Salesforce Identity-and-Access-Management-Designer 問題集

質問 1：
Universal Containers (UC) wants its closed Won opportunities to be synced to a Data Warehouse in near real time. UC has implemented Outbound Message to enable near real-time data sync. UC wants to ensure that communication between Salesforce and Target System is Secure. What Certificate is sent along with the Outbound Message?
A. The CA-Signed Certificate from the Certificate and Key Management menu.
B. The default Client Certificate or a Certificate from Certificate and Key Management menu.
C. The default Client Certificate from the Develop--> API Menu.
D. The Self-Signed Certificates from the Certificate & Key Management menu.
正解：C

質問 2：
Universal Containers (UC) is building an authenticated Customer Community for its customers. UC does not want customer credentials stored in Salesforce and is confident its customers would be willing to use their social media credentials to authenticate to the community. Which two actions should an Architect recommend UC to take?
A. Configure SSO Settings For Facebook to serve as a SAML Identity Provider.
B. Configure an Authentication Provider for LinkedIn Social Media Accounts.
C. Create a Custom Apex Registration Handler to handle new and existing users.
D. Use Delegated Authentication to call the Twitter login API to authenticate users.
正解：B,C

質問 3：
A client is planning to rollout multi-factor authentication (MFA) to its internal employees and wants to understand which authentication and verification methods meet the Salesforce criteria for secure authentication.
Which three functions meet the Salesforce criteria for secure mfa?
Choose 3 answers
A. Third-party single sign-on with Mobile Authenticator app
B. Lightning Login
C. Certificate-based Authentication
D. Username and password + secunty key
E. username and password + SMS passcode
正解：A,B,D

質問 4：
Universal Container's (UC) identity architect needs to recommend a license type for their new Experience Cloud site that will be used by external partners (delivery providers) for reviewing and updating their accounts, downloading files provided by UC and obtaining scheduled pickup dates from their calendar.
UC is using their Salesforce production org as the identity provider for these users and the expected number of individual users is 2.5 million with 13.5 million unique logins per month.
Which of the following license types should be used to meet the requirement?
A. External Apps License
B. Customer Community plus Login License
C. Partner Community Login License
D. Partner Community License
正解：B

質問 5：
Universal containers (UC) wants to implement Delegated Authentication for a certain subset of Salesforce users. Which three items should UC take into consideration while building the Web service to handle the Delegated Authentication request? Choose 3 answers
A. The return type of the Web service method should be a Boolean value
B. The web service needs to include Source IP as a method parameter.
C. The web service can be written using either the soap or rest protocol.
D. Delegated Authentication is enabled for the system administrator profile.
E. UC should whitelist all salesforce ip ranges on their corporate firewall.
正解：A,B,E

質問 6：
After a recent audit, universal containers was advised to implement Two-factor Authentication for all of their critical systems, including salesforce. Which two actions should UC consider to meet this requirement? Choose 2 answers
A. Require users to provide their RSA token along with their credentials.
B. Require users to supply their email and phone number, which gets validated.
C. Require users to enter a second password after the first Authentication
D. Require users to use a biometric reader as well as their password
正解：A,D

質問 7：
Universal Containers (UC) is considering a Customer 360 initiative to gain a single source of the truth for its customer data across disparate systems and services. UC wants to understand the primary benefits of Customer 360 Identity and how it contributes ato successful Customer 360 Truth project.
What are two are key benefits of Customer 360 Identity as it relates to Customer 360?
Choose 2 answers
A. Customer 360 Identity automatically integrates with Customer 360 Data Manager and Customer 360 Audiences to seamlessly populate all user data.
B. Customer 360 Identity supports multiple brands so you can deliver centralized identity services and correlation of user activity, even if it spans multiple corporate brands and user experiences.
C. Customer 360 Identity enables an organization to build a single login for each of its customers, giving the organization an understanding of the user's login activity across all its digital properties and applications.
D. Customer 360 Identity not only provides a unified sign up and sign in experience, but also tracks anonymous user activity prior to signing up so organizations can understand user activity before and after the users identify themselves.
正解：B,C

質問 8：
Northern Trail Outfitters would like to automatically create new employee users in Salesforce with an appropriate profile that maps to its Active Directory Department.
How should an identity architect implement this requirement?
A. Make a callout during the login flow to query department from Active Directory to assign the appropriate profile.
B. Use a login flow to collect Security Assertion Markup Language attributes and assign the appropriate profile during Just-In-Time (JIT) provisioning.
C. Use the createUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.
D. Use the updateUser method in the Just-in-Time (JIT) provisioning registration handler to assign the appropriate profile.
正解：D