A large consumer company is planning to create a community and will requ.re login through the customers social identity. The following requirements must be met:
1. The customer should be able to login with any of their social identities, however salesforce should only have one user per customer.
2. Once the customer has been identified with a social identity, they should not be required to authonze Salesforce.
3. The customers personal details from the social sign on need to be captured when the customer logs into Salesforce using their social Identity.
3. If the customer modifies their personal details in the social site, the changes should be updated in Salesforce .
Which two options allow the Identity Architect to fulfill the requirements?
Choose 2 answers

• A.Use authentication providers for social sign-on and use the custom registration handler to insert or update personal details.
• B.Use Login Flows to call an authentication registration handler to provision the user before logging the user into the community.
• C.Use the custom registration handler to link social identities to Salesforce identities.
• D.Redirect the user to a custom page that allows the user to select an existing social identity for login.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) employees have Salesforce access from restricted IP ranges only, to protect against unauthorized access. UC wants to roll out the Salesforce mobile app and make it accessible from any location.
Which two options should an Architect recommend? (Choose two.)

• A.Remove existing restrictions on IP ranges for all types of user access.
• B.Use Login Flow to bypass IP range restriction for the mobile app.
• C.Relax the IP restriction with a second factor in the Connect App settings for Salesforce mobile app.
• D.Relax the IP restriction in the Connect App settings for the Salesforce mobile app.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) would like to enable SAML based SSO for a Salesforce Partner Community. UC has an existing LDAP identity store and a third-party portal. They would like to use the existing portal as the primary site these users access, but also want to allow seamless access to the partner community. What SSO flow should an Architect recommend?

• A.User- Agent.
• B.Web Server.
• C.SP-Initiated.
• D.Idp-Initiated.

Comment: *

Name: *

Email: *

Verification: *

Northern Trail Outfitters (NTO) utilizes a third-party cloud solution for an employee portal. NTO also owns Salesforce Service Cloud and would like employees to be able to login to Salesforce with their third-party portal credentials for a seamless expenence. The third-party employee portal only supports OAuth.
What should an identity architect recommend to enable single sign-on (SSO) between the portal and Salesforce?

• A.Create a custom external authentication provider.
• B.Add the third-party portal as a connected app.
• C.Configure SSO to use the third party portal as an identity provider.
• D.Configure Salesforce for Delegated Authentication.

Comment: *

Name: *

Email: *

Verification: *

Northern Trail Outfitters (NTO) has an existing custom business-to-consumer (B2C) website that does NOT support single sign-on standards, such as Security Assertion Markup Language (SAMi) or OAuth. NTO wants to use Salesforce Identity to register and authenticate new customers on the website.
Which two Salesforce features should an identity architect use in order to provide username/password authentication for the website?
Choose 2 answers

• A.Delegated Authentication
• B.Embedded Login
• C.Identity Connect
• D.Connected Apps

Comment: *

Name: *

Email: *

Verification: *