout the salesforce1 mobile app and make it accessible from any location. Which two options should an architect recommend? Choose 2 answers

  1. Relax the ip restriction in the connect app settings for the salesforce1 mobile app
  2. Use login flow to bypass ip range restriction for the mobile app.
  3. Relax the ip restriction with a second factor in the connect app settings for salesforce1 mobile app
  4. Remove existing restrictions on ip ranges for all types of user access.

Answer(s): A,B



Universal containers(UC) has a customer Community that uses Facebook for authentication. UC would like to ensure that changes in the Facebook profile are reflected on the appropriate customer Community user. How can this requirement be met?

  1. Use the updateuser() method on the registration handler class.
  2. Use SAML just-in-time provisioning between Facebook and Salesforce
  3. Use information in the signed request that is received from Facebook.
  4. Develop a schedule job that calls out to Facebook on a nightly basis.

Answer(s): A



Universal containers(UC) wants to integrate a third-party reward calculation system with salesforce to calculate rewards. Rewards will be calculated on a schedule basis and update back into salesforce. The integration between Salesforce and the reward calculation system needs to be secure. Which are the recommended best practices for using Oauth flows in this scenario? Choose 2 answers

  1. Oauth refresh token flow
  2. Oauth SAML bearer assertion flow
  3. Oauth jwt bearer token flow
  4. Oauth Username-password flow

Answer(s): B,C



Universal Containers (UC) is looking to build a Canvas app and wants to use the corresponding Connected App to control where the app is visible. Which two options are correct in regards to where the app can be made visible under the Connected App setting for the Canvas app? Choose 2 answers

  1. As part of the body of a Salesforce Knowledge article.
  2. In the mobile navigation menu on Salesforce for Android.
  3. The sidebar of a Salesforce Console as a console component.
  4. Included in the Call Control Tool that's part of Open CTI.

Answer(s): A,C



Universal Containers (UC) has an existing Salesforce org configured for SP-Initiated SAML SSO with their Idp. A second Salesforce org is being introduced into the environment and the IT team would like to ensure they can use the same Idp for new org. What action should the IT team take while implementing the second org?

  1. Use the same SAML Identity location as the first org.
  2. Use a different Entity ID than the first org.
  3. Use the same request bindings as the first org.
  4. Use the Salesforce Username as the SAML Identity Type.

Answer(s): B



Viewing page 6 of 51
Viewing questions 26 - 30 out of 248 questions



Post your Comments and Discuss Salesforce Certified Identity and Access Management Architect exam dumps with other Community members:

Certified Identity and Access Management Architect Exam Discussions & Posts

AI Tutor