Northern Trail Outfitters (NTO) is planning to implement a community for its customers using Salesforce Experience Cloud. Customers are not able to self-register. NTO would like to have customers set their own passwords when provided access to the community.
Which two recommendations should an identity architect make to fulfill this requirement?
Choose 2 answers
A. Add customers as contacts and add them to Experience Cloud site.
B. Use Login Flows to allow users to reset password in Experience Cloud site.
C. Allow Password reset using the API to update Experience Cloud site membership.
D. Enable Welcome emails while configuring the Experience Cloud site.
正解:B,C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Universal Containers (UC) has implemented SAML-based Single Sign-On to provide seamless access to its Salesforce Orgs, financial system, and CPQ system. Below is the SSO implementation landscape.
What role combination is represented by the systems in this scenario''
A. Salesforce Org1 and Salesforce Org2 are the only Service Providers.
B. Salesforce Org1 and Salesforce Org2 are acting as Identity Providers.
C. Financial System and CPQ System are the only Service Providers.
D. Salesforce Org1 and PingFederate are acting as Identity Providers.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Universal Containers (UC) has an existing web application that it would like to access from Salesforce without requiring users to re-authenticate. The web application is owned UC and the UC team that is responsible for it is willing to add new javascript code and/or libraries to the application. What implementation should an Architect recommend to UC?
A. Add the web application as a ConnectedApp using OAuth User-Agent flow.
B. Rewrite the web application as a set of Visualforce pages and Apex code.
C. Create a Canvas app and use Signed Requests to authenticate the users.
D. Configure the web application as an item in the Salesforce App Launcher.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
An identity architect wants to secure Salesforce APIs using Security Assertion Markup Language (SAML).
For security purposes, administrators will need to authorize the applications that will be consuming the APIs.
Which Salesforce OAuth authorization flow should be used?
A. OAuth 2.0 JWT Bearer Flow
B. OAuth 2.0 User-Agent Flow
C. SAML Assertion Flow
D. OAuth 2-0 SAML Bearer Assertion Flow
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Universal containers (UC) has an e-commerce website while customers can buy products, make payments, and manage their accounts. UC decides to build a customer Community on Salesforce and wants to allow the customers to access the community for their accounts without logging in again. UC decides to implement ansp-Initiated SSO using a SAML-BASED complaint IDP. In this scenario where salesforce is the service provider, which two activities must be performed in salesforce to make sp-Initiated SSO work? Choose 2 answers
A. Set up my domain
B. Configure Delegated Authentication
C. Create a connected App
D. Configure SAML SSO settings.
正解:A,D
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
The CIO of universal containers(UC) wants to start taking advantage of the refresh token capability for the UC applications that utilize Oauth 2.0. UC has listed an architect to analyze all of the applications that use Oauth flows to. See where refresh Tokens can be applied. Which two OAuth flows should the architect consider in their evaluation? Choose 2 answers
A. User-Agent
B. Web server
C. Jwt bearer token
D. Username-password
正解:A,B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
What information does the 'Relaystate' parameter contain in sp-Initiated Single Sign-on?
A. Reference to the login address URL of the service provider.
B. Reference to a URL redirect parameter at the service provider.
C. Reference to a URL redirect parameter at the identity provider.
D. Reference to the login address URL of the identity Provider.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Shimamoto -
ギリギリ合格できました。Identity-and-Access-Management-Architect試験直前の決定版だね!