• Home
  • Articles
  • Sep 09, 2023 Newest Identity-and-Access-Management-Designer Exam Dumps – Achieve Success in Actual Identity-and-Access-Management-Designer Exam [Q98-Q115]

Sep 09, 2023 Newest Identity-and-Access-Management-Designer Exam Dumps – Achieve Success in Actual Identity-and-Access-Management-Designer Exam [Q98-Q115]

Share

Sep 09, 2023 Newest Identity-and-Access-Management-Designer Exam Dumps – Achieve Success in Actual Identity-and-Access-Management-Designer Exam

Updated Salesforce Identity-and-Access-Management-Designer Dumps – Check Free Identity-and-Access-Management-Designer Exam Dumps (2023)


Salesforce Identity-and-Access-Management-Designer Exam is a certification exam designed for professionals who want to demonstrate their expertise in the field of identity and access management. Identity-and-Access-Management-Designer exam is intended for those who have extensive knowledge and experience in designing and implementing secure and efficient identity and access management solutions using Salesforce technologies.


Salesforce Identity-and-Access-Management-Designer certification exam is a valuable credential for professionals who are responsible for designing and implementing secure access solutions in Salesforce. It validates the skills and knowledge required to ensure that Salesforce is configured to meet the needs of the organization and its users while maintaining the highest level of security.

 

NEW QUESTION # 98
Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case?
Choose 2 answers

  • A. The Identity Provider can authenticate multiple social media accounts.
  • B. The Identity provider can store credentials for multiple applications.
  • C. The Identity Provider can authenticate multiple applications.
  • D. The Identity Provider can centralize enterprise password policy.

Answer: C,D


NEW QUESTION # 99
Universal Containers (UC) wants its closed Won opportunities to be synced to a Data Warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is Secure. What Certificate is sent along with the Outbound Message?

  • A. The default Client Certificate from the Develop--> API Menu.
  • B. The CA-Signed Certificate from the Certificate and Key Management menu.
  • C. The default Client Certificate or a Certificate from Certificate and Key Management menu.
  • D. The Self-Signed Certificates from the Certificate & Key Management menu.

Answer: A


NEW QUESTION # 100
Universal containers (UC) would like to enable self - registration for their salesforcepartner community users.
UC wants to capture some custom data elements from the partner user, and based on these data elements, wants to assign the appropriate profile and account values. Which two actions should the architect recommend to UC? Choose 2 answers

  • A. Configure registration for communities to use a custom visualforce page.
  • B. Modify the communitiesselfregcontroller to assign the profile and account.
  • C. Modify the selfregistration trigger to assign profile and account.
  • D. Configure registrationfor communities to use a custom apex controller.

Answer: A,B


NEW QUESTION # 101
Universal containers (UC) has built a custom based Two-factor Authentication (2fa) system for their existing on-premise applications. Thru are now implementing salesforce and would like to enable a Two-factor login process for it, as well. What is the recommended solution an architect should consider?

  • A. Use custom login flows to connect to the existing custom 2fa system for use in salesforce.
  • B. Use the custom 2fa system for on-premise applications and native 2fa for salesforce.
  • C. Replace the custom 2fa system with an app exchange app that supports on-premise applications and salesforce.
  • D. Replace the custom 2fa system with salesforce 2fa for on-premise application and salesforce.

Answer: A


NEW QUESTION # 102
A manufacturer wants to provide registration for an Internet of Things (IoT) device with limited display input or capabilities.
Which Salesforce OAuth authorization flow should be used?

  • A. OAuth 2.0 User-Agent Flow
  • B. OAuth 2.0 JWT Bearer How
  • C. OAuth 2.0 Asset Token Flow
  • D. OAuth 2.0 Device Flow

Answer: D


NEW QUESTION # 103
Northern Trail Outfitters want to allow its consumer to self-register on it business-to-consumer (B2C) portal that is built on Experience Cloud. The identity architect has recommended to use Person Accounts.
Which three steps need to be configured to enable self-registration using person accounts?
Choose 3 answers

  • A. Enable access to person and business account record types under Public Access Settings.
  • B. Contact Salesforce Support to enable business accounts.
  • C. Contact Salesforce Support to enable person accounts.
  • D. Under Login and Registration settings, ensure that the default account field is empty.
  • E. Set organization-wide default sharing for Contact to Public Read Only.

Answer: A,C,D


NEW QUESTION # 104
Universal containers (UC) has multiple salesforce orgs and would like to use a single identity provider to access all of their orgs. How should UC'S architect enable this behavior?

  • A. Ensure the same username is allowed in multiple orgs by contacting salesforce support.
  • B. Ensure that users have the same email value in their user records in all of UC's salesforce orgs.
  • C. Ensure that users have the same Federation ID value in their user records in all of UC's salesforce orgs.
  • D. Ensure that users have the same alias value in their user records in all of UC's salesforce orgs.

Answer: C


NEW QUESTION # 105
A real estate company wants to provide its customers a digital space to design their interior decoration options. To simplify the registration to gain access to the community site (built in Experience Cloud), the CTO has requested that the IT/Development team provide the option for customers to use their existing social-media credentials to register and access.
The IT lead has approached the Salesforce Identity and Access Management (IAM) architect for technical direction on implementing the social sign-on (for Facebook, Twitter, and a new provider that supports standard OpenID Connect (OIDC)).
Which two recommendations should the Salesforce IAM architect make to the IT Lead?
Choose 2 answers

  • A. Authentication provider configuration is required each social sign-on providers; and enable Authentication providers in community.
  • B. Apex coding skills are needed for registration handler to create and update users.
  • C. Use declarative registration handler process builder/flow to create, update users and contacts.
  • D. For supporting OIDC it is necessary to enable Security Assertion Markup Language (SAML) with Just-in-Time provisioning (JIT) and OAuth 2.0.

Answer: A,B


NEW QUESTION # 106
The security team at Universal Containers (UC) has identified exporting reports as a high-risk action and would like to require users to be logged into Salesforce with their Active Directory (AD) credentials when doing so. For all other users of Salesforce, users should be allowed to use AD Credentials or Salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with Salesforce credentials?

  • A. Use SAML federated Authentication with a Login Flow to dynamically add or remove a Permission Set that grants the Export Reports Permission.
  • B. Use SAML federated Authentication, treat SAML Sessions as High Assurance, and raise the session level required for exporting reports.
  • C. Use SAML Federated Authentication and block access to reports when accessed through a Standard Assurance session.
  • D. Use SAML Federated Authentication and Custom SAML JIT Provisioning to dynamically and or remove a permission set that grants the Export Reports Permission.

Answer: B


NEW QUESTION # 107
Universal Containers (UC) has an e-commerce website where customers can buy products, make payments and manage their accounts. UC decides to build a Customer Community on Salesforce and wants to allow the customers to access the community from their accounts without logging in again. UC decides to implement an SP-initiated SSO using a SAML-compliant Idp. In this scenario where Salesforce is the Service Provider, which two activities must be performed in Salesforce to make SP-initiated SSO work? Choose 2 answers

  • A. Set up My Domain.
  • B. Create a Connected App.
  • C. Configure SAML SSO settings.
  • D. Configure Delegated Authentication.

Answer: A,C


NEW QUESTION # 108
Universal Containers (UC) would like to enable SAML-based SSO for a Salesforce Partner Community. UC has an existing LDAP identity store and a third-party portal. They would like to use the existing portal as the primary site these users access, but also want to allow seamless access to the Partner Community.
What SSO flow should an Architect recommend?

  • A. SP-Initiated
  • B. Web Server
  • C. IdP-Initiated
  • D. User-Agent

Answer: C


NEW QUESTION # 109
Northern Trail Outfitters (NTO) has a requirement to ensure all user logins include a single multi-factor authentication (MFA) prompt. Currently, users are allowed the choice to login with a username and password or via single sign-on against NTO's corporate Identity Provider, which includes built-in MFA.
Which configuration will meet this requirement?

  • A. For all employee profiles, set the Session Level Required at Login to High Assurance and add the corporate identity provider to the High Assurance list for the org's Session Security Levels.
  • B. Create and assign a permission set to all employees that includes "MFA for User Interface Logins."
  • C. Enable "MFA for User Interface Logins" for your organization from Setup -> Identity Verification.
  • D. Create a custom login flow that enforces MFA and assign it to a permission set. Then assign the permission set to all employees.

Answer: C


NEW QUESTION # 110
Universal Containers (UC) is looking to build a Canvas app and wants to use the corresponding Connected App to control where the app is visible. Which two options are correct in regards to where the app can be made visible under the Connected App setting for the Canvas app? Choose 2 answers

  • A. In the mobile navigation menu on Salesforce for Android.
  • B. Included in the Call Control Tool that's part of Open CTI.
  • C. The sidebar of a Salesforce Console as a console component.
  • D. As part of the body of a Salesforce Knowledge article.

Answer: C,D


NEW QUESTION # 111
Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case? Choose 2 answers

  • A. The Identity Provider can authenticate multiple social media accounts.
  • B. The Identity provider can store credentials for multiple applications.
  • C. The Identity Provider can authenticate multiple applications.
  • D. The Identity Provider can centralize enterprise password policy.

Answer: C,D


NEW QUESTION # 112
Universal Containers (UC) has decided to build a new, highly sensitive application on the Force.com platform.
The security team at UC has decided that they want users to provide a fingerprint in addition to username/password to authenticate to this application. How can an Architect support fingerprints as a form of identification for Salesforce authentication?

  • A. Use Salesforce Two-factor authentication with callouts to a third-party fingerprint scanning application.
  • B. Use custom login flows with callouts to a third-party fingerprint scanning application.
  • C. Use an AppExchange product that does fingerprint scanning with native Salesforce Identity Confirmation.
  • D. Use delegated Authentication with callouts to a third-party fingerprint scanning application.

Answer: C


NEW QUESTION # 113
Universal containers (UC) has implemented SAML SSO to enable seamless access across multiple applications. UC has regional salesforce orgs and wants it's users to be able to access them from their main Salesforce org seamless. Which action should an architect recommend?

  • A. Configure the main salesforce org as an Authentication provider.
  • B. Configure the main Salesforce org as a service provider.
  • C. Configure the main salesforce org as the Identity provider.
  • D. Configure the regional salesforce orgs as Identity Providers.

Answer: C


NEW QUESTION # 114
Uwversal Containers (UC) is building a custom employee hut) application on Amazon Web Services (AWS) and would like to store their users' credentials there. Users will also need access to Salesforce for internal operations. UC has tasked an identity architect with evaluating Afferent solutions for authentication and authorization between AWS and Salesforce.
How should an identity architect configure AWS to authenticate and authorize Salesforce users?

  • A. Configure AWS as an OpenID Connect Provider.
  • B. Create a custom external authentication provider.
  • C. Configure the custom employee app as a connected app.
  • D. Develop a custom Auth server in AWS.

Answer: A


NEW QUESTION # 115
......

Actual Identity-and-Access-Management-Designer Exam Recently Updated Questions with Free Demo: https://troytec.getvalidtest.com/Identity-and-Access-Management-Designer-brain-dumps.html

Related Articles

more
Salesforce Identity-and-Access-Management-Designer Certification Practice Exam