Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case? Choose 2 answers

• A.The Identity Provider can authenticate multiple social media accounts.
• B.The Identity provider can store credentials for multiple applications.
• C.The Identity Provider can centralize enterprise password policy.
• D.The Identity Provider can authenticate multiple applications.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) is looking to build a Canvas app and wants to use the corresponding Connected App to control where the app is visible. Which two options are correct in regards to where the app can be made visible under the Connected App setting for the Canvas app? Choose 2 answers

• A.Included in the Call Control Tool that's part of Open CTI.
• B.In the mobile navigation menu on Salesforce for Android.
• C.As part of the body of a Salesforce Knowledge article.
• D.The sidebar of a Salesforce Console as a console component.

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) has implemented ansp-Initiated SAML flow between an external IDP and salesforce. A user at UC is attempting to login to salesforce1 for the first time and is being prompted for salesforce credentials instead of being shown the IDP login page. What is the likely cause of the issue?

• A.The user has not configured the salesforce1 mobile app to use my domain for login
• B.The user has notbeen granted the "Enable single Sign-on" permission
• C.The "Redirect to identity provider" option has not been selected the SAML configuration.
• D.The "Redirect to Identity Provider" option has been selected in the my domain configuration.

Comment: *

Name: *

Email: *

Verification: *

A financial services company uses Salesforce and has a compliance requirement to track information about devices from which users log in. Also, a Salesforce Security Administrator needs to have the ability to revoke the device from which users log in.
What should be used to fulfill this requirement?

• A.Use the Login History object to track information about devices from which users log in.
• B.Use multi-factor authentication (MFA) to meet the compliance requirement to track device information.
• C.Use Login Flows to capture device from which users log in and store device and user information in a custom object.
• D.Use the Activations feature to meet the compliance requirement to track device information.

Comment: *

Name: *

Email: *

Verification: *

The security team at Universal Containers has identified exporting reports as a high-risk action and would like to require users to be logged into Salesforce with their Active Directory (AD) credentials when doing so. For all other uses of Salesforce, users should be allowed to use AD credentials or Salesforce credentials.
What solution should be recommended to prevent exporting reports except when logged in using AD credentials while maintaining the ability to view reports when logged in with Salesforce credentials?

• A.Use SAML Federated Authentication with a Login Flow to dynamically add or remove a Permission Set that grants the Export Reports permission.
• B.Use SAML Federated Authentication and Custom SAML JIT Provisioning to dynamically add or remove a Permission Set that grants the Export Reports permission.
• C.Use SAML Federated Authentication and block access to reports when accessed through a Standard Assurance session.
• D.Use SAML Federated Authentication, treat SAML Sessions as High Assurance, and raise the session level required for exporting reports.

Comment: *

Name: *

Email: *

Verification: *