Universal containers (UC) has decided to use identity connect as it's identity provider. UC uses active directory(AD) and has a team that is very familiar and comfortable with managing ad groups. UC would like to use AD groups to help configure salesforce users. Which three actions can AD groups control through identity connect? Choose 3 answers
A. Custom permission assignment
B. Public Group Assignment
C. Permission sets assignment
D. Role Assignment
E. Granting report folder access
正解:B,C,D
質問 2:
Universal Containers (UC) is both a Salesforce and Google Apps customer. The UC IT team would like to manage the users for both systems in a single place to reduce administrative burden. Which two optimal ways can the IT team provision users and allow Single Sign-on between Salesforce and Google Apps ? Choose 2 answers
A. Use a third-party product as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
B. Use Salesforce as the Identity Provider and Google Apps as a Service Provider and configure User Provisioning for Connected Apps.
C. Build a custom app running on Heroku as the Identity Provider that can sync user information between Salesforce and Google Apps.
D. Use Identity Connect as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
正解:A,B
質問 3:
A company wants to provide its employees with a custom mobile app that accesses Salesforce. Users are required to download the internal native IOS mobile app from corporate intranet on their mobile device. The app allows flexibility to access other Non Salesforce internal applications once users authenticate with Salesforce. The apps self-authorize, and users are permitted to use the apps once they have logged into Salesforce.
How should an identity architect meet the above requirements with the privately distributed mobile app?
A. Create a new hybrid mobile app and use the connected app with OAuth to authenticate users for Salesforce and non-Salesforce internal apps.
B. Use Salesforce as an identity provider (IdP) to access the mobile app and use the external IdP for other non-Salesforce internal apps.
C. Configure Mobile App settings in connected app and Salesforce as identity provider for non-Salesforce internal apps.
D. Use connected app with OAuth and Security Assertion Markup Language (SAML) to access other Non Salesforce internal apps.
正解:C
質問 4:
A group of users try to access one of universal containers connected apps and receive the following error message : "Failed : Not approved for access". what is most likely to cause of the issue?
A. The salesforce administrators gave revoked the Oauth authorization.
B. The users do not have the correct permission set assigned to them.
C. The connected App setting "All users may self-authorize" is enabled.
D. The use of high assurance sections are required for the connected App.
正解:B
質問 5:
A global fitness equipment manufacturer is planning to sell fitness tracking devices and has the following requirements:
1) Customer purchases the device.
2) Customer registers the device using their mobile app.
3) A case should automatically be created in Salesforce and associated with the customers account in cases where the device registers issues with tracking.
Which OAuth flow should be used to meet these requirements?
A. OAuth 2.0 Asset Token Flow
B. OAuth 2.0 Username-Password Flow
C. OAuth 2.0 SAML Bearer Assertion Flow
D. OAuth 2.0 User-Agent Flow
正解:A
質問 6:
Universal Containers (UC) wants its closed Won opportunities to be synced to a Data warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is secure. What certificate is sent along with the Outbound Message?
A. The Self-signed Certificates from the Certificate & Key Management menu.
B. The default client Certificate or the Certificate and Key Management menu.
C. The default client Certificate from the Develop--> API menu.
D. The CA-signed Certificate from the Certificate and Key Management Menu.
正解:C
Shiina -
Identity-and-Access-Management-Designer試験のテキストですが、これが実に解り易い。図が多く、イメージをつかみやすい