← Back to exam page

Identity-and-Access-Management-Architect Salesforce Certified Identity and Access Management Architect (WI23)

Loading demo links...

Showing 4–6 of 15 questions

Question 4

Universal Containers (UC) employees have Salesforce access from restricted IP ranges only, to protect against unauthorised access. UC wants to roll out the Salesforce1 mobile app and make it accessible from any location. Which two options should an Architect recommend? Choose 2 answers

Select all that apply, then click Submit answer.

  • Relax the IP restriction with a second factor in the Connect App settings for Salesforce1 mobile app.

  • Remove existing restrictions on IP ranges for all types of user access.

  • Relax the IP restrictions in the Connect App settings for the Salesforce1 mobile app.

  • Use Login Flow to bypass IP range restriction for the mobile app.
Question 5

Universal Containers (UC) is building an integration between Salesforce and a legacy web applications using the canvas framework. The security for UC has determined that a signed request from Salesforce is not an adequate authentication solution for the Third-Party app. Which two options should the Architect consider for authenticating the third-party app using the canvas framework? Choose 2 Answers

Select all that apply, then click Submit answer.

  • Utilize the SAML Single Sign-on flow to allow the third-party to authenticate itself against UC's IdP.

  • Utilize Authorization Providers to allow the third-party appliction to authenticate itself against Salesforce as the Idp.

  • Utilize Canvas OAuth flow to allow the third-party appliction to authenticate itself against Salesforce as the Idp.

  • Create a registration handler Apex class to allow the third-party appliction to authenticate itself against Salesforce as the Idp.
Question 6

Which two security risks can be mitigated by enabling Two-Factor Authentication (2FA) in Salesforce? Choose 2 answers

Select all that apply, then click Submit answer.

  • Users leaving laptops unattended and not logging out of Salesforce.

  • Users accessing Salesforce from a public Wi-Fi access point.

  • Users choosing passwords that are the same as their Facebook password.

  • Users creating simple-to-guess password reset questions.