PrepAway - Latest Free Exam Questions & Answers

Category: Certified Identity and Access Management Designer

Exam Certified Identity and Access Management Designer

What type of Single Sign-on flow is this?

Universal Containers (UC) has implemented SAML-based Single Sign-on for their Salesforce application. UC is using PingFederate as the Identity Provider. To access Salesforce, users usually navigate to a bookmarked link to My Domain URL. What type of Single Sign-on flow is this? A. IdP-Initiated B. IdP-Initiated with Deep Linking C. SP-Initiated D. Web Server Flow

What should the Architect recommend to allow Salesforce profiles to be managed from a central system of record

Universal Containers has implemented a multi-org strategy and would like to centralize the management of their Salesforce user profiles. What should the Architect recommend to allow Salesforce profiles to be managed from a central system of record? A. Implement JIT provisioning on the SAML IdP that will pass the ProfileID in each assertion. B. Implement […]

What item should an Architect advise the identity team at UC to investigate first?

Customer Service Representatives at Universal Containers (UC) are complaining that whenever they click on links to case records and are asked to log in with SAML SSO, they are being redirected to the Salesforce Home tab and not the specific case record. What item should an Architect advise the identity team at UC to investigate […]

How can UC’s middleware authenticate to Salesforce while adhering to this requirement?

Universal Containers (UC) uses middleware to integrate multiple systems with Salesforce. UC has a strict, new requirement that usernames and passwords cannot be stored in any UC system. How can UC’s middleware authenticate to Salesforce while adhering to this requirement? A. Create a Connected App that supports the Refresh Token OAuth Flow. B. Create a […]

Which two OAuth flows should the Architect consider in their evaluation? (Choose two.)

The CIO of Universal Containers (UC) wants to start taking advantage of the refresh token capability for the UC applications that utilize OAuth 2.0. UC has enlisted an Architect to analyze all of the applications that use OAuth flows to see where refresh tokens can be applied. Which two OAuth flows should the Architect consider […]

Which three actions can AD Groups control through Identity Connect? (Choose three.)

Universal Containers (UC) has decided to use Identity Connect as its Identity Provider. UC uses Active Directory (AD) and has a team that is very familiar and comfortable with managing AD groups. UC would like to use AD Groups to help configure Salesforce users. Which three actions can AD Groups control through Identity Connect? (Choose […]

What mechanism should an Architect put in place to enable a trusted connection between the login service and S

Universal Containers (UC) is setting up delegated authentication to allow employees to log in using their corporate credentials. UC’s security team is concerned about the risks of exposing the corporate login service on the internet and has asked that a reliable trust mechanism be put in place between the login service and Salesforce. What mechanism […]

How should an Architect force users to authenticate with Two-factor Authentication (2FA) for Salesforce only w

How should an Architect force users to authenticate with Two-factor Authentication (2FA) for Salesforce only when NOT connected to an internal company network? A. Apply the “Two-factor Authentication for User Interface Logins” permission and Login IP Ranges for all Profiles. B. Add the company’s list of network IP addresses to the Login Range list under […]


Page 1 of 212