Universal Containers (UC) would liketo enable self-registration for their Salesforce Partner Community Users.
UC wants to capture some custom data elements from the partner user, and based on these data elements, wants to assign the appropriate Profile and Account values.
Which two actions should the Architect recommend to UC1
Choose 2 answers

• A.Modify the SelfRegistration trigger to assign Profile and Account.
• B.Configure Registration for Communities to use a custom Visualforce Page.
• C.Modify the CommunitiesSelfRegController to assign theProfile and Account.
• D.Configure Registration for Communities to use a custom Apex Controller.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) has Active Directory (AD) as their enterprise identity store and would like to use it for Salesforce user authentication. UC expects to synchronize user data between Salesforce and AD and Assign the appropriate Profile and Permission Sets based on AD group membership. What would be the optimal way to implement SSO?

• A.Use Active Directory with Reverse Proxy as the Identity Provider.
• B.Use Salesforce Identity Connect as the Identity Provider.
• C.Use Active Directory Federation Service (ADFS) as the Identity Provider.
• D.Use Microsoft Access control Service as the Authentication provider.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) is both a Salesforce and Google Apps customer. The UC IT team would like to manage the users for both systems in a single place to reduce administrative burden.
Which two recommended ways can the IT team provision users and allow Single Sign-on between Salesforce and Google Apps? (Choose two.)

• A.Use Identity Connect as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
• B.Use a third-party product as the Identity Provider for both Salesforce and Google Apps and manage the provisioning from there.
• C.Use Salesforce as the Identity Provider and Google Apps as a Service Provider and configure User Provisioning for Connected Apps.
• D.Build a custom app running on Heroku as the Identity Provider that can sync user information between Salesforce and Google Apps.

Comment: *

Name: *

Email: *

Verification: *

The security team at Universal Containers has identified exporting reports as a high-risk action and would like to require users to be logged into Salesforce with their Active Directory (AD) credentials when doing so.
For all other uses of Salesforce, users should be allowed to use AD credentials or Salesforce credentials.
What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with Salesforce credentials?

• A.Use SAML Federated Authentication with a Login Flow to dynamically add or remove a Permission Set that grants the Export Reports permission.
• B.Use SAML Federated Authentication, treat SAML Sessions as High Assurance, and raise the session level required for exporting reports.
• C.Use SAML Federated Authentication and block access to reports when accessed through a Standard Assurance session.
• D.Use SAML Federated Authentication and Custom SAML JIT Provisioning to dynamically add or remove a Permission Set that grants the Export Reports permission.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) is concerned that having a self-registration page will provide a means for "bots" or unintended audiences to create user records, thereby consuming licenses and adding dirty data.
Which two actions should UC take to prevent unauthorized form submissions during the self-registration process? (Choose two.)

• A.Primarily use lookup and picklist fields on the self-registration page.
• B.Use open-ended security questions and complex password requirements.
• C.Require a CAPTCHA at the end of the self-registration process.
• D.Use hidden fields populated via JavaScript events in the self-registration page.

Comment: *

Name: *

Email: *

Verification: *