Free Access Salesforce.Identity-and-Access-Management-Architect.v2024-03-01.q145 Practice Test (Page 30)

Question 141

which three are features of federated Single Sign-on solutions? Choose 3 answers

A.It federates credentials control to authorized applications.

B.It establishes trust between Identity store and service provider.

C.It solves all identity and access management problems.

D.It improves affiliated applications adoption rates.

E.It enables quick and easy provisioning and deactivating of users.

Correct Answer: A,B,D

Explanation
It federates credentials control to authorized applications. This means that users can access multiple applications across different domains or organizations using one set of credentials, without having to share their passwords with each application1. The applications rely on a trusted identity provider (IdP) to authenticate the users and grant them access.
It establishes trust between Identity store and service provider. This means that the IdP and the service provider (SP) have a mutual agreement to exchange identity information using standard protocols, such as SAML, OpenID Connect, or OAuth2. The IdP and the SP also share metadata and certificates to ensure secure communication and verification.
It improves affiliated applications adoption rates. This means that users are more likely to use applications that are connected to their existing identity provider, as they do not have to create or remember multiple passwords3. This also reduces the friction and frustration of logging in to different applications, and enhances the user experience.
The other options are not features of federated single sign-on solutions because:
It solves all identity and access management problems. This is false, as federated single sign-on solutions only address the authentication aspect of identity and access management, not the authorization, provisioning, governance, or auditing aspects. Federated single sign-on solutions also have some challenges, such as complexity, interoperability, and security risks.
It enables quick and easy provisioning and deactivating of users. This is not necessarily true, as federated single sign-on solutions do not automatically create or delete user accounts in the service provider applications. Users still need to be provisioned and deprovisioned manually or through other mechanisms, such as just-in-time provisioning or SCIM.
References: Federated Identity Management vs. Single Sign-On: What's the Difference?, What is single sign-on?, Single Sign-On (SSO) Solution, [Identity Management vs. Access Management: What's the Difference?], [Federated Identity Management Challenges], [Just-in-Time Provisioning for SAML], [SCIM User Provisioning]

Question 142

A division of a Northern Trail Outfitters (NTO) purchased Salesforce. NTO uses a third party identity provider (IdP) to validate user credentials against Its corporate Lightweight Directory Access Protocol (LDAP) directory. NTO wants to help employees remember as passwords as possible.
What should an identity architect recommend?

A.Use Salesforce connect to synchronize LDAP passwords to Salesforce.

B.Setup Salesforce as a Service Provider to the existing IdP.

C.Setup Salesforce as an IdP to authenticate against the LDAP directory.

D.Setup Salesforce as an Authentication Provider to the existing IdP.

Question 143

Northern Trail Outfitters is implementing a busmess-to-business (B2B) collaboration site using Salesforce Experience Cloud. The partners will authenticate with an existing identity provider and the solution will utilize Security Assertion Markup Language (SAML) to provide single sign-on to Salesforce. Delegated administration will be used in the Expenence Cloud site to allow the partners to administer their users' access.
How should a partner identity be provisioned in Salesforce for this solution?

A.Create a contactless user.

B.Create a person account.

C.Create only a contact.

D.Create a user and a related contact.

Question 144

Universal Containers (UC) is considering a Customer 360 initiative to gain a single source of the truth for its customer data across disparate systems and services. UC wants to understand the primary benefits of Customer
360 Identity and how it contributes ato successful Customer 360 Truth project.
What are two are key benefits of Customer 360 Identity as it relates to Customer 360?
Choose 2 answers

A.Customer 360 Identity not only provides a unified sign up and sign in experience, but also tracks anonymous user activity prior to signing up so organizations can understand user activity before and after the users identify themselves.

B.Customer 360 Identity automatically integrates with Customer 360 Data Manager and Customer 360 Audiences to seamlessly populate all user data.

C.Customer 360 Identity enables an organization to build a single login for each of its customers, giving the organization an understanding of the user's login activity across all its digital properties and applications.

D.Customer 360 Identity supports multiple brands so you can deliver centralized identity services and correlation of user activity, even if it spans multiple corporate brands and user experiences.

Question 145

A pharmaceutical company has an on-premise application (see illustration) that it wants to integrate with Salesforce.
The IT director wants to ensure that requests must include a certificate with a trusted certificate chain to access the company's on-premise application endpoint.
What should an Identity architect do to meet this requirement?

A.Use open SSL to generate a Self-signed Certificate and upload it to the on-premise app.

B.Configure the company firewall to allow traffic from Salesforce IP ranges.

C.Upload a third-party certificate from Salesforce into the on-premise server.

D.Generate a certificate authority-signed certificate in Salesforce and uploading it to the on-premise application Truststore.

Other Version: 4059Salesforce.Identity-and-Access-Management-Architect.v2023-02-25.q77

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 290Nokia.4A0-113.v2026-05-01.q69; 246EC-COUNCIL.312-49v11.v2026-04-30.q214; 226Microsoft.MB-820.v2026-04-30.q101; 204Salesforce.MC-202.v2026-04-30.q57; 203BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 454EMC.D-AV-DY-23.v2026-04-27.q184; 1107ServiceNow.CSA.v2026-04-27.q483

Question 141

Question 142

Question 143

Question 144

Question 145

Download PDF File