Identity-and-Access-Management-Designer試験無料問題集（245題）「Salesforce Certified Identity and Access Management Designer 認定」

出題：1

An administrator created a connected app for a custom wet) application in Salesforce which needs to be visible as a tile in App Launcher The tile for the custom web application is missing in the app launcher for all users in Salesforce. The administrator requested assistance from an identity architect to resolve the issue.
Which two reasons are the source of the issue?
Choose 2 answers
StartURL for the connected app is not set in Connected App settings.

A. The connected app is not set in the App menu as 'Visible in App Launcher".

B. Session Policy is set as 'High Assurance Session required' for this connected app.

C. OAuth scope does not include "openid*.

正解：A,C 解答を投票する

出題：2

Universal containers wants to implement single Sign-on for a salesforce org using an external identity provider and corporate identity store. What type of Authentication flow is required to support deep linking?

A. Service-provider-initiated SSO

B. Identity-provider-initiated SSO

C. Start URL on identity provider

D. Web server Oauth SSO flow.

正解：A 解答を投票する

出題：3

Universal Containers (UC) uses Salesforce as a CRM and identity provider (IdP) for their Sales Team to seamlessly login to intemaJ portals. The IT team at UC is now evaluating Salesforce to act as an IdP for its remaining employees.
Which Salesforce license is required to fulfill this requirement?

A. Identity Verification

B. External Identity

C. Identity Only

D. Identity Connect

正解：C 解答を投票する

出題：4

A company with 15,000 employees is using Salesforce and would like to take the necessary steps to highlight or curb fraudulent activity.
Which tool should be used to track login data, such as the average number of logins, who logged in more than the average number of times and who logged in during non-business hours?

A. Login Inspector

B. Login Forensics

C. Login History

D. Login Report

正解：B 解答を投票する

出題：5

Universal Containers (UC) uses Salesforce to allow customers to keep track of the order status. The customers can log in to Salesforce using external authentication providers, such as Facebook and Google. UC is also leveraging the App Launcher to let customers access an of platform application for generating shipping labels. The label generator application uses OAuth to provide users access. What license type should an Architect recommend for the customers?

A. Customer Community license

B. Customer Community Plus license

C. Identity license

D. External Identity license

正解：C 解答を投票する

出題：6

Users logging into Salesforce are frequently prompted to verify their identity.
The identity architect is required to provide recommendations so that frequency of prompt verification can be reduced.
What should the identity architect recommend to meet the requirement?

A. Implement multi-factor authentication for the Salesforce org.

B. Set trusted IP ranges for the organization.

C. Implement an single sign-on for Salesforce using an external identity provider.

D. Implement 2FA authentication for the Salesforce org.

正解：B 解答を投票する

出題：7

Northern Trail Outfitters (NTO) believes a specific user account may have been compromised. NTO inactivated the user account and needs U perform a forensic analysis and identify signals that could Indicate a breach has occurred.
What should NTO's first step be in gathering signals that could indicate account compromise?

A. Review the User record and evaluate the login and transaction history.

B. Download the Identity Provider Event Log and evaluate the details of activities performed by the user.

C. Download the Setup Audit Trail and review all recent activities performed by the user.

D. Download the Login History and evaluate the details of logins performed by the user.

正解：D 解答を投票する

出題：8

Universal Containers (UC) is implementing Salesforce and would like to establish SAML SSO for its users to log in. UC stores its corporate user identities in a Custom Database. The UC IT Manager has heard good things about Salesforce Identity Connect as an Idp, and would like to understand what limitations they may face if they decided to use Identity Connect in their current environment. What limitation Should an Architect inform the IT Manager about?

A. Identity connect is not compatible with UC's current identity environment.

B. Identity Connect will not support user provisioning in UC's current environment.

C. Identity Connect will only support Idp-initiated SAML flows in UC's current environment.

D. Identity Connect will only support SP-initiated SAML flows in UC's current environment.

正解：B 解答を投票する

出題：9

Northern Trail Outfitters (NTO) has a requirement to ensure all user logins include a single multi-factor authentication (MFA) prompt. Currently, users are allowed the choice to login with a username and password or via single sign-on against NTO's corporate Identity Provider, which includes built-in MFA.
Which configuration will meet this requirement?

A. For all employee profiles, set the Session Level Required at Login to High Assurance and add the corporate identity provider to the High Assurance list for the org's Session Security Levels.

B. Create a custom login flow that enforces MFA and assign it to a permission set. Then assign the permission set to all employees.

C. Create and assign a permission set to all employees that includes "MFA for User Interface Logins."

D. Enable "MFA for User Interface Logins" for your organization from Setup -> Identity Verification.

正解：D 解答を投票する

出題：10

Universal containers (UC) built a customer Community for customers to buy products, review orders, and manage their accounts. UC has provided three different options for customers to log in to the customer Community: salesforce, Google, and Facebook. Which two role combinations are represented by the systems in the scenario? Choose 2 answers

A. Salesforce is the service provider and Google is the identity provider

B. Salesforce is the service provider and Facebook is the identity provider

C. Facebook is the service provider and salesforce is the identity provider

D. Google is the service provider and Facebook is the identity provider

正解：A,B 解答を投票する

出題：11

A client is planning to rollout multi-factor authentication (MFA) to its internal employees and wants to understand which authentication and verification methods meet the Salesforce criteria for secure authentication.
Which three functions meet the Salesforce criteria for secure mfa?
Choose 3 answers

A. Third-party single sign-on with Mobile Authenticator app

B. Certificate-based Authentication

C. Username and password + secunty key

D. username and password + SMS passcode

E. Lightning Login

正解：A,C,E 解答を投票する

出題：12

Universal containers (UC) has implemented SAML SSO to enable seamless access across multiple applications. UC has regional salesforce orgs and wants it's users to be able to access them from their main Salesforce org seamless. Which action should an architect recommend?

A. Configure the main salesforce org as an Authentication provider.

B. Configure the regional salesforce orgs as Identity Providers.

C. Configure the main salesforce org as the Identity provider.

D. Configure the main Salesforce org as a service provider.

正解：C 解答を投票する

出題：13

Universal Containers would like its customers to register and log in to a portal built on Salesforce Experience Cloud. Customers should be able to use their Facebook or Linkedln credentials for ease of use.
Which three steps should an identity architect take to implement social sign-on?
Choose 3 answers

A. Update the default registration handlers to create and update users.

B. Enable "Federated Single Sign-On Using SAML".

C. Check "Facebook" and "Linkedln" under Login Page Setup.

D. Create authentication providers for both Facebook and Linkedln.

E. Register both Facebook and Linkedln as connected apps.

正解：A,C,D 解答を投票する

出題：14

Which three are features of federated Single sign-on solutions? Choose 3 Answers

A. It enables quick and easy provisioning and deactivating of users.

B. It establishes trust between Identity Store and Service Provider.

C. It federates credentials control to authorized applications.

D. It improves affiliated applications adoption rates.

E. It solves all identity and access management problems.

正解：A,B,D 解答を投票する

Identity-and-Access-Management-Designer試験無料問題集「Salesforce Certified Identity and Access Management Designer 認定」