Universal Containers (UC) has a classified information system that its call center team uses only when they are working on a case with a record type "Classified". They are only allowed to access the system when they own an open "Classified" case, and their access to the system is removed at all other times. They would like to implement SAML SSO eith Salesforce as the Idp, and automatically allow or deny the staff's access to the classified information system based on whether they currently own an open "Classified" case record when they try to access the system using SSO. What is the recommended solution for automatically allowing or denying the access to the classified information system based on the open "classified" case record criteria?

• A.Use Apex trigger on case to dynamically assign permission Sets that Grant access when an user is assigned with an open "Classified" case, and remove it when the case is closed.
• B.Use a Common Connected App Handler using Apex to dynamically allow access to the system based on whether the staff owns any open "Classified" Cases.
• C.Use Salesforce reports to identify users that currently owns open "Classified" cases and should be granted access to the Classified information system.
• D.Use Custom SAML JIT Provisioning to dynamically query the user's open "Classified" cases when attempting to access the classified information system.

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) uses Active Directory (AD) as their identity store for employees and must continue to do so for network access. UC is undergoing a major transformation program and moving all of their enterprise applications to cloud platforms including Salesforct, Workday, and SAP HANA.
UC needs to implement an SSO solution for accessing all of the third-party cloud applications and the CIO is inclined to use Salesforce for all of their identity and access management needs.
Which two Salesforce license types does UC need for its employees'
Choose 2 answers

• A.Chatter Only and Identity licenses
• B.Salesforce and Identity Connect licenses
• C.Company Community and Identity licenses
• D.Identity and Identity Connect licenses

Comment: *

Name: *

Email: *

Verification: *

Universal Containers (UC) wants to build a mobile application that twill be making calls to the Salesforce REST API. UC's Salesforce implementation relies heavily on custom objects and custom Apex code. UC does not want its users to have to enter credentials every time they use the app. Which two scope values should an Architect recommend to UC? Choose 2 answers.

• A.Full
• B.Refresh_token
• C.Api
• D.Custom_permissions

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) has implemented ansp-Initiated SAML flow between an external IDP and salesforce. A user at UC is attempting to login to salesforce1 for the first time and is being prompted for salesforce credentials instead of being shown the IDP login page. What is the likely cause of the issue?

• A.The "Redirect to identity provider" option has not been selected the SAML configuration.
• B.The user has not been granted the "Enable single Sign-on" permission
• C.The "Redirect to Identity Provider" option has been selected in the my domain configuration.
• D.The user has not configured the salesforce1 mobile app to use my domain for login

Comment: *

Name: *

Email: *

Verification: *

An Architect needs to set up a Facebook Authentication provider as a login option for a Salesforce Customer Community.
What portion of the authentication provider setup associates a Facebook user with a Salesforce user?

• A.Apex Registration Handler
• B.Federation ID
• C.Consumer Key and Consumer Secret
• D.User Info Endpoint URL

Comment: *

Name: *

Email: *

Verification: *