Universal Containers (UC) plans to use a SAML-based third-party IdP serving both of the Salesforce Partner Community and the corporate portal. UC partners will log in 65* to the corporate portal to access protected resources, including links to Salesforce resources. What would be the recommended way to configure the IdP so that seamless access can be achieved in this scenario?

• A.Configure SP-initiated SSO that passes the SAML token upon Salesforce resource access request.
• B.Set up the corporate portal as a Connected App in Salesforce and use the User Agent OAuth flow.
• C.Set up the corporate portal as a Connected App in Salesforce and use the Web server OAuth flow.
• D.Configure IdP-initiated SSO that passes the SAML token upon Salesforce resource access request.

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) would like to enable SSO between their existing Active Directory infrastructure and salesforce. The it team prefers to manage all users in Active Directory and would like to avoid doing any initial setup of users in salesforce directly, including the correct assignment of profiles, roles and groups. Which two optimal solutions should UC use to provision users in salesforce? Choose 2 answers

• A.Use Active Directory Federation Services to sync users from active directory to salesforce.
• B.Use an app exchange product to sync users from Active Directory to salesforce.
• C.Use Identity connect to sync users from Active Directory to salesforce
• D.Use the salesforce REST API to sync users from active directory to salesforce

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) has implemented SAML-based Single Sign-On to provide seamless access to its Salesforce Orgs, financialsystem, and CPQ system. Below is the SSO implementation landscape.

What role combination is represented by the systems in this scenario''

• A.Financial System and CPQ System are the only Service Providers.
• B.Salesforce Org1 and Salesforce Org2 are acting as Identity Providers.
• C.Salesforce Org1 and PingFederate are acting as Identity Providers.
• D.Salesforce Org1 and Salesforce Org2 are the only Service Providers.

Comment: *

Name: *

Email: *

Verification: *

Users logging into Salesforce are frequently prompted to verify their identity.
The identity architect is required to provide recommendations so that frequency of prompt verification can be reduced.
What should the identity architect recommend to meet the requirement?

• A.Implement 2FA authentication for the Salesforce org.
• B.Set trusted IP ranges for the organization.
• C.Implement multi-factor authentication for the Salesforce org.
• D.Implement an single sign-on for Salesforce using an external identity provider.

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) has a mobile application that calls the salesforce REST API. In order to prevent users from having to enter their credentials everytime they use the app, UC has enabled the use of refresh Tokens as part of the salesforce connected App and updated their mobile app to take advantage of the refresh token. Even after enabling the refresh token, Users are still complaining that they have to enter their credentials once a day. What is the most likely cause of the issue?

• A.The Oauth authorizations are being revoked by a nightly batch job.
• B.The users forget to check the box to remember their credentials.
• C.The refresh token expiration policy is set incorrectly in salesforce
• D.The app is requesting too many access Tokens in a 24-hour period

Comment: *

Name: *

Email: *

Verification: *