Dumps4free
Discount Offer
Go Back on Identity-and-Access-Management-Architect Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99



Pass exam with Dumps4free or we will provide you with three additional months of access for FREE.

Identity-and-Access-Management-Architect Practice Test

Whether you're a beginner or brushing up on skills, our Identity-and-Access-Management-Architect practice exam is your key to success. Our comprehensive question bank covers all key topics, ensuring you’re fully prepared.


Page 9 out of 51 Pages

Northern Trail Outfitters (NTO) is launching a new sportswear brand on its existing consumer portal built on Salesforce Experience Cloud. As part of the launch, emails with promotional links will be sent to existing customers to log in and claim a discount. The marketing manager would like the portal dynamically branded so that users will be directed to the brand link they clicked on; otherwise, users will view a recognizable NTO￾branded page. The campaign is launching quickly, so there is no time to procure any additional licenses. However, the development team is available to apply any required changes to the portal.

Which approach should the identity architect recommend?


A. Create a full sandbox to replicate the portal site and update the branding accordingly.


B. Implement Experience ID in the code and extend the URLs and endpoints, as required.


C. Use Heroku to build the new brand site and embedded login to reuse identities.


D. Configure an additional community site on the same org that is dedicated for the new brand





B.   Implement Experience ID in the code and extend the URLs and endpoints, as required.

Explanation

To dynamically brand the portal so that users will be directed to the brand link they clicked on, the identity architect should recommend implementing Experience ID in the code and extending the URLs and endpoints, as required. Experience ID is a parameter that can be used to identify different brands or experiences within a single Experience Cloud site (formerly known as Community).

Dynamic branding is a feature that allows Experience Cloud sites to display different branding elements, such as logos, colors,or images, based on the Experience ID or other criteria. By implementing Experience ID in the code, the identity architect can provide a consistent and personalized brand experience for each user without creating multiple sites or sandboxes.

References: Experience ID, Dynamic Branding for Experience Cloud Sites

Northern Trail Outfitters manages application functional permissions centrally as Active Directory groups. The CRM_Superllser and CRM_Reportmg_SuperUser groups should respectively give the user the SuperUser and Reportmg_SuperUser permission set in Salesforce. Salesforce is the service provider to a Security Assertion Markup Language (SAML) identity provider.
Mow should an identity architect ensure the Active Directory groups are reflected correctly when a user accesses Salesforce?


A. Use the Apex Just-in-Time handler to query standard SAML attributes and set permission sets.


B. Use the Apex Just-in-Time handler to query custom SAML attributes and set permission sets.


C. Use a login flow to query custom SAML attributes and set permission sets.


D. Use a login flow to query standard SAML attributes and set permission sets.





B.   Use the Apex Just-in-Time handler to query custom SAML attributes and set permission sets.

Universal Containers is implementing Salesforce Identity to broker authentication from its enterprise single sign-on (SSO) solution through Salesforce to third party applications using SAML.
What rote does Salesforce Identity play in its relationship with the enterprise SSO system?


A. Identity Provider (IdP)


B. Resource Server


C. Service Provider (SP)


D. Client Application





C.   Service Provider (SP)

Explanation: To broker authentication from its enterprise SSO solution through Salesforce to third party applications using SAML, Salesforce Identity plays the role of a Service Provider (SP). A SP is an entity that relies on an Identity Provider (IdP) to authenticate and authorize users. In this scenario, the enterprise SSO solution is the IdP, Salesforce is the SP, and the third party applications are the Resource Servers or Client Applications. The SP receives a SAML assertion from the IdP and uses it to obtain an access token from the Resource Server or Client Application. References: SAML Single Sign-On Settings, Authorize Apps with OAuth

Universal Containers is considering using Delegated Authentication as the sole means of Authenticating of Salesforce users. A Salesforce Architect has been brought in to assist with the implementation. What two risks Should the Architect point out? Choose 2 answers


A. Delegated Authentication is enabled or disabled for the entire Salesforce org.


B. UC will be required to develop and support a custom SOAP web service.


C. Salesforce users will be locked out of Salesforce if the web service goes down.


D. The web service must reside on a public cloud service, such as Heroku.





B.   UC will be required to develop and support a custom SOAP web service.

C.   Salesforce users will be locked out of Salesforce if the web service goes down.

Universal Containers (UC) wants to use Salesforce for sales orders and a legacy of system for order fulfillment. The legacy system must update the status of orders in 65* Salesforce in real time as they are fulfilled. UC decides to use OAuth for connecting the legacy system to Salesforce. What OAuth flow should be considered that doesn't require storing credentials, client secret or refresh tokens?


A. Web Server flow


B. JWT Bearer Token flow


C. Username-Password flow


D. User Agent flow





B.   JWT Bearer Token flow


Page 9 out of 51 Pages
Previous