Login / Register   My Cart (0)

CramPDF Co., ltd provides valid exam cram PDF & dumps PDF materials to help candidates pass exam certainly. If you want to get certifications in the short time please choose CramPDF exam cram or dumps PDF file.

All Products Contact now
  • Home
  • Articles
  • [May 14, 2024] Fast Exam Updates Identity-and-Access-Management-Designer dumps with PDF Test Engine Practice [Q41-Q60]

[May 14, 2024] Fast Exam Updates Identity-and-Access-Management-Designer dumps with PDF Test Engine Practice [Q41-Q60]

Share

[May 14, 2024] Fast Exam Updates Identity-and-Access-Management-Designer dumps with PDF Test Engine Practice

Exam Valid Dumps with Instant Download Free Updates

NEW QUESTION # 41
Universal containers (UC) employees have salesforce access from restricted ip ranges only, to protect against unauthorised access. UC wants to rollout the salesforce1 mobile app and make it accessible from any location. Which two options should an architect recommend? Choose 2 answers

  • A. Relax the ip restriction with a second factor in the connect app settings for salesforce1 mobile app
  • B. Relax the ip restriction in the connect app settings for the salesforce1 mobile app
  • C. Use login flow to bypass ip range restriction for the mobile app.
  • D. Remove existing restrictions on ip ranges for all types of user access.

Answer: B,C


NEW QUESTION # 42
Universal Containers (UC) uses an internal system for recruiting and would like to have the candidates' info available in Salesforce automatically when they are selected. UC decides to use OAuth to connect to Salesforce from the recruiting system and would like to do the authentication using digital certificates.
Which two OAuth flows should be considered to meet the requirement? (Choose two.)

  • A. Refresh Token flow
  • B. Web Server flow
  • C. JWT Bearer Token flow
  • D. SAML Bearer Assertion flow

Answer: C,D


NEW QUESTION # 43
Sales users at Universal containers use salesforce for Opportunity management. Marketing uses a third-party application called Nest for Lead nurturing that is accessed using username/password. The VP of sales wants to open up access to nest for all sales uses to provide them access to lead history and would like SSO for better adoption. Salesforce is already setup for SSO and uses Delegated Authentication. Nest can accept username/Password or SAML-based Authentication. IT teams have received multiple password-related issues for nest and have decided to set up SSO access for Nest for Marketing users as well. The CIO does not want to invest in a new IDP solution and is considering using Salesforce for this purpose. Which are appropriate license type choices for sales and marketing users, giving salesforce is using Delegated Authentication?
Choose 2 answers

  • A. Salesforce license for sales users and External Identity license for Marketing users
  • B. Salesforce license for sales users and platform license for Marketing users.
  • C. Identity license for sales users and Identity connect license for Marketing users
  • D. Salesforce license for sales users and Identity license for Marketing users

Answer: B,D


NEW QUESTION # 44
Northern Trail Outfitters (NTO) is launching a new sportswear brand on its existing consumer portal built on Salesforce Experience Cloud. As part of the launch, emails with promotional links will be sent to existing customers to log in and claim a discount. The marketing manager would like the portal dynamically branded so that users will be directed to the brand link they clicked on; otherwise, users will view a recognizable NTO-branded page.
The campaign is launching quickly, so there is no time to procure any additional licenses. However, the development team is available to apply any required changes to the portal.
Which approach should the identity architect recommend?

  • A. Implement Experience ID in the code and extend the URLs and endpomts, as required.
  • B. Configure an additional community site on the same org that is dedicated for the new brand.
  • C. Use Heroku to build the new brand site and embedded login to reuse identities.
  • D. Create a full sandbox to replicate the portal site and update the branding accordingly.

Answer: A


NEW QUESTION # 45
Universal Containers (UC) is concerned that having a self-registration page will provide a means for "bots" or unintended audiences to create user records, thereby consuming licenses and adding dirty data.
Which two actions should UC take to prevent unauthorized form submissions during the self-registration process? (Choose two.)

  • A. Primarily use lookup and picklist fields on the self-registration page.
  • B. Use hidden fields populated via JavaScript events in the self-registration page.
  • C. Require a CAPTCHA at the end of the self-registration process.
  • D. Use open-ended security questions and complex password requirements.

Answer: C,D


NEW QUESTION # 46
Universal Containers (UC) uses Salesforce as a CRM and identity provider (IdP) for their Sales Team to seamlessly login to intemaJ portals. The IT team at UC is now evaluating Salesforce to act as an IdP for its remaining employees.
Which Salesforce license is required to fulfill this requirement?

  • A. Identity Only
  • B. Identity Connect
  • C. External Identity
  • D. Identity Verification

Answer: A


NEW QUESTION # 47
Northern Trail Outfitters (NTO) wants to give customers the ability to submit and manage issues with their purchases. It is important for NTO to give its customers the ability to login with their Amazon credentials.
What should an identity architect recommend to meet these requirements?

  • A. Create a custom external authentication provider for Amazon.
  • B. Configure a predefined authentication provider for Amazon.
  • C. Configure an OpenID Connect Authentication Provider for Amazon.
  • D. Configure Amazon as a connected app.

Answer: C


NEW QUESTION # 48
Universal Containers (UC) would like to enable self-registration for their Salesforce Partner Community Users. UC wants to capture some custom data elements from the partner user, and based on these data elements, wants to assign the appropriate Profile and Account values.
Which two actions should the Architect recommend to UC? (Choose two.)

  • A. Configure Registration for Communities to use a custom Apex Controller.
  • B. Configure Registration for Communities to use a custom Visualforce Page.
  • C. Modify the CommunitiesSelfRegController to assign the Profile and Account.
  • D. Modify the SelfRegistration trigger to assign Profile and Account.

Answer: B,C


NEW QUESTION # 49
The CIO of Universal Containers (UC) wants to start taking advantage of the refresh token capability for the UC applications that utilize OAuth 2.0. UC has enlisted an Architect to analyze all of the applications that use OAuth flows to see where refresh tokens can be applied.
Which two OAuth flows should the Architect consider in their evaluation? (Choose two.)

  • A. User-Agent
  • B. Username-Password
  • C. Web Server
  • D. JWT Bearer Token

Answer: A,C


NEW QUESTION # 50
universal container plans to develop a custom mobile app for the sales team that will use salesforce for authentication and access management. The mobile app access needs to be restricted to only the sales team.
What would be the recommended solution to grant mobile app access to sales users?

  • A. Add a new identity provider to authenticate and authorize mobile users.
  • B. Use a custom attribute on the user object to control access to the mobile app
  • C. Use the permission set license to assign the mobile app permission to sales users
  • D. Use connected apps Oauth policies to restrict mobile app access to authorized users.

Answer: D


NEW QUESTION # 51
Universal Container's (UC) identity architect needs to recommend a license type for their new Experience Cloud site that will be used by external partners (delivery providers) for reviewing and updating their accounts, downloading files provided by UC and obtaining scheduled pickup dates from their calendar.
UC is using their Salesforce production org as the identity provider for these users and the expected number of individual users is 2.5 million with 13.5 million unique logins per month.
Which of the following license types should be used to meet the requirement?

  • A. Partner Community Login License
  • B. External Apps License
  • C. Partner Community License
  • D. Customer Community plus Login License

Answer: D


NEW QUESTION # 52
Universal Containers (UC) uses middleware to integrate multiple systems with Salesforce. UC has a strict, new requirement that usernames and passwords cannot be stored in any UC system. How can UC's middleware authenticate to Salesforce while adhering to this requirement?

  • A. Create a Connected App that supports the JWT Bearer Token OAuth Flow.
  • B. Create a Connected App that supports the Refresh Token OAuth Flow
  • C. Create a Connected App that supports the User-Agent OAuth Flow.
  • D. Create a Connected App that supports the Web Server OAuth Flow.

Answer: A


NEW QUESTION # 53
Universal Containers (UC) implemented SSO to a third-party system for their Salesforce users to access the App Launcher. UC enabled "User Provisioning" on the Connected App so that changes to user accounts can be synched between Salesforce and the third party system. However, UC quickly notices that changes to user roles in Salesforce are not getting synched to the third-party system. What is the most likely reason for this behaviour?

  • A. User Provisioning for Connected Apps does not support role sync.
  • B. The Approval queue for User Provisioning Requests is unmonitored.
  • C. Salesforce roles have more than three levels in the role hierarchy.
  • D. Required operation(s) was not mapped in User Provisioning Settings.

Answer: A


NEW QUESTION # 54
What are threecapabilitiesof Delegated Authentication? Choose 3 answers

  • A. It can connect to SOAP services.
  • B. It can be assigned by Custom Permissions.
  • C. It can be assigned by Profiles.
  • D. It can be assigned by Permission Sets.
  • E. It can connect to REST services.

Answer: A,D,E


NEW QUESTION # 55
Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case?
Choose 2 answers

  • A. The Identity Provider can authenticate multiple applications.
  • B. The Identity Provider can authenticate multiple social media accounts.
  • C. The Identity provider can store credentials for multiple applications.
  • D. The Identity Provider can centralize enterprise password policy.

Answer: A,D


NEW QUESTION # 56
Universal Containers (UC) plans to use a SAML-based third-party IdP serving both of the Salesforce Partner Community and the corporate portal. UC partners will log in 65* to the corporate portal to access protected resources, including links to Salesforce resources. What would be the recommended way to configure the IdP so that seamless access can be achieved in this scenario?

  • A. Set up the corporate portal as a Connected App in Salesforce and use the User Agent OAuth flow.
  • B. Configure IdP-initiated SSO that passes the SAML token upon Salesforce resource access request.
  • C. Configure SP-initiated SSO that passes the SAML token upon Salesforce resource access request.
  • D. Set up the corporate portal as a Connected App in Salesforce and use the Web server OAuth flow.

Answer: B


NEW QUESTION # 57
Which three types of attacks would a 2-Factor Authentication solution help garden against?

  • A. Man-in-the-middle attacks
  • B. Dictionary attacks
  • C. Network perimeter attacks
  • D. Key logging attacks
  • E. Phishing attacks

Answer: C,D,E


NEW QUESTION # 58
Universal Containers want users to be able to log in to the Salesforce mobile app with their Active Directory password. Employees are unable to use mobile VPN.
Which two options should an identity architect recommend to meet the requirement?
Choose 2 answers

  • A. Salesforce Identity Connect
  • B. Active Directory Password Sync Plugin
  • C. Configure Cloud Provider Load Balancer
  • D. Salesforce Trigger & Field on Contact Object

Answer: A,B


NEW QUESTION # 59
Which two capabilities does My Domain enable in the context of a SAML SSO configuration? Choose 2 answers

  • A. SSO from Salesforce Mobile App
  • B. App Launcher
  • C. Resource deep linking
  • D. Login Forensics

Answer: A


NEW QUESTION # 60
......

Download Identity-and-Access-Management-Designer Exam Dumps PDF Q&A: https://www.crampdf.com/Identity-and-Access-Management-Designer-exam-prep-dumps.html

Identity-and-Access-Management-Designer Dumps First Attempt Guaranteed Success: https://drive.google.com/open?id=1KeDz7S8zHNRXEWZVJ7olsUXwU51OWZ2y

Related Articles

more
Salesforce Identity-and-Access-Management-Designer Certification Practice Exam

CramPDF Co., ltd provides valid exam cram PDF & dumps PDF materials to help candidates pass exam certainly. If you want to get certifications in the short time please choose CramPDF exam cram or dumps PDF file.

Latest Cram PDF

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 CramPDF NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy