Northern Trail Outfitters (NTO) is planning to build a new customer service portal and wants to use passwordless login, allowing customers to login with a one-time passcode sent to them via email or SMS.
How should the quantity of required Identity Verification Credits be estimated?

• A.Identity Verification Credits are a direct add-on license based on the number of existing member-based or login-based Community licenses.
• B.Identity Verification Credits are consumed with each verification sent and should be estimated based on the number of logins that will incur a verification challenge.
• C.Each community comes with 10,000 Identity Verification Credits per month and only customers with more than 10,000 logins a month should estimate additional SMS verifications needed.
• D.Identity Verification Credits are consumed with each SMS (text message) sent and should be estimated based on the number of login verification challenges for SMS verification users.

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) is setting up Delegated Authentication to allow employees to log in using their corporate credentials. UC's security team is concerned about the risk of exposing the corporate login service on the Internet and has asked that a reliable trust mechanism be put in place between the login service and salesforce. What mechanism should an architect put in place to enable a trusted connection between the login services and salesforce?

• A.Require the use of Salesforce security Tokens on password.
• B.Include client ID and client secret in the login header callout.
• C.Enforce mutual Authentication between systems using SSL.
• D.Set up a proxy server for the login service in the DMZ.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) wants to build a mobile application that twill be making calls to the Salesforce REST API. UC's Salesforce implementation relies heavily on custom objects and custom Apex code. UC does not want its users to have to enter credentials every time they use the app. Which two scope values should an Architect recommend to UC? Choose 2 answers.

• A.Custom_permissions
• B.Full
• C.Refresh_token
• D.Api

Comment: *

Name: *

Email: *

Verification: *

Which two considerations should be made when implementing Delegated Authentication?
Choose 2 answers

• A.The authentication web service can include custom attributes.
• B.It requires trusted IP ranges at the User Profile level.
• C.Salesforce servers receive but do not validate a user's credentials.
• D.Just-in-time Provisioning can be configured for new users.
• E.It can be used to authenticate API clients and mobile apps.

Comment: *

Name: *

Email: *

Verification: *

A service provider (SP) supports both Security Assertion Markup Language (SAML) and OpenID Connect (OIDC).
When integrating this SP with Salesforce, which use case is the determining factor when choosing OIDC or SAML?

• A.The SP needs to perform API calls back to Salesforce on behalf of the user after the user logs in to the service provider.
• B.They are equivalent protocols and there is no real reason to choose one over the other.
• C.OIDC is more secure than SAML and therefore is the obvious choice.
• D.If the user has a session on Salesforce, you do not want them to be prompted for a username and password when they login to the SP.

Comment: *

Name: *

Email: *

Verification: *