New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Pearson Identity-and-Access-Management-Architect New Attempt

Page: 14 / 18
Question 56

Northern Trail Outfitters (NTO) has an existing custom business-to-consumer (B2C) website that does NOT support single sign-on standards, such as Security Assertion Markup Language (SAMi) or OAuth. NTO wants to use Salesforce Identity to register and authenticate new customers on the website.

Which two Salesforce features should an identity architect use in order to provide username/password authentication for the website?

Choose 2 answers

Options:

A.

Identity Connect

B.

Delegated Authentication

C.

Connected Apps

D.

Embedded Login

Question 57

A third-party app provider would like to have users provisioned via a service endpoint before users access their app from Salesforce.

What should an identity architect recommend to configure the requirement with limited changes to the third-party app?

Options:

A.

Use a connected app with user provisioning flow.

B.

Create Canvas app in Salesforce for third-party app to provision users.

C.

Redirect users to the third-party app for registration.

D.

Use Salesforce identity with Security Assertion Markup Language (SAML) for provisioning users.

Question 58

Universal Containers is using OpenID Connect to enable a connection from their new mobile app to its production Salesforce org.

What should be done to enable the retrieval of the access token status for the OpenID Connect connection?

Options:

A.

Query using OpenID Connect discovery endpoint.

B.

A Leverage OpenID Connect Token Introspection.

C.

Create a custom OAuth scope.

D.

Enable cross-origin resource sharing (CORS) for the /services/oauth2/token endpoint.

Question 59

Universal Containers (UC) has decided to replace the homegrown customer portal with Salesforce Experience Cloud. UC will continue to use its third-party single sign-on (SSO) solution that stores all of its customer and partner credentials.

The first time a customer logs in to the Experience Cloud site through SSO, a user record needs to be created automatically.

Which solution should an identity architect recommend in order to automatically provision users in Salesforce upon login?

Options:

A.

Just-in-Time (JIT) provisioning

B.

Custom middleware and web services

C.

Custom login flow and Apex handler

D.

Third-party AppExchange solution

Page: 14 / 18
Exam Name: Salesforce Certified Identity andAccess Management Architect (SU24)
Last Update: Dec 22, 2024
Questions: 243
Identity-and-Access-Management-Architect pdf

Identity-and-Access-Management-Architect PDF

$25.5  $84.99
Identity-and-Access-Management-Architect Engine

Identity-and-Access-Management-Architect Testing Engine

$28.5  $94.99
Identity-and-Access-Management-Architect PDF + Engine

Identity-and-Access-Management-Architect PDF + Testing Engine

$40.5  $134.99