How should an identity architect automate provisioning and deprovisioning of users into Salesforce from an external system?

• A.Call SOAP API upsertQ on user object.
• B.Run registration handler on incoming OAuth responses.
• C.Call OpenID Connect (OIDC)-userinfo endpoint with a valid access token.
• D.Use Security Assertion Markup Language Just-in-Time (SAML JIT) on incoming SAML assertions.

Comment: *

Name: *

Email: *

Verification: *

In a typical SSL setup involving atrusted party and trusting party, what consideration should an Architect take into account when using digital certificates?

• A.Use of self-signed certificate leads to lower maintenance for trusting party because there is no trusted CA cert to maintain.
• B.Use of self-signed certificate leads to higher maintenance for trusted party because they have to act as the trusted CA
• C.Use of self-signed certificate leads to higher maintenance for trusting party because the cert needs to be added to their truststore.
• D.Use of self-signed certificate leads to lower maintenance for trusted party because multiple self-signed certs need to be maintained.

Comment: *

Name: *

Email: *

Verification: *

Containers (UC) has implemented SAML-based single Sign-on for their Salesforce application and is planning to provide access to Salesforce on mobile devices using the Salesforce1 mobile app. UC wants to ensure that Single Sign-on is used for accessing the Salesforce1 mobile App. Which two recommendations should the Architect make? Choose 2 Answers

• A.Use the existing SAML SSO flow along with Web Server Flow.
• B.Configure the Embedded Web Browser to use My Domain URL.
• C.Configure the Salesforce1 App to use the MY Domain URL.
• D.Use the existing SAML-SSO flow along with User Agent Flow.

Comment: *

Name: *

Email: *

Verification: *

A global fitness equipment manufacturer uses Salesforce to manage its sales cycle. The manufacturer has a custom order fulfillment app that needs to request order data from Salesforce. The order fulfillment app needs to integrate with the Salesforce API using OAuth 2.0 protocol.
What should an identity architect use to fulfill this requirement?

• A.OAuth Tokens
• B.Authentication Providers
• C.Connected App and OAuth scopes
• D.Canvas App Integration

Comment: *

Name: *

Email: *

Verification: *

Containers (UC) has decided to implement a federated single Sign-on solution using a third-party Idp. In reviewing the third-party products, they would like to ensure the product supports the automated provisioning and deprovisioning of users. What are the underlining mechanisms that the UC Architect must ensure are part of the product?

• A.SOAP API for provisioning; Just-in-Time (JIT) for Deprovisioning.
• B.Provisioning API for both Provisioning and Deprovisioning.
• C.Just-in-Time (JIT) for both Provisioning and Deprovisioning.
• D.Just-In-time (JIT) for Provisioning; SOAP API for Deprovisioning.

Comment: *

Name: *

Email: *

Verification: *