Question 1

Universal Containers (UC) has an existing web application that it would like to access from Salesforce withoutrequiring users to re-authenticate. The web application is owned UC and the UC team that is responsible for itis willing to add new javascript code and/or libraries to the application. What implementation should anArchitect recommend to UC?

Options :

A : Create a Canvas app and use Signed Requests to authenticate the users.

B : Rewrite the web application as a set of Visualforce pages and Apex code.

C : Configure the web application as an item in the Salesforce App Launcher.

D : Add the web application as a ConnectedApp using OAuth User-Agent flow.

Answer: A

Question 2

Universal containers (UC) uses a legacy Employee portal for their employees to collaborate and post theirideas. UC decides to use salesforce ideas for voting and better tracking purposes. To avoid provisioning userson Salesforce, UC decides to push ideas posted on the Employee portal to salesforce through API. UC decidesto use an API user using Oauth Username - password flow for the connection. How can the connection tosalesforce be restricted only to the employee portal server?

Options :

A : Add the Employee portals IP address to the Trusted IP range for the connected App

B : Use a digital certificate signed by the employee portal Server.

C : Add the employee portals IP address to the login IP range on the user profile.

D : Use a dedicated profile for the user the Employee portal uses.

Answer: A

Question 3

Northern Trail Outfitters is implementing a busmess-to-business (B2B) collaboration site using SalesforceExperience Cloud. The partners will authenticate with an existing identity provider and the solution will utilizeSecurity Assertion Markup Language (SAML) to provide single sign-on to Salesforce. Delegatedadministration will be used in the Expenence Cloud site to allow the partners to administer their users' access.How should a partner identity be provisioned in Salesforce for this solution?

Options :

A : Create only a contact.

B : Create a contactless user.

C : Create a user and a related contact.

D : Create a person account.

Answer: C

Question 4

What item should an Architect consider when designing a Delegated Authentication implementation?

Options :

A : The Web service should be secured with TLS using Salesforce trusted certificates.

B : The Web service should be able to accept one to four input method parameters.

C : The web service should use the Salesforce Federation ID to identify the user.

D : The Web service should implement a custom password decryption method.

Answer: A

Question 5

Universal Containers (UC) has built a custom token-based Two-factor authentication (2FA) system for their existing on-premise applications. They are now implementing Salesforce and would like to enable a Two-factor login process for it, as well. What is the recommended solution as Architect should consider?

Options :

A : Use the custom 2FA system for on-premise applications and native 2FA for Salesforce.

B : Replace the custom 2FA system with an AppExchange App that supports on premise application and salesforce.

C : Use Custom Login Flows to connect to the existing custom 2FA system for use in Salesforce.

D : Replace the custom 2FA system with Salesforce 2FA for on-premise applications and Salesforce.

Answer: D

Free Plat-Arch-203 Mock Exam – Practice Online Confidently

Buying Options: