次の認定試験に速く合格する！

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

Identity-and-Access-Management-Architect 無料問題集「Salesforce Certified Identity and Access Management Architect」

ページ: 1 / 14
トータル 245 問

サインアップ、ログインされた後に、試験全体を無料で表示できるようになります。

質問 1

A manufacturer wants to provide registration for an Internet of Things (IoT) device with limited display input or capabilities.
Which Salesforce OAuth authorization flow should be used?

（A）OAuth 2.0 Device Flow

（B）OAuth 2.0 JWT Bearer How

（C）OAuth 2.0 User-Agent Flow

（D）OAuth 2.0 Asset Token Flow

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

IT security at Unversal Containers (UC) us concerned about recent phishing scams targeting its users and wants to add additional layers of login protection. What should an Architect recommend to address the issue?

（A）Implement Single Sign-on using a corporate Identity store.

（B）Increase Password complexity requirements in Salesforce.

（C）Lock sessions to the IP address from which they originated.

（D）Use the Salesforce Authenticator mobile app with two-step verification

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Northern Trail Outfitters would like to automatically create new employee users in Salesforce with an appropriate profile that maps to its Active Directory Department.
How should an identity architect implement this requirement?

（A）Make a callout during the login flow to query department from Active Directory to assign the appropriate profile.

（B）Use the createUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.

（C）Use a login flow to collect Security Assertion Markup Language attributes and assign the appropriate profile during Just-In-Time (JIT) provisioning.

（D）Use the updateUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Containers (UC) has decided to implement a federated single Sign-on solution using a third-party Idp. In reviewing the third-party products, they would like to ensure the product supports the automated provisioning and deprovisioning of users. What are the underlining mechanisms that the UC Architect must ensure are part of the product?

（A）Provisioning API for both Provisioning and Deprovisioning.

（B）Just-In-time (JIT) for Provisioning; SOAP API for Deprovisioning.

（C）SOAP API for provisioning; Just-in-Time (JIT) for Deprovisioning.

（D）Just-in-Time (JIT) for both Provisioning and Deprovisioning.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

When designing a multi-branded Customer Identity and Access Management solution on the Salesforce Platform, how should an identity architect ensure a specific brand experience in Salesforce is presented?

（A）Add a custom parameter to the service provider's OAuth/SAML call and implement logic on its login page to apply branding based on the parameters value.

（B）The Experience ID, which can be included in OAuth/Open ID flows and Security Assertion Markup Language (SAML) flows as a URL parameter.

（C）The Audience ID, which can be set in a shared cookie.

（D）Provide a brand picker that the end user can use to select its sub-brand when they arrive on salesforce.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Northern Trail Outfitters manages application functional permissions centrally as Active Directory groups.
The CRM_Superllser and CRM_Reportmg_SuperUser groups should respectively give the user the SuperUser and Reportmg_SuperUser permission set in Salesforce. Salesforce is the service provider to a Security Assertion Markup Language (SAML) identity provider.
Mow should an identity architect ensure the Active Directory groups are reflected correctly when a user accesses Salesforce?

（A）Use the Apex Just-in-Time handler to query custom SAML attributes and set permission sets.

（B）Use the Apex Just-in-Time handler to query standard SAML attributes and set permission sets.

（C）Use a login flow to query standard SAML attributes and set permission sets.

（D）Use a login flow to query custom SAML attributes and set permission sets.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Northern Trail Outfitters (NTO) believes a specific user account may have been compromised. NTO inactivated the user account and needs U perform a forensic analysis and identify signals that could Indicate a breach has occurred.
What should NTO's first step be in gathering signals that could indicate account compromise?

（A）Download the Identity Provider Event Log and evaluate the details of activities performed by the user.

（B）Download the Login History and evaluate the details of logins performed by the user.

（C）Download the Setup Audit Trail and review all recent activities performed by the user.

（D）Review the User record and evaluate the login and transaction history.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Universal Containers (UC) is planning to add Wi-Fi enabled GPS tracking devices to its shipping containers so that the GPS coordinates data can be sent from the tracking device to its Salesforce production org via a custom API. The GPS devices have no direct user input or output capabilities.
Which OAuth flow should the identity architect recommend to meet the requirement?

（A）OAuth 2.0 JWT Bearer Flow for Server-to-Server Integration

（B）OAuth 2.0 Web Server Flow for Web App Integration

（C）OAuth 2.0 Username-Password Flow for Special Scenarios

（D）OAuth 2.0 Asset Token Flow for Securing Connected Devices

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Universal Containers (UC) has a Customer Community that uses Facebook for of authentication. UC would like to ensure that changes in the Facebook profile are 65. reflected on the appropriate Customer Community user. How can this requirement be met?

（A）Develop a scheduled job that calls out to Facebook on a nightly basis.

（B）Use the update User () method on the Registration Handler class.

（C）Use SAML Just-In-Time Provisioning between Facebook and Salesforce.

（D）Use information in the Signed Request that is received from Facebook.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Northern Trail Outfitters mar ages functional group permissions in a custom security application supported by a relational database and a REST service layer. Group permissions are mapped as permission sets in Salesforce.
Which action should an identity architect use to ensure functional group permissions are reflected as permission set assignments?

（A）Use the Apex JIT handler to callout to the security application and set permission sets

（B）Use the Apex Just-in-Time (JIT) handler to query the Security Assertion markup Language (SAML) attributes and set permission sets.

（C）Use a Login Flow with invocable Apex to callout to the security application and set permission sets.

（D）Use a Login Flow to query SAML attributes and set permission sets.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Under which scenario Web Server flow will be used?

（A）Used for web applications when server-side code needs to interact with APIS.

（B）Used for mobile applications and testing legacy Integrations.

（C）Used for verifying Access protected resources.

（D）Used for server-side components when page needs to be rendered.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

Universal containers (UC) is setting up Delegated Authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risk of exposing the corporate login service on the Internet and has asked that a reliable trust mechanism be put in place between the login service and salesforce. What mechanism should an architect put in place to enable a trusted connection between the login services and salesforce?

（A）Include client ID and client secret in the login header callout.

（B）Enforce mutual Authentication between systems using SSL.

（C）Require the use of Salesforce security Tokens on password.

（D）Set up a proxy server for the login service in the DMZ.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which two roles of the systems are involved in an environment where salesforce users are enabled to access Google Apps from within salesforce through App launcher and connected App set up? Choose 2 answers

（A）Salesforce is the identity provider

（B）Google is the service provider

（C）Google is the identity provider

（D）Salesforce is the service provider

正解：A、B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

Universal Containers (UC) wants to use Salesforce for sales orders and a legacy of system for order fulfillment. The legacy system must update the status of orders in 65* Salesforce in real time as they are fulfilled. UC decides to use OAuth for connecting the legacy system to Salesforce. What OAuth flow should be considered that doesn't require storing credentials, client secret or refresh tokens?

（A）User Agent flow

（B）Username-Password flow

（C）JWT Bearer Token flow

（D）Web Server flow

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

Which two security risks can be mitigated by enabling Two-Factor Authentication (2FA) in Salesforce?
Choose 2 answers

（A）Users accessing Salesforce from a public Wi-Fi access point.

（B）Users leaving laptops unattended and not logging out of Salesforce.

（C）Users choosing passwords that are the same as their Facebook password.

（D）Users creating simple-to-guess password reset questions.

正解：A、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 16

An Architect has configured a SAML-based SSO integration between Salesforce and an external Identity provider and is ready to test it. When the Architect attempts to log in to Salesforce using SSO, the Architect receives a SAML error. Which two optimal actions should the Architect take to troubleshoot the issue?

（A）Ensure the Callback URL is correctly set in the Connected Apps settings.

（B）Paste the SAML Assertion Validator in Salesforce.

（C）Use a browser that has an add-on/extension that can inspect SAML.

（D）Use the browser's Development tools to view the Salesforce page's markup.

正解：B、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 17

Universal containers(UC) wants to integrate a third-party reward calculation system with salesforce to calculate rewards. Rewards will be calculated on a schedule basis and update back into salesforce. The integration between Salesforce and the reward calculation system needs to be secure. Which are the recommended best practices for using Oauth flows in this scenario? Choose 2 answers

（A）Oauth Username-password flow

（B）Oauthjwt bearer token flow

（C）Oauth SAML bearer assertion flow

（D）Oauth refresh token flow

正解：B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 18

A consumer products company uses Salesforce to maintain consumer information, including orders. The company implemented a portal solution using Salesforce Experience Cloud for its consumers where the consumers can log in using their credentials. The company is considering allowing users to login with their Facebook or Linkedln credentials.
Once enabled, what role will Salesforce play?

（A）Salesforce will be the service provider (SP).

（B）Facebook and Linkedln will act as the IdPs and SPs.

（C）Salesforce will be the identity provider (IdP).

（D）Facebook and Linkedln will be the SPs.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

ページ: 1 / 14
トータル 245 問

Identity-and-Access-Management-Architect の機能をすべて解除する

キャプチャ不要
365日無料更新サービス
希望する合格率を設定できる
時間の割り当てられる（時間：分）
Identity-and-Access-Management-Architect に2つの練習用モード
サポートサービス対応

完全版を入手する

弊社を連絡する

我々は１２時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間：( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート：現在連絡

トップ試験

NSK101 試験問題集
ANC-201 試験問題集
C_TS462_2022 試験問題集
D-PST-DY-23 試験問題集
NetSuite-Administrator 試験問題集
156-315.81.20 試験問題集

Identity-and-Access-Management-Architect 無料問題集「Salesforce Certified Identity and Access Management Architect」

弊社を連絡する

関連リンク

トップ試験