[2026] Salesforce Certified Identity and Access Management Designer - Identity-and-Access-Management-Designer 무료 시험 문제

문제1

Universal containers (UC) wants to implement Delegated Authentication for a certain subset of Salesforce users. Which three items should UC take into consideration while building the Web service to handle the Delegated Authentication request? Choose 3 answers

A. The return type of the Web service method should be a Boolean value

B. The web service can be written using either the soap or rest protocol.

C. UC should whitelist all salesforce ip ranges on their corporate firewall.

D. The web service needs to include Source IP as a method parameter.

E. Delegated Authentication is enabled for the system administrator profile.

정답: A,C,D

문제2

Universal Containers (UC) uses middleware to integrate multiple systems with Salesforce. UC has a strict, new requirement that usernames and passwords cannot be stored in any UC system. How can UC's middleware authenticate to Salesforce while adhering to this requirement?

A. Create a Connected App that supports the Web Server OAuth Flow.

B. Create a Connected App that supports the JWT Bearer Token OAuth Flow.

C. Create a Connected App that supports the User-Agent OAuth Flow.

D. Create a Connected App that supports the Refresh Token OAuth Flow

정답: B

문제3

A farming enterprise offers smart farming technology to its farmer customers, which includes a variety of sensors for livestock tracking, pest monitoring, climate monitoring etc. They plan to store all the data in Salesforce. They would also like to ensure timely maintenance of the Installed sensors. They have engaged a salesforce Architect to propose an appropriate way to generate sensor Information In Salesforce.
Which OAuth flow should the architect recommend?

A. OAuth 2.0 JWT Bearer Token Flow

B. OAuth 2.0 Device Authentication Row

C. OAuth 2.0 Asset Token Flow

D. OAuth 2.0 SAML Bearer Assertion Flow

정답: C

문제4

Northern Trail Outfitters is implementing a busmess-to-business (B2B) collaboration site using Salesforce Experience Cloud. The partners will authenticate with an existing identity provider and the solution will utilize Security Assertion Markup Language (SAML) to provide single sign-on to Salesforce. Delegated administration will be used in the Expenence Cloud site to allow the partners to administer their users' access.
How should a partner identity be provisioned in Salesforce for this solution?

A. Create only a contact.

B. Create a user and a related contact.

C. Create a contactless user.

D. Create a person account.

정답: B

문제5

Universal containers (UC) has implemented a multi-org strategy and would like to centralize the management of their salesforce user profiles. What should the architect recommend to allow salesforce profiles to be managed from a central system of record?

A. Implement Delegated Authentication that will update the user profiles as necessary.

B. Implement jit provisioning on the SAML IDP that will pass the profile id in each assertion.

C. Create an apex scheduled job in one org that will synchronize the other orgs profile.

D. Implement an Oauthjwt flow to pass the profile credentials between systems.

정답: B

문제6

Universal Containers (UC) is implementing Salesforce and would like to establish SAML SSO for its users to log in. UC stores its corporate user identities in a Custom Database. The UC IT Manager has heard good things about Salesforce Identity Connect as an Idp, and would like to understand what limitations they may face if they decided to use Identity Connect in their current environment. What limitation Should an Architect inform the IT Manager about?

A. Identity connect is not compatible with UC's current identity environment.

B. Identity Connect will only support SP-initiated SAML flows in UC's current environment.

C. Identity Connect will only support Idp-initiated SAML flows in UC's current environment.

D. Identity Connect will not support user provisioning in UC's current environment.

정답: D

문제7

Universal Containers (UC) wants to implement SAML SSO for their internal of Salesforce users using a third-party IdP. After some evaluation, UC decides NOT to 65« set up My Domain for their Salesforce org. How does that decision impact their SSO implementation?

A. SP-initiated SSO will NOT work

B. Neither SP- nor IdP-initiated SSO will work.

C. Either SP- or IdP-initiated SSO will work.

D. IdP-initiated SSO will NOT work.

정답: B

문제8

Universal containers(UC) has a customer Community that uses Facebook for authentication. UC would like to ensure that changes in the Facebook profile are reflected on the appropriate customer Community user. How can this requirement be met?

A. Use SAML just-in-time provisioning between Facebook and Salesforce

B. Use the updateuser() method on the registration handler class.

C. Use information in the signed request that is received from Facebook.

D. Develop a schedule job that calls out to Facebook on a nightly basis.

정답: B

문제9

A financial services company uses Salesforce and has a compliance requirement to track information about devices from which users log in. Also, a Salesforce Security Administrator needs to have the ability to revoke the device from which users log in.
What should be used to fulfill this requirement?

A. Use the Login History object to track information about devices from which users log in.

B. Use the Activations feature to meet the compliance requirement to track device information.

C. Use multi-factor authentication (MFA) to meet the compliance requirement to track device information.

D. Use Login Flows to capture device from which users log in and store device and user information in a custom object.

정답: B

문제10

An Architect needs to advise the team that manages the Identity Provider how to differentiate Salesforce from other Service Providers. What SAML SSO setting in Salesforce provides this capability?

A. SAML Identity Location.

B. Issuer.

C. Entity Id

D. Identity Provider Login URL.

정답: C

문제11

A web service is developed that allows secure access to customer order status on the Salesforce Platform, The service connects to Salesforce through a connected app with the web server flow. The following are the required actions for the authorization flow:
1. User Authenticates and Authorizes Access
2. Request an Access Token
3. Salesforce Grants an Access Token
4. Request an Authorization Code
5. Salesforce Grants Authorization Code
What is the correct sequence for the authorization flow?

A. 1, 4, 5, 2, 3

B. 4, 1, 5, 2, 3

C. 2, 1, 3, 4, 5

D. 4,5,2, 3, 1

정답: D

Salesforce Certified Identity and Access Management Designer - Identity-and-Access-Management-Designer무료 덤프문제 풀어보기

우리와 연락하기

유용한 링크

최신 업데이트