Exam 2 Flashcards
Cosmic Electronics uses multiple identity providers (IdP) to authenticate Salesforce users. Users are required to go through Multi-Factor Authentication (MFA) before accessing Salesforce. Which of the following are valid considerations for using the ‘Authentication Method Reference’ (AMR) field in the login history to see which users log in with MFA from a particular identity provider?
Choose 2 answers.
The AMR field is used to monitor how OpenID Connect providers authenticate users who log in to Salesforce. The authentication method is pulled from JSON strings in the token returned by the identity provider.
Cosmic Data Solutions uses an Experience Cloud site that allows customers to access information about the company’s services. It would like to authenticate customers using Experience Cloud before they can make a purchase on the company’s main website. Which feature should an identity architect recommend for this requirement?
Choose 1 answer.
Embedded Login
Cosmic Enterprises utilizes a third-party cloud solution for an employee portal that only supports the OAuth protocol for user authentication. It would like employees to be able to log in to Salesforce with their third-party portal credentials for a seamless user experience. In addition, it is building a custom employee hub application on Amazon Web Services (AWS) that will store users’ credentials. The application users will also need to access Salesforce for certain internal operations. What mechanisms should an identity architect recommend to accept user authentication from the third-party portal and AWS?
Choose 2 answers.
Configure an OpenID Connect Authentication Provider for AWS. Create a custom external authentication provider for the employee portal.
Cosmic Data Solutions has set up SAML Single Sign-On (SSO) for Salesforce users using an external identity provider. A user has reported a ‘Signature Invalid’ error while logging in to Salesforce from the identity provider’s login page. Which of the following statements about this error are true?
Choose 2 answers.
There is a problem with the SAML configuration in Salesforce. The uploaded certificate failed to validate the signature in the assertion.
Cosmic Innovation would like to enable self-registration for its business-to-consumer (B2C) portal that is built on Experience Cloud. Which steps are required to configure self-registration using person accounts for this use case?
Choose 3 answers.
Enable person accounts in Salesforce Setup. Enable access to the person account record type. Leave the Account field empty on the Login & Registration page.
Cosmic Financial Services needs to audit and verify user login activity using an out-of-the-box Salesforce feature to meet certain compliance requirements. Specifically, the company needs to monitor login attempts, track user authentication methods, and identify suspicious behavior or unauthorized access. Which feature should an identity architect recommend for this use case?
Choose 1 answer.
Login History
Cosmic Whole Foods is building an Experience Cloud site for its customers and considering purchasing External Identity licenses. Which of the following are the advantages of assigning an External Identity license to a user?
Choose 2 answers.
The license provides access to several standard objects, such as Account, Contact, and Asset. The license allows a customer to access multiple apps with a single set of credentials.
A Salesforce development team at Cosmic Supermarket is building a business-to-business (B2B) collaboration site for the company’s platinum partners. Partners will authenticate with an existing identity provider using SAML Single Sign-On (SSO). Delegated Administration will allow the partner companies to administer their users’ access. What should an architect recommend to provision partner identities for this requirement?
Choose 1 answer.
Create a user and a related contact record.
