Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Salesforce
  5. Certified Identity and Access Management Designer

Salesforce Certified Identity and Access Management Designer Exam
Certified Identity and Access Management Designer (Page 3 )

Updated On: 7-Feb-2026
Page 3 of 48
PDF with 230 Questions

Universal Containers (UC) is looking to build a Canvas app and wants to use thecorresponding Connected App to control where the app is visible.
Which two options are correct in regards to where the app can be made visible under the Connected App setting for the Canvas app? Choose 2 answers

  1. As part of the body of a Salesforce Knowledge article.
  2. In the mobile navigation menu on Salesforce for Android.
  3. The sidebar of a Salesforce Console as a console component.
  4. Included in the Call Control Tool that's part of Open CTI.

Answer(s): A,C



Containers (UC) has decided to implement a federated single Sign-on solution using a third-party Idp. In reviewing the third-party products, they would like to ensurethe product supports the automated provisioning and deprovisioning of users.
What are the underlining mechanisms that the UC Architect must ensure are part of the product?

  1. SOAP API for provisioning; Just-in-Time (JIT) for Deprovisioning.
  2. Just-In-time (JIT) for Provisioning; SOAP API for Deprovisioning.
  3. Provisioning API for both Provisioning and Deprovisioning.
  4. Just-in-Time (JIT) for both Provisioning and Deprovisioning.

Answer(s): D



Northern Trail Outfitters would like to automatically create new employee users in Salesforce with an appropriate profile that maps to its Active Directory Department.

How should an identity architectimplement this requirement?

  1. Use the createUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.
  2. Use the updateUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.
  3. Use a login flow to collect Security Assertion Markup Language attributes and assign the appropriate profile during Just-In-Time
    (JIT) provisioning.
  4. Make a callout during the login flow to query department from Active Directory toassign the appropriate profile.

Answer(s): B



After a recent audit, universal containers was advised to implement Two-factor Authentication for all of their critical systems, including salesforce.
Which two actions should UC consider to meet this requirement? Choose 2 answers

  1. Require users to provide their RSA token along with their credentials.
  2. Require users to supply their email and phone number, which getsvalidated.
  3. Require users to enter a second password after the first Authentication
  4. Require users to use a biometric reader as well as their password

Answer(s): A,D



Universal containers (UC) has decided to use identity connect as it's identity provider. UC usesactive directory(AD) and has a team that is very familiar and comfortable with managing ad groups. UC would like to use AD groups to help configure salesforce users.
Which three actions can AD groups control through identity connect? Choose 3 answers

  1. Public Group Assignment
  2. Granting report folder access
  3. Role Assignment
  4. Custom permission assignment
  5. Permission sets assignment

Answer(s): A,C,E






Post your Comments and Discuss Salesforce Certified Identity and Access Management Designer exam prep with other Community members:

Join the Certified Identity and Access Management Designer Discussion