
[Mar-2023] Salesforce Identity-and-Access-Management-Designer Exam: Basic Questions With Answers
New 2023 Realistic Free Salesforce Identity-and-Access-Management-Designer Exam Dump Questions and Answer
For more info visit:
Identity-and-Access-Management-Designer Exam Reference
Difficulty in writing Identity-and-Access-Management-Designer Exam
This is exam is very difficult for those candidates who don't practice during preparation and candidates need a lab for practicing. Then practical exposure is much required to understand the contents of the exam. So, if anyone is associated with some kinds of an organization where he has opportunities to practice but if you can't afford the lab and don't have time to practice. So, SurePassExams is the solution to this problem. We provide the best Salesforce Identity-and-Access-Management-Designer exam dumps and practice test for your preparation. Salesforce Identity-and-Access-Management-Designer exam dumps to ensure your success in the Salesforce Identity-and-Access-Management-Designer Certification Exam at first attempt. Our Salesforce Identity-and-Access-Management-Designer exam dumps are updated on regular basis. SurePassExams has given option to download some test papers questions in PDF format, alongwith, this candidates can practice test papers online using our test engine. SurePassExams provides verified questions with answers which you can expect in the exam. So, it makes easier for candidates to clear it in the first attempt itself..
NEW QUESTION 82
Universal Containers (UC) is both a Salesforce and Google Apps customer. The UC IT team would like to manage the users for both systems in a single place to reduce administrative burden. Which two optimal ways can the IT team provision users and allow Single Sign-on between Salesforce and Google Apps ? Choose 2 answers
- A. Use Identity Connect as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
- B. Use a third-party product as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
- C. Use Salesforce as the Identity Provider and Google Apps as a Service Provider and configure User Provisioning for Connected Apps.
- D. Build a custom app running on Heroku as the Identity Provider that can sync user information between Salesforce and Google Apps.
Answer: B,C
NEW QUESTION 83
architect is troubleshooting some SAML-based SSO errors during testing. The Architect confirmed that all of the Salesforce SSO settings are correct. Which two issues outside of the Salesforce SSO settings are most likely contributing to the SSO errors the Architect is encountering? Choose 2 Answers
- A. The default language for the Identity Provider and Salesforce are Different.
- B. The clock on the Identity Provider server is twenty minutes behind Salesforce.
- C. The Identity Provider is also used to SSO into five other applications.
- D. The Issuer Certificate from the Identity Provider expired two weeks ago.
Answer: B,D
NEW QUESTION 84
Universal Containers (UC) wants to build a custom mobile app for their field reps to create orders in salesforce. After the first time the users log in, they must be able to access salesforce upon opening the mobile app without being prompted to log in again. What Oauth flows should be considered to support this requirement?
- A. User Agent flow with a Refresh Token.
- B. Mobile Agent flow with a Bearer Token.
- C. SAML Assertion flow with a Bearer Token.
- D. Web Server flow with a Refresh Token.
Answer: A
NEW QUESTION 85
Universal Containers (UC) would liketo enable self-registration for their Salesforce Partner Community Users.
UC wants to capture some custom data elements from the partner user, and based on these data elements, wants to assign the appropriate Profile and Account values.
Which two actions should the Architect recommend to UC1
Choose 2 answers
- A. Configure Registration for Communities to use a custom Visualforce Page.
- B. Configure Registration for Communities to use a custom Apex Controller.
- C. Modify the SelfRegistration trigger to assign Profile and Account.
- D. Modify the CommunitiesSelfRegController to assign theProfile and Account.
Answer: A,D
NEW QUESTION 86
Northern Trail Outfitters (NTO) is planning to build a new customer service portal and wants to use passwordless login, allowing customers to login with a one-time passcode sent to them via email or SMS.
How should the quantity of required Identity Verification Credits be estimated?
- A. Identity Verification Credits are consumed with each SMS (text message) sent and should be estimated based on the number of login verification challenges for SMS verification users.
- B. Identity Verification Credits are consumed with each verification sent and should be estimated based on the number of logins that will incur a verification challenge.
- C. Each community comes with 10,000 Identity Verification Credits per month and only customers with more than 10,000 logins a month should estimate additional SMS verifications needed.
- D. Identity Verification Credits are a direct add-on license based on the number of existing member-based or login-based Community licenses.
Answer: A
NEW QUESTION 87
A security architect is rolling out a new multi-factor authentication (MFA) mandate, where all employees must go through a secure authentication process before accessing Salesforce. There are multiple Identity Providers (IdP) in place and the architect is considering how the "Authentication Method Reference" field (AMR) in the Login History can help.
Which two considerations should the architect keep in mind?
Choose 2 answers
- A. High-assurance sessions must be configured under Session Security Level Policies.
- B. Dependency on what is supported by OpenID Connect (OIDC) implementation at IdP.
- C. Both OIDC and Security Assertion Markup Language (SAML) are supported but AMR must be implemented at IdP.
- D. AMR field shows the authentication methods used at IdP.
Answer: C,D
NEW QUESTION 88
Universal containers (UC) is setting up their customer Community self-registration process. They are uncomfortable with the idea of assigning new users to a default account record. What will happen when customers self-register in the community?
- A. The self-registration page will create a new account record.
- B. The self-registration process will create a person Account record.
- C. The self-registration page will ask user to select an account.
- D. The self-registration process will produce an error to the user.
Answer: D
NEW QUESTION 89
Universal containers wants salesforce inbound Oauth-enabled integration clients to use SAML-BASED single Sign-on for authentication. What Oauth flow would be recommended in this scenario?
- A. Web server Oauth flow
- B. User-Token Oauth flow
- C. User-Agent Oauth flow
- D. SAML assertion Oauth flow
Answer: A
NEW QUESTION 90
Universal Containers (UC) uses an internal company portal for their employees to collaborate. UC decides to use Salesforce Ideas and provide the ability for employees to post ideas from the company portal. They use SAML-based SSO to get into the Company portal and would like to leverage it to access Salesforce. Most of the users don't exist in Salesforce and they would like the user records created in Salesforce Communities the first time they try to access Salesforce.
What recommendation should an Architect make to meet this requirement?
- A. Use Salesforce APIs to create users on the fly.
- B. Use On-the-Fly provisioning.
- C. Use Identity Connect to sync users.
- D. Use Just-in-Time provisioning.
Answer: D
NEW QUESTION 91
Universal Containers (UC) uses an internal company portal for their employees to collaborate. UC decides to use Salesforce Ideas and provide the ability for employees to post ideas from the company portal. They use SAML-based SSO to get into the Company portal and would like to leverage it to access Salesforce.
Most of the users don't exist in Salesforce and they would like the user records created in Salesforce Communities the first time they try to access Salesforce.
What recommendation should an Architect make to meet this requirement?
- A. Use Salesforce APIs to create users on the fly.
- B. Use On-the-Fly provisioning.
- C. Use Identity Connect to sync users.
- D. Use Just-in-Time provisioning.
Answer: D
NEW QUESTION 92
The CMO of an advertising company has invited an Identity and Access Management (IAM) specialist to discuss Salesforce out-of-box capabilities for configuring the company*s login and registration experience on Salesforce Experience Cloud.
The CMO is looking to brand the login page with the company's logo, background color, login button color, and dynamic right-frame from an external URL.
Which two solutions should the IAM specialist recommend?
Choose 2 answers
- A. Login & Registration pages can be branded in the Community Administration settings.
- B. Build custom site pages for reset and forgot password features.
- C. Use Experience Builder to build branded Reset and Forgot Password pages.
- D. Build custom pages for branding requirements in Experience Cloud.
Answer: A,C
NEW QUESTION 93
Universal Containers (UC) uses Salesforce as a CRM and identity provider (IdP) for their Sales Team to seamlessly login to intemaJ portals. The IT team at UC is now evaluating Salesforce to act as an IdP for its remaining employees.
Which Salesforce license is required to fulfill this requirement?
- A. Identity Verification
- B. Identity Connect
- C. Identity Only
- D. External Identity
Answer: C
NEW QUESTION 94
Universal Containers (UC) uses middleware to integrate multiple systems with Salesforce. UC has a strict, new requirement that usernames and passwords cannot be stored in any UC system. How can UC's middleware authenticate to Salesforce while adhering to this requirement?
- A. Create a Connected App that supports the User-Agent OAuth Flow.
- B. Create a Connected App that supports the Web Server OAuth Flow.
- C. Create a Connected App that supports the Refresh Token OAuth Flow
- D. Create a Connected App that supports the JWT Bearer Token OAuth Flow.
Answer: D
NEW QUESTION 95
A leading fitness tracker company is getting ready to launch a customer community. The company wants its customers to login to the community and connect their fitness device to their profile. Customers should be able to obtain exercise details and fitness recommendation in the community.
Which should be used to satisfy this requirement?
- A. Named Credentials
- B. OAuth Device Flow
- C. Single Sign-On Settings
- D. Login Flows
Answer: B
NEW QUESTION 96
A large consumer company is planning to create a community and will requ.re login through the customers social identity. The following requirements must be met:
1. The customer should be able to login with any of their social identities, however salesforce should only have one user per customer.
2. Once the customer has been identified with a social identity, they should not be required to authonze Salesforce.
3. The customers personal details from the social sign on need to be captured when the customer logs into Salesforce using their social Identity.
3. If the customer modifies their personal details in the social site, the changes should be updated in Salesforce .
Which two options allow the Identity Architect to fulfill the requirements?
Choose 2 answers
- A. Use authentication providers for social sign-on and use the custom registration handler to insert or update personal details.
- B. Use the custom registration handler to link social identities to Salesforce identities.
- C. Redirect the user to a custom page that allows the user to select an existing social identity for login.
- D. Use Login Flows to call an authentication registration handler to provision the user before logging the user into the community.
Answer: A,B
NEW QUESTION 97
Northern Trail Outfitters (NTO) is setting up Salesforce to authenticate users with an external identity provider. The NTO Salesforce Administrator is having trouble getting things setup.
What should an identity architect use to show which part of the login assertion is fading?
- A. Identity Provider Metadata download
- B. Connected App Manager
- C. SAML Metadata file importer
- D. Security Assertion Markup Language Validator
Answer: B
NEW QUESTION 98
......
How much Identity-and-Access-Management-Designer Exam Cost
The price of the Salesforce Identity-and-Access-Management-Designer exam is $400 USD.
Guaranteed Success in Salesforce Identity and Access Management Designer Identity-and-Access-Management-Designer Exam Dumps: https://www.surepassexams.com/Identity-and-Access-Management-Designer-exam-bootcamp.html
Identity-and-Access-Management-Designer Practice Test Engine: Try These 245 Exam Questions: https://drive.google.com/open?id=1z8Z_Uo9npLbXrEuESKLG1ZNgN2vS9QiS