Salesforce Identity and Access Management Architect Dumps Questions are newly released, which are valuable for your test preparation. Salesforce Certified Identity and Access Management credential is designed for identity professionals who want to demonstrate their knowledge, skills and capabilities at assessing identity architecture; designing secure, high-performance access management solutions on the Customer 360 platform; communicating technical solutions effectively to business and technical stakeholders.
Salesforce Certified Identity and Access Management Architect Exam
To take Salesforce Certified Identity and Access Management Architect Exam, you need to have 1+ years of experience designing and implementing Identity and Access Management solutions in the Salesforce Customer 360 platform and 2+ years of identity and/or security technology experience.
Content: 60 multiple-choice/multiple-select questions
Time allotted to complete the exam: 120 minutes
Passing score: 67%
Registration fee: USD 400, plus applicable taxes as required per local law
Retake fee: USD 200, plus applicable taxes as required per local law
Delivery options: Proctored exam delivered onsite at a testing center or in an online proctored environment.
References: No hard-copy or online materials may be referenced during the exam.
Prerequisite: None
Identity and Access Management Architect Exam Outline
Salesforce Identity and Access Management Architect Exam outline covers the following objectives.
Practice Salesforce Identity and Access Management Architect Dumps Questions
1.Universal Containers (UC) is building a custom employee hut) application on Amazon Web Services (AWS) and would like to store their users' credentials there. Users will also need access to Salesforce for internal operations. UC has tasked an identity architect with evaluating Afferent solutions for authentication and authorization between AWS and Salesforce.
How should an identity architect configure AWS to authenticate and authorize Salesforce users?
A. Configure the custom employee app as a connected app.
B. Configure AWS as an OpenID Connect Provider.
C. Create a custom external authentication provider.
D. Develop a custom Auth server in AWS.
Answer: B
2.The executive sponsor for an organization has asked if Salesforce supports the ability to embed a login widget into its service providers in order to create a more seamless user experience.
What should be used and considered before recommending it as a solution on the Salesforce Platform?
A. OpenID Connect Web Server Flow. Determine if the service provider is secure enough to store the client secret on.
B. Embedded Login. Identify what level of UI customization will be required to make it match the service providers look and feel.
C. Salesforce REST apis. Ensure that Secure Sockets Layer (SSL) connection for the integration is used.
D. Embedded Login. Consider whether or not it relies on third party cookies which can cause browser compatibility issues.
Answer: D
3.Northern Trail Outfitters (NTO) utilizes a third-party cloud solution for an employee portal. NTO also owns Salesforce Service Cloud and would like employees to be able to login to Salesforce with their third-party portal credentials for a seamless expenence. The third-party employee portal only supports OAuth.
What should an identity architect recommend to enable single sign-on (SSO) between the portal and Salesforce?
A. Configure SSO to use the third party portal as an identity provider.
B. Create a custom external authentication provider.
C. Add the third-party portal as a connected app.
D. Configure Salesforce for Delegated Authentication.
Answer: A
4.Universal Containers is budding a web application that will connect with the Salesforce API using JWT OAuth Flow.
Which two settings need to be configured in the connect app to support this requirement? Choose 2 answers
A. The Use Digital Signature option in the connected app.
B. The "web" OAuth scope in the connected app,
C. The "api" OAuth scope in the connected app.
D. The "edair_api" OAuth scope m the connected app.
Answer: A,C
5.Universal containers (UC) has multiple salesforce orgs and would like to use a single identity provider to access all of their orgs.
How should UC'S architect enable this behavior?
A. Ensure that users have the same email value in their user records in all of UC's salesforce orgs.
B. Ensure the same username is allowed in multiple orgs by contacting salesforce support.
C. Ensure that users have the same Federation ID value in their user records in all of UC's salesforce orgs.
D. Ensure that users have the same alias value in their user records in all of UC's salesforce orgs.
Answer: C