Salesforce Identity-and-Access-Management-Architect Salesforce Certified Identity and Access Management Architect (SU22) Exam Exam Practice Test Questions

• Question 1

  Universal Containers want users to be able to log in to the Salesforce mobile app with their Active Directory password. Employees are unable to use mobile VPN.Which two options should an identity architect recommend to meet the requirement?Choose 2 answers

  • Active Directory Password Sync Plugin
  • Configure Cloud Provider Load Balancer
  • Salesforce Trigger & Field on Contact Object
  • Salesforce Identity Connect

  Show Answer Answer: A, D Next

• Question 2

  Users logging into Salesforce are frequently prompted to verify their identity.The identity architect is required to provide recommendations so that frequency of prompt verification can be reduced.What should the identity architect recommend to meet the requirement?

  • Implement 2FA authentication for the Salesforce org.
  • Set trusted IP ranges for the organization.
  • Implement an single sign-on for Salesforce using an external identity provider.
  • Implement multi-factor authentication for the Salesforce org.

  Show Answer Answer: B Next

• Question 3

  universal container plans to develop a custom mobile app for the sales team that will use salesforce for authentication and access management. The mobile app access needs to be restricted to only the sales team. What would be the recommended solution to grant mobile app access to sales users?

  • Use a custom attribute on the user object to control access to the mobile app
  • Use connected apps Oauth policies to restrict mobile app access to authorized users.
  • Use the permission set license to assign the mobile app permission to sales users
  • Add a new identity provider to authenticate and authorize mobile users.

  Show Answer Answer: B Next

• Question 4

  Universal Containers is creating a web application that will be secured by Salesforce Identity using the OAuth 2.0 Web Server Flow uses the OAuth 2.0 authorization code grant type).Which three OAuth concepts apply to this flow?Choose 3 answers

  • Verification URL
  • Client Secret
  • Access Token
  • Scopes

  Show Answer Answer: B, C, D Next

• Question 5

  customer service representatives at Universal containers (UC) are complaining that whenever they click on links to case records and are asked to login with SAML SSO, they are being redirected to the salesforce home tab and not the specific case record. What item should an architect advise the identity team at UC to investigate first?

  • My domain is configured and active within salesforce.
  • The salesforce SSO settings are using http post
  • The identity provider is correctly preserving the Relay state
  • The users have the correct Federation ID within salesforce.

  Show Answer Answer: C Next