Salesforce Identity-and-Access-Management-Architect 問題集

質問 1：
architect is troubleshooting some SAML-based SSO errors during testing. The Architect confirmed that all of the Salesforce SSO settings are correct. Which two issues outside of the Salesforce SSO settings are most likely contributing to the SSO errors the Architect is encountering? Choose 2 Answers
A. The clock on the Identity Provider server is twenty minutes behind Salesforce.
B. The Identity Provider is also used to SSO into five other applications.
C. The Issuer Certificate from the Identity Provider expired two weeks ago.
D. The default language for the Identity Provider and Salesforce are Different.
正解：A,C
解説: (Topexam メンバーにのみ表示されます)

質問 2：
Which two security risks can be mitigated by enabling Two-Factor Authentication (2FA) in Salesforce?
Choose 2 answers
A. Users leaving laptops unattended and not logging out of Salesforce.
B. Users choosing passwords that are the same as their Facebook password.
C. Users creating simple-to-guess password reset questions.
D. Users accessing Salesforce from a public Wi-Fi access point.
正解：B,D
解説: (Topexam メンバーにのみ表示されます)

質問 3：
Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case?
Choose 2 answers
A. The Identity provider can store credentials for multiple applications.
B. The Identity Provider can authenticate multiple applications.
C. The Identity Provider can authenticate multiple social media accounts.
D. The Identity Provider can centralize enterprise password policy.
正解：B,D
解説: (Topexam メンバーにのみ表示されます)

質問 4：
Universal Containers want users to be able to log in to the Salesforce mobile app with their Active Directory password. Employees are unable to use mobile VPN.
Which two options should an identity architect recommend to meet the requirement?
Choose 2 answers
A. Configure Cloud Provider Load Balancer
B. Salesforce Trigger & Field on Contact Object
C. Active Directory Password Sync Plugin
D. Salesforce Identity Connect
正解：C,D
解説: (Topexam メンバーにのみ表示されます)

質問 5：
Universal containers (UC) is building a mobile application that will make calls to the salesforce REST API.
Additionally, UC would like to provide the optimal experience for its mobile users. Which two OAuth scopes should UC configure in the connected App? Choose 2 answers
A. full
B. Web
C. Refresh token
D. API
正解：C,D
解説: (Topexam メンバーにのみ表示されます)

質問 6：
Universal Containers (UC) has an Experience Cloud site (Customer Community) where customers can authenticate and place orders, view the status of orders, etc. UC allows guest checkout.
Mow can a guest register using data previously collected during order placement?
A. Enable Facebook as an authentication provider and use a registration handler to collect only order details to retrieve customer data.
B. Enable self-registration and customize a self-registration page to collect only order details to retrieve customer data.
C. Enable Security Assertion Markup Language Sign-On and use a login flow to collect only order details to retrieve customer data.
D. Use a Connected App Handler Apex Plugin class to collect only order details to retrieve customer data.
正解：B
解説: (Topexam メンバーにのみ表示されます)