Free IDENTITY-AND-ACCESS-MANAGEMENT-DESIGNER Exam Braindumps (page: 22)

Page 21 of 59

A web service is developed that allows secure access to customer order status on the Salesforce Platform, The service connects to Salesforce through a connected app with the web server flow. The following are the required actions for the authorization flow:

1. User Authenticates and Authorizes Access
2. Request an Access Token
3. Salesforce Grants an Access Token
4. Request an Authorization Code
5. Salesforce Grants Authorization Code

What is the correct sequence for the authorization flow?

  1. 1, 4, 5, 2, 3
  2. 4, 1, 5, 2, 3
  3. 2, 1, 3, 4, 5
  4. 4,5,2, 3, 1

Answer(s): D



Universalcontainers (UC) has a classified information system that it's call centre team uses only when they are working on a case with a record type of "classified". They are only allowed to access the system when they own an open "classified" case, and their access to the system is removed at all other times. They would like to implement SAML SSO with salesforce as the IDP, and automatically allow or deny the staff's access to the classified information system based on whether they currently own an open "classified" case record when they try to access the system using SSO.
What is the recommended solution for automatically allowing or denying access to the classified information system based on the open "classified" case record criteria?

  1. Use a custom connected App handler using apex to dynamically allow access to the system based on whether the staff owns any open "classified" cases.
  2. Use apex trigger on case to dynamically assign permission sets that grant access when a user is assigned with an open "classified" case, and remove it when the case is closed.
  3. Use custom SAML jit provisioning to dynamically query the user's open "classified" cases when attempting to access the classified information system
  4. Use salesforce reports to identify users that currently owns open "classified" cases and should be granted access to the classified information system.

Answer(s): A



Universal Containers is considering using Delegated Authentication as the sole means of Authenticatingof Salesforce users. A Salesforce Architect has been brought in to assist with the implementation.
What two risks Should the Architect point out? Choose 2 answers

  1. Delegated Authentication is enabled or disabled for the entire Salesforce org.
  2. UC willbe required to develop and support a custom SOAP web service.
  3. Salesforce users will be locked out of Salesforce if the web service goes down.
  4. The web service must reside on a public cloud service, such as Heroku.

Answer(s): B,C



Universal Containers (UC) wants to implement SAML SSO for their internal of Salesforce users using a third-party IdP. After some evaluation, UC decides NOT to 65« set up My Domain for their Salesforce org. How does that decision impact their SSO implementation?

  1. IdP-initiated SSO will NOT work.
  2. Neither SP- nor IdP-initiated SSO will work.
  3. Either SP- or IdP-initiated SSO will work.
  4. SP-initiated SSO will NOT work

Answer(s): B






Post your Comments and Discuss Salesforce IDENTITY-AND-ACCESS-MANAGEMENT-DESIGNER exam with other Community members:

Exam Discussions & Posts