Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Salesforce Identity and Access Management Designer Identity-and-Access-Management-Architect New Questions

Salesforce Certified Identity andAccess Management Architect (SU24) Questions and Answers

Question 17

Universal Containers (UC) would like its community users to be able to register and log in with Linkedin or Facebook Credentials. UC wants users to clearly see Facebook &Linkedin Icons when they register and login. What are the two recommended actions UC can take to achieve this Functionality? Choose 2 answers

Options:

A.

Enable Facebook and Linkedin as Login options in the login section of the Community configuration.

B.

Create custom Registration Handlers to link Linkedin and facebook accounts to user records.

C.

Store the Linkedin or Facebook user IDs in the Federation ID field on the Salesforce User record.

D.

Create custom buttons for Facebook and inkedin using JAVAscript/CSS on a custom Visualforce page.

Question 18

An Identity and Access Management (IAM) Architect is recommending Identity Connect to integrate Microsoft Active Directory (AD) with Salesforce for user provisioning, deprovisioning and single sign-on (SSO).

Which feature of Identity Connect is applicable for this scenano?

Options:

A.

When Identity Connect is in place, if a user is deprovisioned in an on-premise AD, the user's Salesforce session Is revoked Immediately.

B.

If the number of provisioned users exceeds Salesforce licence allowances, identity Connect will start disabling the existing

Salesforce users in First-in, First-out (FIFO) fashion.

C.

Identity Connect can be deployed as a managed package on salesforce org, leveraging High Availability of Salesforce Platform out-of-the-box.

D.

When configured, Identity Connect acts as an identity provider to both Active Directory and Salesforce, thus providing SSO as a default feature.

Question 19

Universal containers(UC) has implemented SAML-BASED single Sign-on for their salesforce application and is planning to provide access to salesforce on mobile devices using the salesforce1 mobile app. UC wants to ensure that single Sign-on is used for accessing the salesforce1 mobile app. Which two recommendations should the architect make? Choose 2 answers

Options:

A.

Use the existing SAML SSO flow along with user agent flow.

B.

Configure the embedded Web browser to use my domain URL.

C.

Use the existing SAML SSO flow along with Web server flow

D.

Configure the salesforce1 app to use the my domain URL

Question 20

Universal Containers (UC) has a custom, internal-only, mobile billing application for users who are commonly out of the office. The app is configured as a connected App in Salesforce. Due to the nature of this app, UC would like to take the appropriate measures to properly secure access to the app. Which two are recommendations to make the UC? Choose 2 answers

Options:

A.

Disallow the use of Single Sign-on for any users of the mobile app.

B.

Require High Assurance sessions in order to use the Connected App.

C.

Set Login IP Ranges to the internal network for all of the app users Profiles.

D.

Use Google Authenticator as an additional part of the login process