Salesforce Identity-and-Access-Management-Architect Salesforce Certified Identity and Access Management Architect (SU22) Exam Exam Practice Test Questions

• Question 1

  Universal Containers is considering using Delegated Authentication as the sole means of Authenticating of Salesforce users. A Salesforce Architect has been brought in to assist with the implementation. What two risks Should the Architect point out? Choose 2 answers

  • Delegated Authentication is enabled or disabled for the entire Salesforce org.
  • UC will be required to develop and support a custom SOAP web service.
  • Salesforce users will be locked out of Salesforce if the web service goes down.
  • The web service must reside on a public cloud service, such as Heroku.

  Show Answer Answer: B, C Next

• Question 2

  Which three are capabilities of SAML-based Federated authentication? Choose 3 answers

  • Trust relationships between Identity Provider and Service Provider are required.
  • SAML tokens can be in XML or JSON format and can be used interchangeably.
  • Web applications with no passwords are more secure and stronger against attacks.
  • Access tokens are used to access resources on the server once the user is authenticated.
  • Centralized federation provides single point of access, control and auditing.

  Show Answer Answer: A, D, E Next

• Question 3

  Universal Containers (UC) is building a custom Innovation platform on their Salesforce instance. The Innovation platform will be written completely in Apex and Visualforce and will use custom objects to store the Data. UC would like all users to be able to access the system without having to log in with Salesforce credentials. UC will utilize a third-party idp using SAML SSO. What is the optimal Salesforce licence type for all of the UC employees?

  • Identity Licence.
  • Salesforce Licence.
  • External Identity Licence.
  • Salesforce Platform Licence.

  Show Answer Answer: D Next

• Question 4

  What is one of the roles of an Identity Provider in a Single Sign-on setup using SAML?

  • Validate token
  • Create token
  • Consume token
  • Revoke token

  Show Answer Answer: B Next

• Question 5

  Universal Containers wants to secure its Salesforce APIs by using an existing Security Assertion Markup Language (SAML) configuration supports the company's single sign-on process to Salesforce,Which Salesforce OAuth authorization flow should be used?

  • OAuth 2.0 SAML Bearer Assertion Flow
  • A SAML Assertion Row
  • OAuth 2.0 User-Agent Flow
  • OAuth 2.0 JWT Bearer Flow

  Show Answer Answer: B Next