11.11 Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Identity and Access Management Designer Identity-and-Access-Management-Architect Updated Exam

Salesforce Certified Identity andAccess Management Architect (SU24) Questions and Answers

Question 25

Universal containers (UC) has implemented SAML SSO to enable seamless access across multiple applications. UC has regional salesforce orgs and wants it's users to be able to access them from their main Salesforce org seamless. Which action should an architect recommend?

Options:

A.

Configure the main salesforce org as an Authentication provider.

B.

Configure the main salesforce org as the Identity provider.

C.

Configure the regional salesforce orgs as Identity Providers.

D.

Configure the main Salesforce org as a service provider.

Question 26

Universal Containers (UC) has implemented SAML-based Single Sign-On to provide seamless access to its Salesforce Orgs, financial system, and CPQ system. Below is the SSO implementation landscape.

What role combination is represented by the systems in this scenario''

Options:

A.

Financial System and CPQ System are the only Service Providers.

B.

Salesforce Org1 and Salesforce Org2 are the only Service Providers.

C.

Salesforce Org1 and Salesforce Org2 are acting as Identity Providers.

D.

Salesforce Org1 and PingFederate are acting as Identity Providers.

Question 27

A technology enterprise is planning to implement single sign-on login for users. When users log in to the Salesforce User object custom field, data should be populated for new and existing users.

Which two steps should an identity architect recommend?

Choose 2 answers

Options:

A.

Implement Auth.SamlJitHandler Interface.

B.

Create and update methods.

C.

Implement RegistrationHandler Interface.

D.

Implement SesslonManagement Class.

Question 28

A global company's Salesforce Identity Architect is reviewing its Salesforce production org login history and is seeing some intermittent Security Assertion Markup Language (SAML SSO) 'Replay Detected and Assertion Invalid' login errors.

Which two issues would cause these errors?

Choose 2 answers

Options:

A.

The subject element is missing from the assertion sent to salesforce.

B.

The certificate loaded into SSO configuration does not match the certificate used by the IdP.

C.

The current time setting of the company's identity provider (IdP) and Salesforce platform is out of sync by more than eight minutes.

D.

The assertion sent to 5alesforce contains an assertion ID previously used.