[Q112-Q127] Try 100% Updated Identity-and-Access-Management-Architect Exam Questions [2023]

Try 100% Updated Identity-and-Access-Management-Architect Exam Questions [2023]

Pass Identity-and-Access-Management-Architect Exam - Real Questions and Answers

Salesforce Identity-and-Access-Management-Architect Exam Syllabus Topics:

Topic	Details
Topic 1	Given a scenario, describe what tools you can apply to audit and verify the activity user during and after login Describe how trust is established between two systems
Topic 2	Describe common authentication patterns and understand the differences between each one Given a scenario, identify the configuration settings for a Connected app
Topic 3	Given a requirement, understand the advantages and limitations of External Identity solutions and associated licenses Identify the role Identity Connect product plays in a Salesforce Identity implementation
Topic 4	Describe the various implementation concepts of OAuth Describe the building blocks that are part of an identity solution
Topic 5	Troubleshoot common points of failure that may be encountered in a single sign-on solution Describe the tools that are available to diagnose IdP issues
Topic 6	Identify the ways that users can be provisioned in Salesforce to enable SSO and apply access rights Identify the auditing and monitoring approaches available on the platform
Topic 7	Given a scenario, recommend the most appropriate way to provision users from identity stores in B2E and B2C scenarios Recommend the appropriate method for provisioning users in Salesforce
Topic 8	Given a scenario, recommend appropriate Scope and Configuration of the connected App for Authorization Given a scenario, determine when to use embedded login
Topic 9	Given a scenario identify if Salesforce Customer 360 Identity fits into a fully developed Customer 360 solution Given a use case, describe when Salesforce is used as a Service Provider

 

NEW QUESTION 112
A multinational industrial products manufacturer is planning to implement Salesforce CRM to manage their business. They have the following requirements:
1. They plan to implement Partner communities to provide access to their partner network .
2. They have operations in multiple countries and are planning to implement multiple Salesforce orgs.
3. Some of their partners do business in multiple countries and will need information from multiple Salesforce communities.
4. They would like to provide a single login for their partners.
How should an Identity Architect solution this requirement with limited custom development?

• A. Register partners in one org and access information from other orgs using APIs.
• B. Allow partners to choose the Salesforce org they need information from and use login flows to authenticate access.
• C. Create a partner login for the country of their operation and use SAML federation to provide access to other orgs.
• D. Consolidate Partner related information in a single org and provide access through Salesforce community.

Answer: C

 

NEW QUESTION 113
Universal Containers (UC) has an existing Salesforce org configured for SP-Initiated SAML SSO with their Idp. A second Salesforce org is being introduced into the environment and the IT team would like to ensure they can use the same Idp for new org. What action should the IT team take while implementing the second org?

• A. Use the Salesforce Username as the SAML Identity Type.
• B. Use the same request bindings as the first org.
• C. Use a different Entity ID than the first org.
• D. Use the same SAML Identity location as the first org.

Answer: C

 

NEW QUESTION 114
Northern Trail Outfitters would like to automatically create new employee users in Salesforce with an appropriate profile that maps to its Active Directory Department.
How should an identity architect implement this requirement?

• A. Make a callout during the login flow to query department from Active Directory to assign the appropriate profile.
• B. Use a login flow to collect Security Assertion Markup Language attributes and assign the appropriate profile during Just-In-Time (JIT) provisioning.
• C. Use the updateUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.
• D. Use the createUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.

Answer: C

 

NEW QUESTION 115
Northern Trail Outfitters (NTO) uses Salesforce Experience Cloud sites (previously known as Customer Community) to provide a digital portal where customers can login using their Google account.
NTO would like to automatically create a case record for first time users logging into Salesforce Experience Cloud.
What should an Identity architect do to fulfill the requirement?

• A. Create an authentication provider for Social Login using Google and leverage standard registration handler.
• B. Implement a login flow with a record create component for Case.
• C. Implement a Just-in-Time handler class that has logic to create cases upon first login.
• D. Configure an authentication provider for Social Login using Google and a custom registration handler.

Answer: B

 

NEW QUESTION 116
Universal Containers (UC) is considering a Customer 360 initiative to gain a single source of the truth for its customer data across disparate systems and services. UC wants to understand the primary benefits of Customer
360 Identity and how it contributes ato successful Customer 360 Truth project.
What are two are key benefits of Customer 360 Identity as it relates to Customer 360?
Choose 2 answers

• A. Customer 360 Identity not only provides a unified sign up and sign in experience, but also tracks anonymous user activity prior to signing up so organizations can understand user activity before and after the users identify themselves.
• B. Customer 360 Identity automatically integrates with Customer 360 Data Manager and Customer 360 Audiences to seamlessly populate all user data.
• C. Customer 360 Identity supports multiple brands so you can deliver centralized identity services and correlation of user activity, even if it spans multiple corporate brands and user experiences.
• D. Customer 360 Identity enables an organization to build a single login for each of its customers, giving the organization an understanding of the user's login activity across all its digital properties and applications.

Answer: C,D

 

NEW QUESTION 117
Universal containers (UC) wants to integrate a Web application with salesforce. The UC team has implemented the Oauth web-server Authentication flow for authentication process. Which two considerations should an architect point out to UC? Choose 2 answers

• A. The flow will not provide an Oauth refresh token back to the server.
• B. The web server must be able to protect consumer privacy
• C. The flow involves passing the user credentials back and forth.
• D. The web application should be hosted on a secure server.

Answer: B,D

 

NEW QUESTION 118
Universal containers wants to implement single Sign-on for a salesforce org using an external identity provider and corporate identity store. What type of Authentication flow is required to support deep linking?

• A. Start URL on identity provider
• B. Service-provider-initiated SSO
• C. Web server Oauth SSO flow.
• D. Identity-provider-initiated SSO

Answer: B

 

NEW QUESTION 119
A web service is developed that allows secure access to customer order status on the Salesforce Platform, The service connects to Salesforce through a connected app with the web server flow. The following are the required actions for the authorization flow:
1. User Authenticates and Authorizes Access
2. Request an Access Token
3. Salesforce Grants an Access Token
4. Request an Authorization Code
5. Salesforce Grants Authorization Code
What is the correct sequence for the authorization flow?

• A. 1, 4, 5, 2, 3
• B. 2, 1, 3, 4, 5
• C. 4,5,2, 3, 1
• D. 4, 1, 5, 2, 3

Answer: C

 

NEW QUESTION 120
Which tool should be used to track login data, such as the average number of logins, who logged in more than the average number of times and who logged in during non-business hours?

• A. Login Report
• B. Login Inspector
• C. Login Forensics
• D. Login History

Answer: C

 

NEW QUESTION 121
In a typical SSL setup involving a trusted party and trusting party, what consideration should an Architect take into account when using digital certificates?

• A. Use of self-signed certificate leads to higher maintenance for trusting party because the cert needs to be added to their truststore.
• B. Use of self-signed certificate leads to lower maintenance for trusted party because multiple self-signed certs need to be maintained.
• C. Use of self-signed certificate leads to higher maintenance for trusted party because they have to act as the trusted CA
• D. Use of self-signed certificate leads to lower maintenance for trusting party because there is no trusted CA cert to maintain.

Answer: D

 

NEW QUESTION 122
Which two security risks can be mitigated by enabling Two-Factor Authentication (2FA) in Salesforce?
Choose 2 answers

• A. Users accessing Salesforce from a public Wi-Fi access point.
• B. Users choosing passwords that are the same as their Facebook password.
• C. Users creating simple-to-guess password reset questions.
• D. Users leaving laptops unattended and not logging out of Salesforce.

Answer: A,B

 

NEW QUESTION 123
Northern Trail Outfitters (NTO) is planning to implement a community for its customers using Salesforce Experience Cloud . Customers are not able to self-register. NTO would like to have customers set their own passwords when provided access to the community.
Which two recommendations should an identity architect make to fulfill this requirement?
Choose 2 answers

• A. Enable Welcome emails while configuring the Experience Cloud site.
• B. Add customers as contacts and add them to Experience Cloud site.
• C. Allow Password reset using the API to update Experience Cloud site membership.
• D. Use Login Flows to allow users to reset password in Experience Cloud site.

Answer: C,D

 

NEW QUESTION 124
Universal containers (UC) built a customer Community for customers to buy products, review orders, and manage their accounts. UC has provided three different options for customers to log in to the customer Community: salesforce, Google, and Facebook. Which two role combinations are represented by the systems in the scenario? Choose 2 answers

• A. Google is the service provider and Facebook is the identity provider
• B. Salesforce is the service provider and Google is the identity provider
• C. Salesforce is the service provider and Facebook is the identity provider
• D. Facebook is the service provider and salesforce is the identity provider

Answer: B,C

 

NEW QUESTION 125
Northern Trail Outfitters would like to use a portal built on Salesforce Experience Cloud for customer self-service. Guests of the portal be able to self-register, but be unable to automatically be assigned to a contact record until verified. External Identity licenses have bee purchased for the project.
After registered guests complete an onboarding process, a flow will create the appropriate account and contact records for the user.
Which three steps should an identity architect follow to implement the outlined requirements?
Choose 3 answers

• A. Customize the self-registration Apex handler to temporarily associate the user to a shared single contact record.
• B. Customize me self-registration Apex handler to create only the user record.
• C. Select the "Configurable Self-Reg Page" option under Login & Registration.
• D. Set jp an external login page and call Salesforce APIs for user creation.
• E. Enable "Allow customers and partners to self-register".

Answer: B,C,E

 

NEW QUESTION 126
Universal Containers (UC) has built a custom time tracking app for its employee. UC wants to leverage Salesforce Identity to control access to the custom app.
At a minimum, which Salesforce license is required to support this requirement?

• A. External Identity
• B. Identity Only
• C. Identity Connect
• D. Identity Verification

Answer: B

 

NEW QUESTION 127
......

Identity-and-Access-Management-Architect Exam Questions Get Updated [2023] with Correct Answers: https://www.prepawayete.com/Salesforce/Identity-and-Access-Management-Architect-practice-exam-dumps.html

Free Salesforce Identity-and-Access-Management-Architect Test Practice Test Questions Exam Dumps: https://drive.google.com/open?id=1zz02tvvkRSQwNIVjw3DdCE7U0sUi4yLS