• Home
  • Articles
  • [Jan 20, 2023] Identity-and-Access-Management-Designer Practice Exam Dumps - 99% Marks In Salesforce Exam [Q102-Q117]

[Jan 20, 2023] Identity-and-Access-Management-Designer Practice Exam Dumps - 99% Marks In Salesforce Exam [Q102-Q117]

Share

[Jan 20, 2023] Identity-and-Access-Management-Designer Practice Exam Dumps - 99% Marks In Salesforce Exam

Updated Verified Identity-and-Access-Management-Designer Q&As - Pass Guarantee or Full Refund


For more info visit:

Identity-and-Access-Management-Designer Exam Reference


What is the duration of the Identity-and-Access-Management-Designer Exam

  • Number of Questions: 60
  • Length of Examination: 120 minutes
  • Format: Multiple choices, multiple answers
  • Passing Score: 65%

 

NEW QUESTION 102
Refer to the exhibit.

Outfitters (NTO) is using Experience Cloud as an Identity for its application on Heroku. The application on Heroku should be able to handle two brands, Northern Trail Shoes and Northern Trail Shirts.
A user should select either of the two brands in Heroku before logging into the community. The app then performs Authorization using OAuth2.0 with the Salesforce Experience Cloud site.
NTO wants to make sure it renders login page images dynamically based on the user's brand preference selected in Heroku before Authorization.
what should an identity architect do to fulfill the above requirements?

  • A. Authorize third-party service by sending authorization requests to the community-url/services/oauth2/authorize/cookie_value.
  • B. Authorize third-party service by sending authorization requests to the community-url/services/oauth2/authonze/expid_value.
  • C. For each brand create different communities and redirect users to the appropriate community using a custom Login controller written in Apex.
  • D. Create multiple login screens using Experience Builder and use Login Flows at runtime to route to different login screens.

Answer: B

 

NEW QUESTION 103
An Architect needs to advise the team that manages the Identity Provider how to differentiate Salesforce from other Service Providers.
What SAML SSO setting in Salesforce provides this capability?

  • A. Issuer
  • B. Identity Provider Login URL
  • C. SAML Identity Location
  • D. Entity Id

Answer: D

 

NEW QUESTION 104
Universal containers (UC) is setting up their customer Community self-registration process. They are uncomfortable with the idea of assigning new users to a default account record. What will happen when customers self-register in the community?

  • A. The self-registration page will create a new account record.
  • B. The self-registration page will ask user to select an account.
  • C. The self-registration process will produce an error to the user.
  • D. The self-registration process will create a person Account record.

Answer: C

 

NEW QUESTION 105
Universal Containers (UC) wants to implement SAML SSO for their internal of Salesforce users using a third-party IdP. After some evaluation, UC decides NOT to 65 set up My Domain for their Salesforce org. How does that decision impact their SSO implementation?

  • A. IdP-initiated SSO will NOT work.
  • B. Either SP- or IdP-initiated SSO will work.
  • C. SP-initiated SSO will NOT work
  • D. Neither SP- nor IdP-initiated SSO will work.

Answer: D

 

NEW QUESTION 106
Universal Containers (UC) is building a customer community and will allow customers to authenticate using Facebook credentials. The First time the user authenticating using facebook, UC would like a customer account created automatically in their Accounting system. The accounting system has a web service accessible to Salesforce for the creation of accounts. How can the Architect meet these requirements?

  • A. Add an Apex callout in the registration handler of the authorization provider.
  • B. Create a custom application on Heroku that manages the sign-on process from Facebook.
  • C. Use OAuth JWT flow to pass the data from Salesforce to the Accounting System.
  • D. Use JIT Provisioning to automatically create the account in the accounting system.

Answer: D

 

NEW QUESTION 107
Northern Trail Outfitters (NTO) is planning to implement a community for its customers using Salesforce Experience Cloud . Customers are not able to self-register. NTO would like to have customers set their own passwords when provided access to the community.
Which two recommendations should an identity architect make to fulfill this requirement?
Choose 2 answers

  • A. Add customers as contacts and add them to Experience Cloud site.
  • B. Allow Password reset using the API to update Experience Cloud site membership.
  • C. Use Login Flows to allow users to reset password in Experience Cloud site.
  • D. Enable Welcome emails while configuring the Experience Cloud site.

Answer: B,C

 

NEW QUESTION 108
Northern Trail Outfitters would like to use a portal built on Salesforce Experience Cloud for customer self-service. Guests of the portal be able to self-register, but be unable to automatically be assigned to a contact record until verified. External Identity licenses have bee purchased for the project.
After registered guests complete an onboarding process, a flow will create the appropriate account and contact records for the user.
Which three steps should an identity architect follow to implement the outlined requirements?
Choose 3 answers

  • A. Customize the self-registration Apex handler to temporarily associate the user to a shared single contact record.
  • B. Set jp an external login page and call Salesforce APIs for user creation.
  • C. Enable "Allow customers and partners to self-register".
  • D. Select the "Configurable Self-Reg Page" option under Login & Registration.
  • E. Customize me self-registration Apex handler to create only the user record.

Answer: C,D,E

 

NEW QUESTION 109
Universal Containers (UC) has built a custom time tracking app for its employee. UC wants to leverage Salesforce Identity to control access to the custom app.
At a minimum, which Salesforce license is required to support this requirement?

  • A. Identity Connect
  • B. Identity Verification
  • C. External Identity
  • D. Identity Only

Answer: D

 

NEW QUESTION 110
Universal Containers (UC) has implemented an SP-initiated SAML flow between an external IdP and Salesforce. A user at UC is attempting to log in to Salesforce mobile app for the first time and is being prompted for Salesforce credentials instead of being shown the IdP login page.
What is the likely cause of the issue?

  • A. The user has NOT been granted the "Enable Single Sign-on" permission.
  • B. The "Redirect to Identity Provider" option has NOT been selected in the My Domain configuration.
  • C. The "Redirect to Identity Provider" option has NOT been selected on the SAML configuration.
  • D. The user has NOT configured the Salesforce mobile app to use My Domain for login.

Answer: D

 

NEW QUESTION 111
Universal Containers (UC) uses a home-grown Employee portal for their employees to collaborate. UC decides to use Salesforce Ideas to allow the employees to post ideas from the Employee portal. When clicking some links in the Employee portal, the users should be redirected to Salesforce, authenticated, and presented with relevant pages.
What scope should be requested when using the OAuth token to meet this requirement?

  • A. api
  • B. Visualforce
  • C. full
  • D. web

Answer: D

 

NEW QUESTION 112
A division of a Northern Trail Outfitters (NTO) purchased Salesforce. NTO uses a third party identity provider (IdP) to validate user credentials against Its corporate Lightweight Directory Access Protocol (LDAP) directory. NTO wants to help employees remember as passwords as possible.
What should an identity architect recommend?

  • A. Setup Salesforce as an IdP to authenticate against the LDAP directory.
  • B. Setup Salesforce as an Authentication Provider to the existing IdP.
  • C. Use Salesforce connect to synchronize LDAP passwords to Salesforce.
  • D. Setup Salesforce as a Service Provider to the existing IdP.

Answer: D

 

NEW QUESTION 113
A farming enterprise offers smart farming technology to its farmer customers, which includes a variety of sensors for livestock tracking, pest monitoring, climate monitoring etc. They plan to store all the data in Salesforce. They would also like to ensure timely maintenance of the Installed sensors. They have engaged a salesforce Architect to propose an appropriate way to generate sensor Information In Salesforce.
Which OAuth flow should the architect recommend?

  • A. OAuth 2.0 Asset Token Flow
  • B. OAuth 2.0 JWT Bearer Token Flow
  • C. OAuth 2.0 Device Authentication Row
  • D. OAuth 2.0 SAML Bearer Assertion Flow

Answer: A

 

NEW QUESTION 114
Universal Containers (UC) has a strict requirement to authenticate users to Salesforce using their mainframe credentials. The mainframe user store cannot be accessed from a SAML provider. UC would also like to have users in Salesforce created on the fly if they provide accurate mainframe credentials.
How can the Architect meet these requirements?

  • A. Implement Just-In-Time Provisioning on the mainframe to create the user on the fly.
  • B. Use a Salesforce Login Flow to call out to a web service and create the user on the fly.
  • C. Use the SOAP API to create the user when created on the mainframe; implement Delegated Authentication.
  • D. Implement OAuth User-Agent Flow on the mainframe; use a Registration Handler to create the user on the fly.

Answer: A

 

NEW QUESTION 115
A public sector agency is setting up an identity solution for its citizens using a Community built on Experience Cloud and requires the new user registration functionality to capture first name, last name, and phone number. The phone number will be used for identity verification.
Which feature should an identity architect recommend to meet the requirements?

  • A. Use an external Identity Provider
  • B. Create a custom Lightning Web Component
  • C. Integrate with social websites (Facebook, Linkedin. Twitter)
  • D. Use Login Discovery

Answer: D

 

NEW QUESTION 116
Universal Containers (UC) has implemented SAML-based Single Sign-On to provide seamless access to its Salesforce Orgs, financialsystem, and CPQ system. Below is the SSO implementation landscape.

What role combination is represented by the systems in this scenario''

  • A. Financial System and CPQ System are the only Service Providers.
  • B. Salesforce Org1 and Salesforce Org2 are the only Service Providers.
  • C. Salesforce Org1 and Salesforce Org2 are acting as Identity Providers.
  • D. Salesforce Org1 and PingFederate are acting as Identity Providers.

Answer: D

 

NEW QUESTION 117
......


Salesforce Identity-and-Access-Management-Designer Exam Syllabus Topics:

TopicDetails
Topic 1
  • Given a Scenario, Recommend the Most Appropriate Salesforce License Type(s) to Support the Identity Requirements
Topic 2
  • Describe the Risks to Enterprise Security that Federated Single Sign-on Solutions Aim to Address
Topic 3
  • Given a Scenario, Recommend the Appropriate Authentication Mechanism When Salesforce Needs to Accept Third-Party Identity
Topic 4
  • Identity Management Concepts
  • Describe the Role(s) an Identity Provider and Service Provider Play in an Access Control Solution
Topic 5
  • Given a Scenario, Determine the Most Appropriate Two-Factor Authentication Mechanism for An Identity Solution
Topic 6
  • Salesforce as an Identity Provider
  • Describe the Role(s) Connected Apps Play When Salesforce Needs to Provide Identity to a Third-Party System
Topic 7
  • Given a Scenario, Recommend the Appropriate Method for Provisioning Users in Salesforce and Other Third-Party Services
Topic 8
  • Accepting Third-Party Identity in Salesforce
  • Describe the Risks of Implementing Delegated Authentication, Components of a Delegated Authentication Solution

 

Identity-and-Access-Management-Designer Real Valid Brain Dumps With 245 Questions: https://exam-labs.itpassleader.com/Salesforce/Identity-and-Access-Management-Designer-dumps-pass-exam.html

Related Articles

more
Salesforce Identity-and-Access-Management-Designer Certification Practice Exam
0
0
0
0