An Architect has configured a SAML-based SSO integration between Salesforce and an external Identity provider and is ready to test it. When the Architect attempts to log in to Salesforce using SSO, the Architect receives a SAML error. Which two optimal actions should the Architect take to troubleshoot the issue?

• A.Paste the SAML Assertion Validator in Salesforce.
• B.Use the browser's Development tools to view the Salesforce page's markup.
• C.Use a browser that has an add-on/extension that can inspect SAML.
• D.Ensure the Callback URL is correctly set in the Connected Apps settings.

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) is concerned that having a self-registration page will provide a means for "bots" or unintended audiences to create user records, thereby consuming licences and adding dirty dat a. Which two actions should UC take to prevent unauthorised form submissions during the self-registration process? Choose 2 answers

• A.Use open-ended security questions and complex password requirements
• B.Use hidden fields populated via java script events in the self-registration page.
• C.Require a captcha at the end of the self-registration process.
• D.Primarily use lookup and picklist fields on the self registration page.

Comment: *

Name: *

Email: *

Verification: *

An Identity and Access Management (IAM) Architect is recommending Identity Connect to integrate Microsoft Active Directory (AD) with Salesforce for user provisioning, deprovisioning and single sign-on (SSO).
Which feature of Identity Connect is applicable for this scenano?

• A.If the number of provisioned users exceeds Salesforce licence allowances, identity Connect will start disabling the existing Salesforce users in First-in, First-out (FIFO) fashion.
• B.Identity Connect can be deployed as a managed package on salesforce org, leveraging High Availability of Salesforce Platform out-of-the-box.
• C.When Identity Connect is in place, if a user is deprovisioned in an on-premise AD, the user's Salesforce session Is revoked Immediately.
• D.When configured, Identity Connect acts as an identity provider to both Active Directory and Salesforce, thus providing SSO as a default feature.

Comment: *

Name: *

Email: *

Verification: *

Universal containers (UC) has decided to use identity connect as it's identity provider. UC uses active directory(AD) and has a team that is very familiar and comfortable with managing ad groups. UC would like to use AD groups to help configure salesforce users. Which three actions can AD groups control through identity connect? Choose 3 answers

• A.Permission sets assignment
• B.Role Assignment
• C.Custom permission assignment
• D.Granting report folder access
• E.Public Group Assignment

Comment: *

Name: *

Email: *

Verification: *

Universalcontainers wants salesforce inbound Oauth-enabled integration clients to use SAML-BASED single Sign-on for authentication. What Oauth flow would be recommended in this scenario?

• A.User-Agent Oauth flow
• B.SAML assertion Oauth flow
• C.Web server Oauth flow
• D.User-Token Oauth flow

Comment: *

Name: *

Email: *

Verification: *