Identity-and-Access-Management-Designer Salesforce Exam Questions and Free Practice Test

Question 7

Northern Trail Outfitters is implementing a busmess-to-business (B2B) collaboration site using Salesforce Experience Cloud. The partners will authenticate with an existing identity provider and the solution will utilize Security Assertion Markup Language (SAML) to provide single sign-on to Salesforce. Delegated administration will be used in the Expenence Cloud site to allow the partners to administer their users' access.
How should a partner identity be provisioned in Salesforce for this solution?

A. Create only a contact.

B. Create a contactless user.

C. Create a user and a related contact.

D. Create a person account.

Correct Answer:C

Question 8

A group of users try to access one of universal containers connected apps and receive the following error message : "Failed : Not approved for access". what is most likely to cause of the issue?

A. The use of high assurance sections are required for the connected App.

B. The users do not have the correct permission set assigned to them.

C. The connected App setting "All users may self-authorize" is enabled.

D. The salesforce administrators gave revoked the Oauth authorization.

Correct Answer:B

Question 9

Universal Containers is using OpenID Connect to enable a connection from their new mobile app to its production Salesforce org.
What should be done to enable the retrieval of the access token status for the OpenID Connect connection?

A. Query using OpenID Connect discovery endpoint.

B. A Leverage OpenID Connect Token Introspection.

C. Create a custom OAuth scope.

D. Enable cross-origin resource sharing (CORS) for the /services/oauth2/token endpoint.

Correct Answer:B

Question 10

What is one of the roles of an Identity Provider in a Single Sign-on setup using SAML?

A. Validate token

B. Create token

C. Consume token

D. Revoke token

Correct Answer:B

Question 11

Universal Containers (UC) would like to enable self-registration for their Salesforce Partner Community Users. UC wants to capture some custom data elements from the partner user, and based on these data elements, wants to assign the appropriate Profile and Account values.
Which two actions should the Architect recommend to UC1 Choose 2 answers

A. Configure Registration for Communities to use a custom Visualforce Page.

B. Modify the SelfRegistration trigger to assign Profile and Account.

C. Modify the CommunitiesSelfRegController to assign the Profile and Account.

D. Configure Registration for Communities to use a custom Apex Controller.

Correct Answer:AC

Question 12

Universal Containers (UC) has a Desktop application to collect leads for marketing campaigns. UC wants to extend this application to integrate with Salesforce to create leads. Integration between the desktop application and salesforce should be seamless. What Authorization flow should the Architect recommend?

A. JWT Bearer Token flow

B. Web Server Authentication Flow

C. User Agent Flow

D. Username and Password Flow

Correct Answer:C

START Identity-and-Access-Management-Designer EXAM