Free Access Salesforce.Identity-and-Access-Management-Architect.v2023-02-25.q77 Practice Test (Page 13)

Question 56

An identity architect has built a native mobile application and plans to integrate it with a Salesforce Identity solution. The following are the requirements for the solution:
1. Users should not have to login every time they use the app.
2. The app should be able to make calls to the Salesforce REST API.
3. End users should NOT see the OAuth approval page.
How should the identity architect configure the Salesforce connected app to meet the requirements?

A.Enable the Full Access Scope and then set the connected app access settings to "Admin Pre-Approved".

B.Enable the API Scope and Offline Access Scope, upload a certificate so JWT Bearer Flow can be used and then set the connected app access settings to "Admin Pre-Approved".

C.Enable the API Scope and Offline Access Scope on the connected app, and then set the connected app to access settings to 'Admin Pre-Approved".

D.Enable the API Scope and Offline Access Scope on the connected app, and then set the Connected App access settings to "User may self authorize".

Question 57

Universal Containers (UC) is implementing Salesforce and would like to establish SAML SSO for its users to log in. UC stores its corporate user identities in a Custom Database. The UC IT Manager has heard good things about Salesforce Identity Connect as an Idp, and would like to understand what limitations they may face if they decided to use Identity Connect in their current environment. What limitation Should an Architect inform the IT Manager about?

A.Identity connect is not compatible with UC's current identity environment.

B.Identity Connect will not support user provisioning in UC's current environment.

C.Identity Connect will only support Idp-initiated SAML flows in UC's current environment.

D.Identity Connect will only support SP-initiated SAML flows in UC's current environment.

Question 58

Universal containers (UC) has decided to use identity connect as it's identity provider. UC uses active directory(AD) and has a team that is very familiar and comfortable with managing ad groups. UC would like to use AD groups to help configure salesforce users. Which three actions can AD groups control through identity connect? Choose 3 answers

A.Role Assignment

B.Permission sets assignment

C.Custom permission assignment

D.Public Group Assignment

E.Granting report folder access

Question 59

The executive sponsor for an organization has asked if Salesforce supports the ability to embed a login widget into its service providers in order to create a more seamless user experience.
What should be used and considered before recommending it as a solution on the Salesforce Platform?

A.Salesforce REST apis. Ensure that Secure Sockets Layer (SSL) connection for the integration is used.

B.Embedded Login. Consider whether or not it relies on third party cookies which can cause browser compatibility issues.

C.OpenID Connect Web Server Flow. Determine if the service provider is secure enough to store the client secret on.

D.Embedded Login. Identify what level of UI customization will be required to make it match the service providers look and feel.

Question 60

Northern Trail Outfitters (NTO) leverages Microsoft Active Directory (AD) for management of employee usernames, passwords, permissions, and asset access. NTO also owns a third-party single sign-on (SSO) solution. The third-party party SSO solution is used for all corporate applications, including Salesforce.
NTO has asked an architect to explore Salesforce Identity Connect for automatic provisioning and deprovisiorung of users in Salesforce.
What role does identity Connect play in the outlined requirements?

A.Identity Provider

B.User Management

C.Single Sign-On

D.Service Provider

Other Version: 1239Salesforce.Identity-and-Access-Management-Architect.v2024-03-01.q145

Latest Upload: 107Oracle.1z0-1196-25.v2025-09-12.q18; 106NetworkAppliance.NS0-162.v2025-09-12.q86; 146OCEG.GRCP.v2025-09-11.q211; 107HP.HPE0-V27.v2025-09-11.q78; 123Oracle.1Z0-1057-23.v2025-09-10.q47; 157Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 137SAP.C-S4EWM-2023.v2025-09-08.q83; 182TheSecOpsGroup.CNSP.v2025-09-08.q20; 262CFAInstitute.ESG-Investing.v2025-09-08.q173; 250PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132

Question 56

Question 57

Question 58

Question 59

Question 60

Download PDF File