New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Salesforce Identity-and-Access-Management-Architect Questions Answers

Page: 16 / 18
Question 64

An architect needs to advise the team that manages the identity provider how to differentiate salesforce from other service providers. What SAML SSO setting in salesforce provides this capability?

Options:

A.

Entity id

B.

Issuer

C.

Identity provider login URL

D.

SAML identity location

Question 65

Northern Trail Outfitters mar ages functional group permissions in a custom security application supported by a relational database and a REST service layer. Group permissions are mapped as permission sets in Salesforce.

Which action should an identity architect use to ensure functional group permissions are reflected as permission set assignments?

Options:

A.

Use a Login Flow to query SAML attributes and set permission sets.

B.

Use a Login Flow with invocable Apex to callout to the security application and set permission sets.

C.

Use the Apex Just-in-Time (JIT) handler to query the Security Assertion markup Language (SAML) attributes and set permission sets.

D.

Use the Apex JIT handler to callout to the security application and set permission sets

Question 66

In a typical SSL setup involving a trusted party and trusting party, what consideration should an Architect take into account when using digital certificates?

Options:

A.

Use of self-signed certificate leads to lower maintenance for trusted party because multiple self-signed certs need to be maintained.

B.

Use of self-signed certificate leads to higher maintenance for trusted party because they have to act as the trusted CA

C.

Use of self-signed certificate leads to lower maintenance for trusting party because there is no trusted CA cert to maintain.

D.

Use of self-signed certificate leads to higher maintenance for trusting party because the cert needs to be added to their truststore.

Question 67

Universal Containers (UC) uses Salesforce to allow customers to keep track of the order status. The customers can log in to Salesforce using external authentication providers, such as Facebook and Google. UC is also leveraging the App Launcher to let customers access an of platform application for generating shipping labels. The label generator application uses OAuth to provide users access. What license type should an Architect recommend for the customers?

Options:

A.

Customer Community license

B.

Identity license

C.

Customer Community Plus license

D.

External Identity license

Page: 16 / 18
Exam Name: Salesforce Certified Identity andAccess Management Architect (SU24)
Last Update: Dec 22, 2024
Questions: 243
Identity-and-Access-Management-Architect pdf

Identity-and-Access-Management-Architect PDF

$25.5  $84.99
Identity-and-Access-Management-Architect Engine

Identity-and-Access-Management-Architect Testing Engine

$28.5  $94.99
Identity-and-Access-Management-Architect PDF + Engine

Identity-and-Access-Management-Architect PDF + Testing Engine

$40.5  $134.99