Free Certified Identity and Access Management Designer Sample Questions — Certified Identity and Access Management Designer

Free Certified Identity and Access Management Designer sample questions for the Certified Identity and Access Management Designer exam. No account required: study at your own pace.

Want an interactive quiz? Take the full Certified Identity and Access Management Designer practice test

Looking for more? Click here to get the full PDF with 33+ practice questions for $4 for offline study and deeper preparation.

Question 1

Which three capabilities does SAML-based Federated authentication provide? (Choose three.)

A. Centralized federation provides single point of access, control and auditing
B. Access tokens are used to access resources on the server once the user is authenticated
C. Web applications with no passwords are more secure and stronger against hacks
D. Trust relationships between Identity Provider and Service Provider are required
E. SAML tokens can be in XML or JSON format and can be used interchangeably

Show Answer

Correct Answer:

A. Centralized federation provides single point of access, control and auditing
C. Web applications with no passwords are more secure and stronger against hacks
D. Trust relationships between Identity Provider and Service Provider are required

Question 2

Universal Containers (UC) is building a custom Innovation platform on their Salesforce instance. The Innovation platform will be written completely in Apex and Visualforce and will use custom objects to store the data. UC would like all users to be able to access the system without having to log in with Salesforce credentials. UC will utilize a third-party IdP using SAML SSO. What is the recommended Salesforce license type for all of the UC employees?

A. Salesforce Platform license
B. External Identity license
C. Identity license
D. Salesforce license

Show Answer

Correct Answer:

A. Salesforce Platform license

Question 3

Universal Containers (UC) has a Customer Community that uses Facebook for authentication. UC would like to ensure that changes in the Facebook profile are reflected on the appropriate Customer Community user. How can this requirement be met?

A. Develop a scheduled job that calls out to Facebook on a nightly basis
B. Use the updateUser() method on the Registration Handler class
C. Use SAML Just-In-Time Provisioning between Facebook and Salesforce
D. Use information in the Signed Request that is received from Facebook

Show Answer

Correct Answer:

B. Use the updateUser() method on the Registration Handler class

Question 4

Universal Containers (UC) wants to build a mobile application that will be making calls to the Salesforce REST API. UC's Salesforce implementation relies heavily on custom objects and custom Apex code. UC does not want its users to have to enter credentials every time they use the app. Which two scope values should an Architect recommend to UC? (Choose two.)

A. full
B. api
C. refresh_token
D. custom_permissions

Show Answer

Correct Answer:

B. api
C. refresh_token

Question 5

Universal Containers (UC) is looking to purchase a third-party application as an Identity Provider. UC is looking to develop a business case for the purchase in general and has enlisted an Architect for advice. Which two capabilities of an Identity Provider should the Architect detail to help strengthen the business case? (Choose two.)

A. The Identity Provider can authenticate multiple applications
B. The Identity Provider can authenticate multiple social media accounts
C. The Identity Provider can store credentials for multiple applications
D. The Identity Provider can centralize enterprise password policy

Show Answer

Correct Answer:

A. The Identity Provider can authenticate multiple applications
D. The Identity Provider can centralize enterprise password policy

Aced these? Get the Full Exam

Download the complete Certified Identity and Access Management Designer study bundle with 33+ questions in a single printable PDF.

Purchase Full Exam PDF | $4