Identity-and-Access-Management-Designer Free Practice Test

Universal Containers (UC) is planning to deploy a custom mobile app that will allow users to get e-signatures from its customers on their mobile devices. The mobile app connects to Salesforce to upload the e-signature as a file attachment and uses OAuth protocol for both authentication and authorization. What is the most recommended and secure OAuth scope setting that an Architect should recommend?

1. A. Id
2. B. Web
3. C. Api
4. D. Custom_permissions

Correct Answer: D

Universal Containers (UC) wants its closed Won opportunities to be synced to a Data warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is secure. What certificate is sent along with the Outbound Message?

1. A. The Self-signed Certificates from the Certificate & Key Management menu.
2. B. The default client Certificate from the Develop--> API menu.
3. C. The default client Certificate or the Certificate and Key Management menu.
4. D. The CA-signed Certificate from the Certificate and Key Management Menu.

Correct Answer: B

Universal containers (UC) has multiple salesforce orgs and would like to use a single identity provider to access all of their orgs. How should UC'S architect enable this behavior?

1. A. Ensure that users have the same email value in their user records in all of UC's salesforce orgs.
2. B. Ensure the same username is allowed in multiple orgs by contacting salesforce support.
3. C. Ensure that users have the same Federation ID value in their user records in all of UC's salesforce orgs.
4. D. Ensure that users have the same alias value in their user records in all of UC's salesforce orgs.

Correct Answer: C

Universal Containers (UC) has a desktop application to collect leads for marketing campaigns. UC wants to extend this application to integrate with Salesforce to create leads. Integration between the desktop application and Salesforce should be seamless. What Authorization flow should the Architect recommend?

1. A. JWT Bearer Token Flow
2. B. Web Server Authentication Flow
3. C. User Agent Flow
4. D. Username and Password Flow

Correct Answer: C

Northern Trail Outfitters would like to automatically create new employee users in Salesforce with an appropriate profile that maps to its Active Directory Department.
How should an identity architect implement this requirement?

1. A. Use the createUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.
2. B. Use the updateUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.
3. C. Use a login flow to collect Security Assertion Markup Language attributes and assign the appropriate profile during Just-In-Time (JIT) provisioning.
4. D. Make a callout during the login flow to query department from Active Directory to assign the appropriate profile.

Correct Answer: B