New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Identity-and-Access-Management-Architect Questions Bank

Page: 5 / 18
Question 20

Universal Containers (UC) is both a Salesforce and Google Apps customer. The UC IT team would like to manage the users for both systems in a single place to reduce administrative burden. Which two optimal ways can the IT team provision users and allow Single Sign-on between Salesforce and Google Apps ? Choose 2 answers

Options:

A.

Build a custom app running on Heroku as the Identity Provider that can sync user information between Salesforce and Google Apps.

B.

Use a third-party product as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.

C.

Use Identity Connect as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.

D.

Use Salesforce as the Identity Provider and Google Apps as a Service Provider and configure User Provisioning for Connected Apps.

Question 21

In an SP-Initiated SAML SSO setup where the user tries to access a resource on the Service Provider, What HTTP param should be used when submitting a SAML Request to the Idp to ensure the user is returned to the intended resourse after authentication?

Options:

A.

RedirectURL

B.

RelayState

C.

DisplayState

D.

StartURL

Question 22

An identity architect wants to secure Salesforce APIs using Security Assertion Markup Language (SAML). For security purposes, administrators will need to authorize the applications that will be consuming the APIs.

Which Salesforce OAuth authorization flow should be used?

Options:

A.

OAuth 2-0 SAML Bearer Assertion Flow

B.

OAuth 2.0 JWT Bearer Flow

C.

SAML Assertion Flow

D.

OAuth 2.0 User-Agent Flow

Question 23

The CIO of universal containers(UC) wants to start taking advantage of the refresh token capability for the UC applications that utilize Oauth 2.0. UC has listed an architect to analyze all of the applications that use Oauth flows to. See where refresh Tokens can be applied. Which two OAuth flows should the architect consider in their evaluation? Choose 2 answers

Options:

A.

Web server

B.

Jwt bearer token

C.

User-Agent

D.

Username-password

Page: 5 / 18
Exam Name: Salesforce Certified Identity andAccess Management Architect (SU24)
Last Update: Dec 22, 2024
Questions: 243
Identity-and-Access-Management-Architect pdf

Identity-and-Access-Management-Architect PDF

$25.5  $84.99
Identity-and-Access-Management-Architect Engine

Identity-and-Access-Management-Architect Testing Engine

$28.5  $94.99
Identity-and-Access-Management-Architect PDF + Engine

Identity-and-Access-Management-Architect PDF + Testing Engine

$40.5  $134.99