• Home
  • Blogs
  • [2022] Free Identity-and-Access-Management-Designer Exam Dumps to Pass Exam Easily [Q51-Q76]

[2022] Free Identity-and-Access-Management-Designer Exam Dumps to Pass Exam Easily [Q51-Q76]

Share

[2022] Free Identity-and-Access-Management-Designer Exam Dumps to Pass Exam Easily

Identity-and-Access-Management-Designer Exam Dumps, Identity-and-Access-Management-Designer Practice Test Questions

NEW QUESTION 51
Which three are features of federated Single Sign-on solutions? (Choose three.)

  • A. It federates credentials control to authorized applications.
  • B. It establishes trust between Identity Store and Service Provider.
  • C. It enables quick and easy provisioning and deactivating of users.
  • D. It solves all identity and access management problems.
  • E. It improves affiliated applications adoption rates.

Answer: B,C,E

 

NEW QUESTION 52
Universal Containers (UC) has implemented SAML-based Single Sign-on for their Salesforce application and is planning to use the Salesforce mobile app. UC wants to ensure that Single Sign-on is used for accessing the Salesforce mobile app.
Which two recommendations should the Architect make? (Choose two.)

  • A. Configure the Salesforce App to use the My Domain URL.
  • B. Use the existing SAML SSO flow along with User Agent Flow.
  • C. Use the existing SAML SSO flow along with Web Server Flow.
  • D. Configure the Embedded Web Browser to use My Domain URL.

Answer: A,B

 

NEW QUESTION 53
Universal Containers (UC) has a Customer Community that uses Facebook for Authentication. UC would like to ensure that Changes in the Facebook profile are reflected on the appropriate Customer Community user:
How can this requirement be met?

  • A. Use information in the signed Request that is received from facebook.
  • B. Use the updateUser method on the registration Handler Class.
  • C. Use SAML Just-In-Time Provisioning between Facebook and Salesforce.
  • D. Develop a scheduled job that calls out to Facebook on a nightly basis.

Answer: B

 

NEW QUESTION 54
Universal Containers (UC) uses a legacy Employee portal for their employees to collaborate and post their ideas. UC decides to use Salesforce Ideas for voting and better tracking purposes. To avoid provisioning users on Salesforce, UC decides to push ideas posted on the Employee portal to Salesforce through API. UC decides to use an API user using OAuth Username-Password flow for the connection. How can the connection to Salesforce be restricted only to the Employee portal server?

  • A. Use a dedicated profile for the user the Employee portal user.
  • B. Add the Employee portal's IP Address to the trusted IP range for the Connected App.
  • C. Use a digital certificate signed by the Employee portal server.
  • D. Add the Employee portal's IP address to the Login IP range on the user profile.? May two answers

Answer: B

 

NEW QUESTION 55
Universal Containers (UC) is looking to build a Canvas app and wants to use the corresponding Connected App to control where the app is visible. Which two options are correct in regards to where the app can be made visible under the Connected App setting for the Canvas app? Choose 2 answers

  • A. In the mobile navigation menu on Salesforce for Android.
  • B. As part of the body of a Salesforce Knowledge article.
  • C. The sidebar of a Salesforce Console as a console component.
  • D. Included in the Call Control Tool that's part of Open CTI.

Answer: B,C

 

NEW QUESTION 56
Universal Containers (UC) is setting up delegated authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risks of exposing the corporate login service on the internet and has asked that a reliable trust mechanism be put in place between the login service and Salesforce.
What mechanism should an Architect put in place to enable a trusted connection between the login service and Salesforce?

  • A. Require the use of Salesforce security tokens on passwords.
  • B. Set up a proxy service for the login service in the DMZ.
  • C. Enforce mutual authentication between systems using SSL.
  • D. Include Client Id and Client Secret in the login header callout.

Answer: A

 

NEW QUESTION 57
Universal Containers (UC) wants to build a custom mobile app for their field reps to create orders in salesforce. After the first time the users log in, they must be able to access salesforce upon opening the mobile app without being prompted to log in again. What Oauth flows should be considered to support this requirement?

  • A. User Agent flow with a Refresh Token.
  • B. Web Server flow with a Refresh Token.
  • C. SAML Assertion flow with a Bearer Token.
  • D. Mobile Agent flow with a Bearer Token.

Answer: A

 

NEW QUESTION 58
Universal containers (UC) is setting up Delegated Authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risk of exposing the corporate login service on the Internet and has asked that a reliable trust mechanism be put in place between the login service and salesforce. What mechanism should an architect put in place to enable a trusted connection between the login services and salesforce?

  • A. Include client ID and client secret in the login header callout.
  • B. Require the use of Salesforce security Tokens on password.
  • C. Set up a proxy server for the login service in the DMZ.
  • D. Enforce mutual Authentication between systems using SSL.

Answer: B

 

NEW QUESTION 59
Universal containers (UC) is setting up their customer Community self-registration process. They are uncomfortable with the idea of assigning new users to a default account record. What will happen when customers self-register in the community?

  • A. The self-registration process will produce an error to the user.
  • B. The self-registration page will create a new account record.
  • C. The self-registration page will ask user to select an account.
  • D. The self-registration process will create a person Account record.

Answer: A

 

NEW QUESTION 60
A leading fitness tracker company is getting ready to launch a customer community. The company wants its customers to login to the community and connect their fitness device to their profile. Customers should be able to obtain exercise details and fitness recommendation In the community.
Which should be used to satisfy this requirement?

  • A. OAuth Device Plow
  • B. Named Credentials
  • C. Login Flows
  • D. Single Sign-On Settings

Answer: A

 

NEW QUESTION 61
Universal Containers (UC) is successfully using Delegated Authentication for their Salesforce users. The service supporting Delegated Authentication is written in Java. UC has a new CIO that is requiring all company web services be REST-ful and written in .Net.
Which two considerations should the UC Architect provide to the new CIO? (Choose two.)

  • A. Delegated Authentication will not work with REST services.
  • B. Delegated Authentication will continue to work with a .Net service.
  • C. Delegated Authentication will continue to work with REST services.
  • D. Delegated Authentication will not work with a .Net service.

Answer: A,B

 

NEW QUESTION 62
Universal containers (UC) has a custom, internal-only, mobile billing application for users who are commonly out of the office. The app is configured as a connected App in salesforce. Due to the nature of this app, UC would like to take the appropriate measures to properly secure access to the app. Which two are recommendations to make the UC? Choose 2 answers

  • A. Disallow the use of single Sign-on for any users of the mobile app.
  • B. Use Google Authenticator as an additional part of the logical processes.
  • C. Set login IP ranges to the internal network for all of the app users profiles.
  • D. Require high assurance sessions in order to use the connected App

Answer: B,D

 

NEW QUESTION 63
Universal Containers wants to allow its customers to log in to its Experience Cloud via a third party authentication provider that supports only the OAuth protocol.
What should an identity architect do to fulfill this requirement?

  • A. Configure OpenID Connect authentication provider.
  • B. Create a custom external authentication provider.
  • C. Use certificate-based authentication.
  • D. Contact Salesforce Support and enable delegate single sign-on.

Answer: B

 

NEW QUESTION 64
Ttie executive sponsor for an organization has asked if Salesforce supports the ability to embed a login widget into its service providers in order to create a more seamless user experience.
What should be used and considered before recommending it as a solution on the Salesforce Platform?

  • A. Embedded Login. Consider whether or not it relies on third party cookies which can cause browser compatibility issues.
  • B. Salesforce REST apis. Ensure that Secure Sockets Layer (SSL) connection for the integration is used.
  • C. Embedded Login. Identify what level of UI customization will be required to make it match the service providers look and feel.
  • D. OpenID Connect Web Server Flow. Determine if the service provider is secure enough to store the client secret on.

Answer: B

 

NEW QUESTION 65
Universal Containers (UC) has a mobile application for its employees that uses data from Salesforce as well as uses Salesforce for authentication purposes. UC wants its mobile users to only enter their credentials the first time they run the app. The application has been live for a little over 6 months, and all of the users who were a part of the initial launch are complaining that they have to re-authenticate. UC has also recently changed the URI Scheme associated with the mobile app.
What should the Architect at UC first investigate?

  • A. Validate that the users are checking the box to remember their passwords.
  • B. Check the Refresh Token Policy defined in the Salesforce Connected App.
  • C. Confirm that the Access Token's Time-To-Live policy has been set appropriately.
  • D. Verify that the Callback URL is correctly pointing to the new URI Scheme.

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 66
Universal containers wants to implement SAML SSO for their internal salesforce users using a third-party IDP. After some evaluation, UC decides not to set up my domain for their salesforce.org. How does thatdecision impact their SSO implementation?

  • A. Neithersp - nor IDP - initiated SSO will work
  • B. IDP - initiated SSO will not work
  • C. Either sp - or IDP - initiated SSO will work
  • D. Sp-Initiated SSO will not work

Answer: D

 

NEW QUESTION 67
Universal Containers (UC) has a desktop application to collect leads for marketing campaigns. UC wants to extend this application to integrate with Salesforce to create leads. Integration between the desktop application and Salesforce should be seamless. What Authorization flow should the Architect recommend?

  • A. Username and Password Flow
  • B. JWT Bearer Token Flow
  • C. Web Server Authentication Flow
  • D. User Agent Flow

Answer: D

 

NEW QUESTION 68
Universal Containers (UC) has implemented SAML-based Single Sign-On to provide seamless access to its Salesforce Orgs, financial system, and CPQ system. Below is the SSO implementation landscape.

What role combination is represented by the systems in this scenario''

  • A. Financial System and CPQ System are the only Service Providers.
  • B. Salesforce Org1 and Salesforce Org2 are acting as Identity Providers.
  • C. Salesforce Org1 and Salesforce Org2 are the only Service Providers.
  • D. Salesforce Org1 and PingFederate are acting as Identity Providers.

Answer: D

 

NEW QUESTION 69
Universal Containers (UC) uses Salesforce as a CRM and identity provider (IdP) for their Sales Team to seamlessly login to intemaJ portals. The IT team at UC is now evaluating Salesforce to act as an IdP for its remaining employees.
Which Salesforce license is required to fulfill this requirement?

  • A. Identity Connect
  • B. Identity Only
  • C. External Identity
  • D. Identity Verification

Answer: B

 

NEW QUESTION 70
Universal Containers (UC) uses an internal company portal for their employees to collaborate. UC decides to use Salesforce Ideas and provide the ability for employees to post ideas from the company portal. They use SAML-based SSO to get into the Company portal and would like to leverage it to access Salesforce. Most of the users don't exist in Salesforce and they would like the user records created in Salesforce Communities the first time they try to access Salesforce.
What recommendation should an Architect make to meet this requirement?

  • A. Use Identity Connect to sync users.
  • B. Use On-the-Fly provisioning.
  • C. Use Just-in-Time provisioning.
  • D. Use Salesforce APIs to create users on the fly.

Answer: C

 

NEW QUESTION 71
Universal Containers (UC) wants to integrate a third-party Reward Calculation system with Salesforce to calculate Rewards. Rewards will be calculated on a schedule basis and update back into Salesforce. The integration between Salesforce and the Reward Calculation System needs to be secure. Which are two recommended practices for using OAuth flow in this scenario. choose 2 answers

  • A. OAuth Username-Password Flow
  • B. OAuth JWT Bearer Token FLow
  • C. OAuth Refresh Token FLow
  • D. OAuth SAML Bearer Assertion FLow

Answer: B,D

 

NEW QUESTION 72
Universal Containers (UC) has decided to build a new, highly sensitive application on the Force.com platform.
The security team at UC has decided that they want users to provide a fingerprint in addition to username/password to authenticate to this application. How can an Architect support fingerprints as a form of identification for Salesforce authentication?

  • A. Use custom login flows with callouts to a third-party fingerprint scanning application.
  • B. Use an AppExchange product that does fingerprint scanning with native Salesforce Identity Confirmation.
  • C. Use delegated Authentication with callouts to a third-party fingerprint scanning application.
  • D. Use Salesforce Two-factor authentication with callouts to a third-party fingerprint scanning application.

Answer: B

 

NEW QUESTION 73
Universal containers (UC) wants to implement a partner community. As part of their implementation, UC would like to modify both the Forgot password and change password experience with custom branding for their partner community users. Which 2 actions should an architect recommend to UC? Choose 2 answers

  • A. Build a community builder page for both the change password and Forgot password experiences.
  • B. Build a custom visualforce page for both the change password and Forgot password experiences.
  • C. Build a custom visualforce page for the change password experience and a community builder page for the Forgot password experience.
  • D. Build a community builder page for the change password experience and Custom Visualforce page for the Forgot password experience.

Answer: B,C

 

NEW QUESTION 74
Universal containers (UC) has implemented SAML SSO to enable seamless access across multiple applications. UC has regional salesforce orgs and wants it's users to be able to access them from their main Salesforce org seamless. Which action should an architect recommend?

  • A. Configure the main salesforce org as an Authentication provider.
  • B. Configure the main Salesforce org as a service provider.
  • C. Configure the regional salesforce orgs as Identity Providers.
  • D. Configure the main salesforce org as the Identity provider.

Answer: D

 

NEW QUESTION 75
Universal Containers (UC) has a Customer Community that uses Facebook for Authentication. UC would like to ensure that Changes in the Facebook profile are reflected on the appropriate Customer Community user: How can this requirement be met?

  • A. Use information in the signed Request that is received from facebook.
  • B. Use the updateUser method on the registration Handler Class.
  • C. Use SAML Just-In-Time Provisioning between Facebook and Salesforce.
  • D. Develop a scheduled job that calls out to Facebook on a nightly basis.

Answer: B

 

NEW QUESTION 76
......

Identity-and-Access-Management-Designer Exam Dumps, Identity-and-Access-Management-Designer Practice Test Questions: https://www.exams-boost.com/Identity-and-Access-Management-Designer-valid-materials.html

Free Identity-and-Access-Management-Designer Study Guides Exam Questions & Answer: https://drive.google.com/open?id=1yQqrUwuYBu4CkBQUCOHH_yhXEjdU9dKu

Related Blogs

more
Salesforce Identity-and-Access-Management-Designer Certification Practice Exam

Copyright © 2026 EXAMS-BOOST.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.