Universal Containers (UC) wants to build a few applications that leverage the Salesforce REST API. UC has asked its Architect to describe how the API calls will be authenticated to a specific user. Which two mechanisms can the Architect provide? Choose 2 Answers

• A.Authentication Token
• B.Access Token
• C.Session ID
• D.Refresh Token

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) is concerned that having a self-registration page will provide a means for "bots" or unintended audiences to create user records, thereby consuming licences and adding dirty data. Which two actions should UC take to prevent unauthorised form submissions during the self-registration process? Choose
2 answers

• A.Use open-ended security questions and complex password requirements
• B.Primarily use lookup and picklist fields on the self registration page.
• C.Require a captcha at the end of the self-registration process.
• D.Use hidden fields populated via java script events in the self-registration page.

Comment: *

Name: *

Email: *

Verification: *

A large consumer company is planning to create a community and will requ.re login through the customers social identity. The following requirements must be met:
1. The customer should be able to login with any of their social identities, however salesforce should only have one user per customer.
2. Once the customer has been identified with a social identity, they should not be required to authonze Salesforce.
3. The customers personal details from the social sign on need to be captured when the customer logs into Salesforce using their social Identity.
3. If the customer modifies their personal details in the social site, the changes should be updated in Salesforce .
Which two options allow the Identity Architect to fulfill the requirements?
Choose 2 answers

• A.Redirect the user to a custom page that allows the user to select an existing social identity for login.
• B.Use authentication providers for social sign-on and use the custom registration handler to insert or update personal details.
• C.Use the custom registration handler to link social identities to Salesforce identities.
• D.Use Login Flows to call an authentication registration handler to provision the user before logging the user into the community.

Comment: *

Name: *

Email: *

Verification: *

Containers (UC) uses a legacy Employee portal for their employees to collaborate. Employees access the portal from their company's internal website via SSO. It is set up to work with SiteMinder and Active Directory. The Employee portal has features to support posing ideas. UC decides to use Salesforce Ideas for voting and better tracking purposes. To avoid provisioning users on Salesforce, UC decides to integrate Employee portal ideas with Salesforce idea through the API. What is the role of Salesforce in the context of SSO, based on this scenario?

• A.Service Provider, because Salesforce is the application for managing ideas.
• B.Identity Provider, because the API calls are authenticated by Salesforce.
• C.Connected App, because Salesforce is connected with Employee portal via API.
• D.An independent system, because Salesforce is not part of the SSO setup.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) is setting up delegated authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risks of exposing the corporate login service on the internet and has asked that a reliable trust mechanism be put in place between the login service and Salesforce.
What mechanism should an Architect put in place to enable a trusted connection between the login service and Salesforce?

• A.Include Client Id and Client Secret in the login header callout.
• B.Set up a proxy service for the login service in the DMZ.
• C.Enforce mutual authentication between systems using SSL.
• D.Require the use of Salesforce security tokens on passwords.

Comment: *

Name: *

Email: *

Verification: *