Contact Us
FAQ's
Login / Register

Home
FORUM
All Vendors
Guarantee
Testimonials
Cart (0)

Salesforce Certified Identity and Access Management Architect - Identity-and-Access-Management-Architect Exam Practice Test

Page: 1 / 14
Total 112 questions

Please signup / login to view this exam, then you will be able to view the entire exam for free.

Get Full Access Now

Question 1

Universal Containers want users to be able to log in to the Salesforce mobile app with their Active Directory password. Employees are unable to use mobile VPN.
Which two options should an identity architect recommend to meet the requirement?
Choose 2 answers

A. Salesforce Trigger & Field on Contact Object B. Active Directory Password Since Plugin C. Configure Cloud Provider Load Balancer D. Salesforce Identity Connect

Discussion 0

Correct Answer: B,D Vote an answer

Question 2

An identity architect ' s client has a homegrown identity provider (IdP). Salesforce is used as the service provider (SP). The head of IT is worried that during a SP initiated single sign-on (SSO), the Security Assertion Markup Language (SAML) request content will be altered.
What should the identity architect recommend to make sure that there is additional trust between the SP and the IdP?

A. Encrypt the SAML Request using certification authority (CA) signed certificate and decrypt on IdP. B. Ensure that there is an HTTPS connection between IDP and SP. C. Ensure that on the SSO settings page, the " Request Signing Certificate " field has a selfsigned certificate. D. Ensure that the Issuer and Assertion Consumer Service (ACS) URL is properly configured between SP and IDP.

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Question 3

Universal Containers (UC) rolling out a new Customer Identity and Access Management Solution will be built on top of their existing Salesforce instance. Several service providers have been setup and integrated with Salesforce using OpenID Connect to allow for a seamless single sign-on experience. UC has a requirement to limit users to sign on directly from the Salesforce org to the external Service provider app that accepts OpenID Connect.
Which two steps should be done on the platform to satisfy the requirement?
Choose 2 answers

A. Manage which connected apps a user has access to by assigning authentication providers to the users profile. B. Set each of the Connected App access settings to Admin Pre-Approved. C. Use Profiles and Permission Sets to assign user access to Admin Pre-Approved Connected Apps. D. Assign the connected app to the customer community, and enable the users profile in the Community settings.

Discussion 0

Correct Answer: B,C Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Question 4

Northern Trail Outfitters (NTO) would like to use a portal built on Salesforce Experience Cloud for customer self-service. Guests of the portal should be able to self-register, but be unable to automatically be assigned to a contact record until verified. External Identity licenses have been purchased for the project.
After registered guests complete an onboarding process, a flow will create the appropriate account and contact records for the user.
Which three steps should an identity architect follow to implement the outlined requirements?
Choose 3 answers

A. Select new customers and partners to self-register. B. Customize the self-registration Apps handler to temporarily associate the user to a shared single contact record. C. Customize the self-registration Apps handler to create only the user record. D. Select the "Configurable Self-Reg Page" option under Login & Registration. E. Set up an external login page and call Salesforce APIs for user creation.

Discussion 0

Correct Answer: A,C,D Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Question 5

Universal Containers (UC) has an Experience Cloud site (Customer Community) where customers can authenticate and place orders, view the status of orders, etc. UC allows guest checkout.
How can a guest register using data previously collected during order placement?

A. Enable self-registration and customize a self-registration page to collect only order details to retrieve customer data. B. Enable Facebook as an authentication provider and use a registration handler to collect only order details to retrieve customer data. C. Use a Connected App Handler. Apex Plugin class to collect only order details to retrieve customer data. D. Enable Security Assertion Markup Language (SAML) Sign-On and use a login flow to collect only order details to retrieve customer data.

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Question 6

Universal Containers is creating a mobile application that will be secured by Salesforce Identity using the OAuth 2.0 user-agent flow (this flow uses the OAuth 2.0 implicit grant type). Which three OAuth concepts apply to this flow?
Choose 3 answers

A. Verification Code B. Refresh Token C. Client ID D. Authorization Code E. Scopes

Discussion 0

Correct Answer: B,C,E Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Question 7

Universal Containers want users to be able to log in to the Salesforce mobile app with their Active Directory password. Employees are unable to use mobile VPN.
Which two options should an identity architect recommend to meet the requirement?
Choose 2 answers

A. Salesforce Trigger & Field on Contact Object B. Active Directory Password Since Plugin C. Configure Cloud Provider Load Balancer D. Salesforce Identity Connect

Discussion 0

Correct Answer: B,D Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Question 8

Universal Containers allows employees to use a mobile device to access Salesforce for daily operations using a hybrid mobile app. This app uses Mobile software development kits (SDK), leverages refresh token to regenerate access token when required and is distributed as a private app.
The chief security officer is rolling out an org wide compliance policy to enforce re verification of devices if an employee has not logged in from that device in the last week.
Which connected app setting should be leveraged to comply with this policy change?

A. Permitted User - Ask admins to maintain a list of users who are permitted based on last login date. B. Session Policy - Set timeout value of the connected app to 7 days. C. Refresh Token Policy - Expire the refresh token if it has not been used for 7 days. D. Scope - Deny refresh_token scope for this connected app.

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for PassTestking members. You can sign-up / login (it's free).

Page: 1 / 14
Total 112 questions

Unlock all Identity-and-Access-Management-Architect features

No captcha needed
365 Days Free Updates
Set your Desired Pass Percentage
Allocate Time (Hours : Minutes)
Two Modes For Identity-and-Access-Management-Architect Practice
Customer Support

Get Full Access Now

Get in Touch

PassTestking

Our Exam Dumps will provide you with the free demo before you purchase. Our Practice Questions can help you improve your professional ability. Our Study Material provide you with excellent prepare materials for you to pass the exam and get the certification.

Latest Practice Tests

300-120 Practice Test
MS-102 Practice Test
250-605 Practice Test
NSE8_813 Practice Test
1Z0-948 Practice Test
PgMP Practice Test

Useful Links

All Products
FAQs
Privacy Policy
Guarantee & Refund Policy
Terms & Conditions
How to buy?
About Us

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 PASSTESTKING.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.