Salesforce Identity-and-Access-Management-designer Exam Practice Test Instant Access

Question 1

Universal Containers wants to secure its Salesforce APIs by using an existing Security Assertion Markup Language (SAML) configuration supports the company's single sign-on process to Salesforce,

Which Salesforce OAuth authorization flow should be used?

AOAuth 2.0 SAML Bearer Assertion Flow

BA SAML Assertion Row

COAuth 2.0 User-Agent Flow

DOAuth 2.0 JWT Bearer Flow

Answer : B

Question 2

An identity architect's client has a homegrown identity provider (IdP). Salesforce is used as the service provider (SP). The head of IT is worried that during a SP initiated single sign-on (SSO), the Security Assertion Markup Language (SAML) request content will be altered.

What should the identity architect recommend to make sure that there is additional trust between the SP and the IdP?

AEnsure that there is an HTTPS connection between IDP and SP.

BEnsure that on the SSO settings page, the 'Request Signing Certificate' field has a self-signed certificate.

CEnsure that the Issuer and Assertion Consumer service (ACS) URL is property configured between SP and IDP.

DEncrypt the SAML Request using certification authority (CA) signed certificate and decrypt on IdP.

Answer : D

Question 3

A public sector agency is setting up an identity solution for its citizens using a Community built on Experience Cloud and requires the new user registration functionality to capture first name, last name, and phone number. The phone number will be used for identity verification.

Which feature should an identity architect recommend to meet the requirements?

AIntegrate with social websites (Facebook, Linkedin. Twitter)

BUse an external Identity Provider

CCreate a custom Lightning Web Component

DUse Login Discovery

Answer : D

Question 4

Northern Trail Outfitters would like to use a portal built on Salesforce Experience Cloud for customer self-service. Guests of the portal be able to self-register, but be unable to automatically be assigned to a contact record until verified. External Identity licenses have bee purchased for the project.

After registered guests complete an onboarding process, a flow will create the appropriate account and contact records for the user.

Which three steps should an identity architect follow to implement the outlined requirements?

Choose 3 answers

AEnable 'Allow customers and partners to self-register'.

BSelect the 'Configurable Self-Reg Page' option under Login & Registration.

CSet jp an external login page and call Salesforce APIs for user creation.

DCustomize the self-registration Apex handler to temporarily associate the user to a shared single contact record.

ECustomize me self-registration Apex handler to create only the user record.

Answer : A, B, E

Question 5

Northern Trail Outfitters (NTO) believes a specific user account may have been compromised. NTO inactivated the user account and needs U perform a forensic analysis and identify signals that could Indicate a breach has occurred.

What should NTO's first step be in gathering signals that could indicate account compromise?

AReview the User record and evaluate the login and transaction history.

BDownload the Setup Audit Trail and review all recent activities performed by the user.

CDownload the Identity Provider Event Log and evaluate the details of activities performed by the user.

DDownload the Login History and evaluate the details of logins performed by the user.

Answer : D

Question 6

The CMO of an advertising company has invited an Identity and Access Management (IAM) specialist to discuss Salesforce out-of-box capabilities for configuring the company*s login and registration experience on Salesforce Experience Cloud.

The CMO is looking to brand the login page with the company's logo, background color, login button color, and dynamic right-frame from an external URL.

Which two solutions should the IAM specialist recommend?

Choose 2 answers

AUse Experience Builder to build branded Reset and Forgot Password pages.

BBuild custom pages for branding requirements in Experience Cloud.

CBuild custom site pages for reset and forgot password features.

DLogin & Registration pages can be branded in the Community Administration settings.

Answer : A, D

Question 7

Universal Containers (UC) wants to provide single sign-on (SSO) for a business-to-consumer (B2C) application using Salesforce Identity.

Which Salesforce license should UC utilize to implement this use case?

AIdentity Only

BSalesforce Platform

CExternal Identity

DPartner Community

Answer : C

Salesforce Identity-and-Access-Management-designer Identity and Access Management Designer Exam Practice Test