Salesforce Identity-and-Access-Management-Architect Quiz 1 Topic 7 Questions 1-5

Question: 1

An identity architect wants to secure Salesforce APIs using Security Assertion Markup Language (SAML). For secunty purposes, administrators will need to authorize the applications that will be consuming the APIs.

Which Salesforce OAuth authorization flow should be used?

AOAuth 2-0 SAML Bearer Assertion Flow

BOAuth 2.0 JWT Bearer Flow

CSAML Assertion Flow

DOAuth 2.0 User-Agent Flow

Show Answer

Question: 2

The security team at Universal Containers (UC) has identified exporting reports as a high-risk action and would like to require users to be logged into Salesforce with their Active Directory (AD) credentials when doing so. For all other users of Salesforce, users should be allowed to use AD Credentials or Salesforce credentials. What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with Salesforce credentials?

AUse SAML Federated Authentication and block access to reports when accessed through a Standard Assurance session.

BUse SAML Federated Authentication and Custom SAML JIT Provisioning to dynamically and or remove a permission set that grants the Export Reports Permission.

CUse SAML federated Authentication, treat SAML Sessions as High Assurance, and raise the session level required for exporting reports.

DUse SAML federated Authentication with a Login Flow to dynamically add or remove a Permission Set that grants the Export Reports Permission.

Show Answer

Question: 3

Universal Containers (UC) has an existing e-commerce platform and is implementing a new customer community. They do not want to force customers to register on both applications due to concern over the customers experience. It is expected that 25% of the e-commerce customers will utilize the customer community . The e-commerce platform is capable of generating SAML responses and has an existing REST-ful API capable of managing users. How should UC create the identities of its e-commerce users with the customer community?

AUse SAML JIT in the Customer Community to create users when a user tries to login to the community from the e-commerce site.

BUse the e-commerce REST API to create users when a user self-register on the customer community and use SAML to allow SSO.

CUse a nightly batch ETL job to sync users between the Customer Community and the e-commerce platform and use SAML to allow SSO.

DUse the standard Salesforce API to create users in the Community When a User is Created in the e-Commerce platform and use SAML to allow SSO.

Show Answer

Question: 4

Universal containers (UC) uses an internal company portal for their employees to collaborate. UC decides to use salesforce ideas and provide the ability for employees to post ideas from the company portal. They use SAML-BASED SSO to get into the company portal and would like to leverage it to access salesforce. Most of the users don't exist in salesforce and they would like the user records created in salesforce communities the first time they try to access salesforce. What recommendation should an architect make to meet this requirement?

AUse on-the-fly provisioning

BUse just-in-time provisioning

CUse salesforce APIs to create users on the fly

DUse Identity connect to sync users

Show Answer

Question: 5

Universal containers (UC) is successfully using Delegated Authentication for their salesforce users. The service supporting Delegated Authentication is written in Jav

a. UC has a new CIO that is requiring all company Web services be RESR-ful and written in . NET. Which two considerations should the UC Architect provide to the new CIO? Choose 2 answers

ADelegated Authentication will not work with a.net service.

BDelegated Authentication will continue to work with rest services.

CDelegated Authentication will continue to work with a.net service.

DDelegated Authentication will not work with rest services.

Show Answer

Salesforce Identity-and-Access-Management-Architect Quiz:1 Topic:7 Questions:1-5