Identity-and-Access-Management-Architect Practice Exam Questions and Answers

Universal Containers (UC) has an existing Salesforce org configured for SP-Initiated SAML SSO with their Idp. A second Salesforce org is being introduced into the environment and the IT team would like to ensure they can use the same Idp for new org. What action should the IT team take while implementing the second org?

The CMO of an advertising company has invited an Identity and Access Management (IAM) specialist to discussSalesforce out-of-box capabilities for configuring the company*s login and registration experience on Salesforce Experience Cloud.

The CMO is looking to brand the login page with the company's logo, background color, login button color, and dynamic right-frame from an external URL.

Which two solutions should the IAM specialist recommend?

Choose 2 answers

Universal containers (UC) has a customer Community that uses Facebook for authentication. UC would like to ensure that changes in the Facebook profile are reflected on the appropriate customer Community user. How can this requirement be met?

An identity architect is setting up an integration between Salesforce and a third-party system. The third-party system needs to authenticate to Salesforce and then make API calls against the REST API.

One of the requirements is that the solution needs to ensure the third party service providers connected app in Salesforce mini need for end user interaction and maximizes security.

Which OAuth flow should be used to fulfill the requirement?

Universal Containers (UC) is building an authenticated Customer Community for its customers. UC does not want customer credentialsstored in Salesforce and is confident its customers would be willing to use their social media credentials to authenticate to the community. Which two actions should an Architect recommend UC to take?

Universal containers (UC) is concerned that having a self-registration page will provide a means for "bots" or unintended audiences to create user records, thereby consuming licences and adding dirty data. Which two actions should UC take to prevent unauthorised form submissions during theself-registration process? Choose 2 answers

A financial services company uses Salesforce and has a compliance requirement to track information about devices from whichusers log in. Also, a Salesforce Security Administrator needs to have the ability to revoke the device from which users log in.

What should be used to fulfill this requirement?

Universal Containers (UC) has a desktop application to collect leads for marketing campaigns. UC wants to extend this application to integrate with Salesforce to create leads. Integration between the desktop application and Salesforce should be seamless. What Authorization flow should the Architect recommend?

Universal Containers (UC) wants to use Salesforce for sales orders and a legacy of system for order fulfillment. The legacy system must update the status of orders in 65* Salesforce in real time as they are fulfilled. UC decides to use OAuth for connecting the legacy system to Salesforce. What OAuth flow should be considered that doesn't require storing credentials, client secret or refresh tokens?

Which two things should be done to ensure end users can only use single sign-on (SSO) to login in to Salesforce?

Choose 2 answers