Describe the Role(s) an Identity Provider and Service Provider Play in an Access Control Solution
主題 2
Access Management Best Practices
Describe the Risks that Two-Factor Authentication Mechanisms Aim to Mitigate
主題 3
Describe the Various Implementation Concepts of OAuth
Given a Scenario, Recommend the Salesforce Technologies That Should be Used to Provide Identity to the Third-Party System
主題 4
Describe the role(s) Identity Connect Plays in an Identity Management Solution.
主題 5
Given a Scenario, Recommend the Appropriate Method for Provisioning Users in Salesforce and Other Third-Party Services
主題 6
Accepting Third-Party Identity in Salesforce
Describe the Risks of Implementing Delegated Authentication, Components of a Delegated Authentication Solution
主題 7
Describe the Components of an Identity Management Solution Where Salesforce is Accepting Identity from a Third Party
主題 8
Given a Scenario, Recommend the Appropriate Authentication Mechanism When Salesforce Needs to Accept Third-Party Identity
主題 9
Describe the Risks to Enterprise Security that Federated Single Sign-on Solutions Aim to Address
主題 10
Given a Scenario, Recommend the Most Appropriate Salesforce License Type(s) to Support the Identity Requirements
主題 11
Given a Scenario, Troubleshoot Common Points of Failure that May be Encountered in a Single Sign-On Solution
主題 12
Given a Scenario, Determine the Most Appropriate Two-Factor Authentication Mechanism for An Identity Solution
主題 13
Given a Scenario, Identify the Risks and Mitigation Strategies that Session Security and Two-Factor Authentication Enable
最新的 Salesforce Identity and Access Management Designer Identity-and-Access-Management-Designer 免費考試真題 (Q170-Q175):
問題 #170 Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which twocapabilities of an Identity Provider should the Architect detail to help strengthen the business case? Choose 2 answers
A. The Identity Provider can authenticate multiple applications.
B. The Identity Provider can centralize enterprise password policy.
C. The Identity provider can store credentials for multiple applications.
D. The Identity Provider can authenticate multiple social media accounts.
答案:A,B 問題 #171 Universal containers (UC) has a mobile application that calls the salesforce REST API. In order to prevent users from having to enter their credentials everytime they use the app, UC has enabled the use of refresh Tokens as part of the salesforce connected App and updated their mobile app to take advantage of the refresh token. Even after enabling the refresh token, Users are still complaining that they have to enter their credentials once a day. What is the most likely cause of the issue?
A. The refresh token expiration policy is set incorrectly in salesforce
B. The Oauth authorizations are being revoked by a nightly batch job.
C. The users forget to check the box to remember their credentials.
D. The app is requesting too many access Tokens in a 24-hour period
答案:A 問題 #172 What are three capabilities of Delegated Authentication? Choose 3 answers
A. It can connect to SOAP services.
B. It can be assigned by Permission Sets.
C. It can be assigned by Custom Permissions.
D. It can connectto REST services.
E. It can be assigned by Profiles.
答案:A,B,D 問題 #173 Which two security risks can be mitigated by enabling Two-Factor Authentication (2FA) in Salesforce? Choose 2 answers
A. Users accessing Salesforce from a public Wi-Fi access point.
B. Users leaving laptops unattended and not logging out of Salesforce.
C. Users creating simple-to-guess password reset questions.
D. Users choosing passwords that are the same as their Facebook password.
答案:A,D 問題 #174 Universal Containers (UC) has implemented SAML-based Single Sign-on for their Salesforce application and is planning to use the Salesforce mobile app. UC wants to ensure that Single Sign-on is used for accessing the Salesforce mobile app. Which two recommendations should the Architect make? (Choose two.)
A. Configure the Embedded Web Browser to use My Domain URL.
B. Configure the Salesforce App to use the My Domain URL.
C. Use the existing SAML SSO flow along with User Agent Flow.
D. Use the existing SAML SSO flow along with Web Server Flow.