Most Recent Salesforce Identity-and-Access-Management-Architect Exam Dumps

Prepare for the Salesforce Certified Identity and Access Management Architect exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the Salesforce Identity-and-Access-Management-Architect exam and achieve success.

The questions for Identity-and-Access-Management-Architect were last updated on Mar 29, 2025.

Viewing page 1 out of 50 pages.
Viewing questions 1-5 out of 248 questions

Get All 248 Questions & Answers

Question No. 1

The CMO of an advertising company has invited an Identity and Access Management (IAM) specialist to discuss Salesforce out-of-box capabilities for configuring the company*s login and registration experience on Salesforce Experience Cloud.

The CMO is looking to brand the login page with the company's logo, background color, login button color, and dynamic right-frame from an external URL.

Which two solutions should the IAM specialist recommend?

Choose 2 answers

AUse Experience Builder to build branded Reset and Forgot Password pages.

BBuild custom pages for branding requirements in Experience Cloud.

CBuild custom site pages for reset and forgot password features.

DLogin & Registration pages can be branded in the Community Administration settings.

Show Answer

Correct Answer: A, D

Question No. 2

Universal Containers (UC) is using its production org as the identity provider for a new Experience Cloud site and the identity architect is deciding which login experience to use for the site.

Which two page types are valid login page types for the site?

Choose 2 answers

AExperience Builder Page

Blightning Experience Page

CLogin Discovery Page

DEmbedded Login Page

Show Answer

Correct Answer: C, D

Question No. 3

A global company's Salesforce Identity Architect is reviewing its Salesforce production org login history and is seeing some intermittent Security Assertion Markup Language (SAML SSO) 'Replay Detected and Assertion Invalid' login errors.

Which two issues would cause these errors?

Choose 2 answers

AThe subject element is missing from the assertion sent to salesforce.

BThe certificate loaded into SSO configuration does not match the certificate used by the IdP.

CThe current time setting of the company's identity provider (IdP) and Salesforce platform is out of sync by more than eight minutes.

DThe assertion sent to 5alesforce contains an assertion ID previously used.

Show Answer

Correct Answer: A, D

Question No. 4

Universal Containers (UC) is setting up delegated authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risks of exposing the corporate login service on the internet and has asked that a reliable trust mechanism be put in place between the login service and Salesforce.

What mechanism should an Architect put in place to enable a trusted connection between the login service and Salesforce?

ARequire the use of Salesforce security tokens on passwords.

BEnforce mutual authentication between systems using SSL.

CInclude Client Id and Client Secret in the login header callout.

DSet up a proxy service for the login service in the DMZ.

Show Answer

Correct Answer: A

Question No. 5

customer service representatives at Universal containers (UC) are complaining that whenever they click on links to case records and are asked to login with SAML SSO, they are being redirected to the salesforce home tab and not the specific case record. What item should an architect advise the identity team at UC to investigate first?

AMy domain is configured and active within salesforce.

BThe salesforce SSO settings are using http post

CThe identity provider is correctly preserving the Relay state

DThe users have the correct Federation ID within salesforce.

Show Answer

Correct Answer: C

Unlock All Questions for Salesforce Identity-and-Access-Management-Architect Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 248 Questions & Answers